urlscan.io logo urlscan.io
SecurityTrails logo

www.hallensteins.com Open in urlscan Pro
151.101.114.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2X4ogbD
Effective URL: https://www.hallensteins.com/?utm_source=SMS&utm_medium=sept-2021&utm_campaign=spend-save
Submission: On September 09 via manual from NZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 6 countries across 26 domains to perform 110 HTTP transactions. The main IP is 151.101.114.132, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.hallensteins.com.
TLS certificate: Issued by R3 on July 13th 2021. Valid for: 3 months.
This is the only time www.hallensteins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
34 151.101.114.132 54113 (FASTLY)
5 23.32.238.192 20940 (AKAMAI-ASN1)
19 94.31.29.128 33438 (HIGHWINDS2)
1 104.109.64.186 16625 (AKAMAI-AS)
1 172.217.169.72 15169 (GOOGLE)
1 13.224.217.212 16509 (AMAZON-02)
1 151.139.237.160 33438 (HIGHWINDS2)
2 142.250.200.46 15169 (GOOGLE)
3 3.211.18.187 14618 (AMAZON-AES)
4 142.250.180.14 15169 (GOOGLE)
3 185.60.218.24 32934 (FACEBOOK)
3 9 216.58.212.198 15169 (GOOGLE)
1 13.224.225.42 16509 (AMAZON-02)
2 91.228.74.134 16509 (AMAZON-02)
3 204.79.197.200 8068 (MICROSOFT...)
4 104.126.37.178 20940 (AKAMAI-ASN1)
1 2 40.82.218.196 8075 (MICROSOFT...)
1 13.224.225.79 16509 (AMAZON-02)
1 151.139.245.9 33438 (HIGHWINDS2)
1 216.58.212.234 15169 (GOOGLE)
1 13.224.225.84 16509 (AMAZON-02)
1 13.224.225.115 16509 (AMAZON-02)
1 18.157.63.213 16509 (AMAZON-02)
2 13.224.225.100 16509 (AMAZON-02)
1 64.233.166.154 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 13.224.225.65 16509 (AMAZON-02)
1 142.250.180.4 15169 (GOOGLE)
3 172.217.169.66 15169 (GOOGLE)
2 185.60.218.35 32934 (FACEBOOK)
1 34.117.30.199 15169 (GOOGLE)
1 52.57.60.131 16509 (AMAZON-02)
110 33
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
34    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.hallensteins.com
5    23.32.238.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-192.deploy.static.akamaitechnologies.com
use.typekit.net
19    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
api.getcandid.com
1    104.109.64.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-64-186.deploy.static.akamaitechnologies.com
p.typekit.net
1    172.217.169.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f8.1e100.net
www.googletagmanager.com
1    13.224.217.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-217-212.lhr61.r.cloudfront.net
www.datadoghq-browser-agent.com
1    151.139.237.160 (United States)

ASN33438 (HIGHWINDS2, US)
content-getcandid.netdna-ssl.com
2    142.250.200.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f14.1e100.net
www.youtube.com
3    3.211.18.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-18-187.compute-1.amazonaws.com
candid-io.site44.com
4    142.250.180.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f14.1e100.net
www.google-analytics.com
3    185.60.218.24 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-otp1.fbcdn.net
connect.facebook.net
9    216.58.212.198 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s21-in-f6.1e100.net
8724567.fls.doubleclick.net
10770498.fls.doubleclick.net
10770501.fls.doubleclick.net
1    13.224.225.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-42.lhr61.r.cloudfront.net
static.hotjar.com
2    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
bat.bing.com
4    104.126.37.178 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-178.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    40.82.218.196 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: commissionfactory.com
t.cfjump.com
cfjump.hallensteins.com.au
1    13.224.225.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-79.lhr61.r.cloudfront.net
cdn.scarabresearch.com
1    151.139.245.9 (United States)

ASN33438 (HIGHWINDS2, US)
cdn.pushalert.co
1    216.58.212.234 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f234.1e100.net
ajax.googleapis.com
1    13.224.225.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-84.lhr61.r.cloudfront.net
rules.quantcount.com
1    13.224.225.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-115.lhr61.r.cloudfront.net
script.hotjar.com
1    18.157.63.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-63-213.eu-central-1.compute.amazonaws.com
recommender.scarabresearch.com
2    13.224.225.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-100.lhr61.r.cloudfront.net
static.scarabresearch.com
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
stats.g.doubleclick.net
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    13.224.225.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-65.lhr61.r.cloudfront.net
vars.hotjar.com
1    142.250.180.4 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f4.1e100.net
www.google.com
3    172.217.169.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f2.1e100.net
adservice.google.com
2    185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
www.facebook.com
1    34.117.30.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.30.117.34.bc.googleusercontent.com
webchannel-content.eservice.emarsys.net
1    52.57.60.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
recommender-eu.scarabresearch.com
Domain Requested by
34 www.hallensteins.com www.hallensteins.com
19 api.getcandid.com www.hallensteins.com
api.getcandid.com
ajax.googleapis.com
5 use.typekit.net www.hallensteins.com
use.typekit.net
4 analytics.tiktok.com www.hallensteins.com
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
api.getcandid.com
www.google-analytics.com
www.hallensteins.com
3 adservice.google.com 8724567.fls.doubleclick.net
10770501.fls.doubleclick.net
10770498.fls.doubleclick.net
3 10770501.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.hallensteins.com
3 10770498.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.hallensteins.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.hallensteins.com
3 8724567.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.hallensteins.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 candid-io.site44.com api.getcandid.com
2 www.facebook.com www.hallensteins.com
2 static.scarabresearch.com cdn.scarabresearch.com
2 www.youtube.com www.hallensteins.com
www.youtube.com
1 recommender-eu.scarabresearch.com www.datadoghq-browser-agent.com
1 webchannel-content.eservice.emarsys.net www.datadoghq-browser-agent.com
1 pixel.quantserve.com www.hallensteins.com
1 www.google.com www.hallensteins.com
1 vars.hotjar.com static.hotjar.com
1 maxcdn.bootstrapcdn.com ajax.googleapis.com
1 stats.g.doubleclick.net www.datadoghq-browser-agent.com
1 recommender.scarabresearch.com www.datadoghq-browser-agent.com
1 script.hotjar.com static.hotjar.com
1 rules.quantcount.com secure.quantserve.com
1 ajax.googleapis.com api.getcandid.com
1 cdn.pushalert.co www.hallensteins.com
1 cdn.scarabresearch.com www.hallensteins.com
1 cfjump.hallensteins.com.au www.hallensteins.com
1 t.cfjump.com 1 redirects
1 secure.quantserve.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 content-getcandid.netdna-ssl.com api.getcandid.com
1 www.datadoghq-browser-agent.com www.hallensteins.com
1 www.googletagmanager.com www.hallensteins.com
1 p.typekit.net use.typekit.net
1 bit.ly 1 redirects
110 37
Subject Issuer Validity Valid
*.hallensteins.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
www.getcandid.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-25 -
2022-01-21		 5 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.site44.com
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
cfjump.hallensteins.com.au
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.scarabresearch.com
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
*.pushalert.co
Sectigo RSA Organization Validation Secure Server CA		 2021-04-13 -
2022-05-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
webchannel-content.eservice.emarsys.net
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.hallensteins.com/?utm_source=SMS&utm_medium=sept-2021&utm_campaign=spend-save
Frame ID: FC3E512156D50D1FA956AA3FFAB22632
Requests: 87 HTTP requests in this frame

Frame: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Frame ID: F672C9A753039EDF1CFA24E865DEC597
Requests: 19 HTTP requests in this frame

Frame: https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Frame ID: 093459E4D59EEA6A51A7A1F2D458D6A1
Requests: 2 HTTP requests in this frame

Frame: https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Frame ID: 5FE43F03F915EEC6AAFA77C8B194A8B8
Requests: 2 HTTP requests in this frame

Frame: https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Frame ID: 41A773A8E0CA08711EBF0A9478DF0AB7
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 8F1453F4EC3E4A4E3FE1AD5B2DE2E3E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Men's Clothes Online | Hallenstein Brothers NZ

Page URL History Show full URLs

  1. http://bit.ly/2X4ogbD HTTP 301
    https://www.hallensteins.com/?utm_source=SMS&utm_medium=sept-2021&utm_campaign=spend-save Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

110
Requests

100 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

33
IPs

6
Countries

4349 kB
Transfer

8042 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2X4ogbD HTTP 301
    https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://8724567.fls.doubleclick.net/activityi;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save HTTP 302
  • https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Request Chain 59
  • https://10770498.fls.doubleclick.net/activityi;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save HTTP 302
  • https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Request Chain 60
  • https://10770501.fls.doubleclick.net/activityi;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save HTTP 302
  • https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Request Chain 62
  • https://t.cfjump.com/tag/11005 HTTP 302
  • https://cfjump.hallensteins.com.au/tag/11005

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hallensteins.com/
Redirect Chain
  • http://bit.ly/2X4ogbD
  • https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
324 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0179b9328e11106aceea5972035e20ff0417a88f3e1c5d7c5f2fb719d2a1a088
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.hallensteins.com
:scheme
https
:path
/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
content-type
text/html;charset=UTF-8
set-cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; path=/; secure; HttpOnly cs_psuserhash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly cs_pagestab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly cs_expandedpages=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly pscartkey=92f3427bce3db0b19814144261b1e80b; expires=Sat, 09-Oct-2021 05:44:01 GMT; Max-Age=2592000; path=/; secure; HttpOnly bp_welcome=61399f21969e3; expires=Tue, 08-Mar-2022 05:44:01 GMT; Max-Age=15552000; path=/ landedpage=%2F; expires=Sat, 09-Oct-2021 16:17:21 GMT; Max-Age=2630000; path=/ currentregion=17; expires=Thu, 09-Sep-2021 06:44:01 GMT; Max-Age=3600; path=/; secure; HttpOnly csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; expires=Thu, 09-Sep-2021 06:14:01 GMT; Max-Age=1800; path=/; secure; HttpOnly csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; expires=Thu, 09-Sep-2021 06:14:01 GMT; Max-Age=1800; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Thu, 09 Sep 2021 05:44:01 GMT
x-served-by
cache-akl10320-AKL, cache-hhn4051-HHN
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1631166241.451136,VS0,VE388
vary
Accept-Encoding
strict-transport-security
max-age=300

Redirect headers

Server
nginx
Date
Thu, 09 Sep 2021 05:44:01 GMT
Content-Type
text/html; charset=utf-8
Content-Length
192
Cache-Control
private, max-age=90
Location
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Set-Cookie
_bit=l895I1-7ce6b5912f459706bd-00S; Domain=bit.ly; Expires=Tue, 08 Mar 2022 05:44:01 GMT
Via
1.1 google
2381619066
www.hallensteins.com/static/css/ 		604 KB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d89afc68e39edd5a4609fadecb276acfa3efbb327d8cd59efea20bef3089183d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546066
x-cache
HIT, HIT
x-cache-hits
4, 1
vary
Accept-Encoding
content-length
133954
x-xss-protection
1; mode=block
x-served-by
cache-akl10332-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.894568,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/css;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Sun, 03 Oct 2021 11:02:55 +1300
evk5kft.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/evk5kft.css
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d59f2aa9ec1859fd55b207dc1868e133d037f8e1954b60d1b49296bb51a17d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 09 Sep 2021 05:44:02 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
844
flag-international.svg
www.hallensteins.com/content/images/ 		2 KB
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/images/flag-international.svg
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
251d3356fd63a1395d963870890e7170f871d502bd4279d85d9cc71bbc8b159a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/images/flag-international.svg
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
6kl4ExkoIPSFLh7k3ulqgDWzMfUMT0rF
content-encoding
gzip
etag
"c12ad937d776eebaa5ae567c17a96c77"
age
3237
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
697
x-amz-id-2
Gyo/9gJy70Zg18ZTZasM9BkNeqIZ5tYFWYCmfoQCon4Dv9StCbRXOYjkzHVaP8xrHv2U6OQHK1M=
x-served-by
cache-syd10137-SYD, cache-hhn4051-HHN
last-modified
Wed, 14 Apr 2021 09:08:12 GMT
server
AmazonS3
x-timer
S1631166242.112019,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
7T2XMGW2BTZ3EMHK
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
4, 1
flag-nz.svg
www.hallensteins.com/content/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/images/flag-nz.svg
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dce4dd92f69c9fb964bc8f5eb8d082aa9018083d7005325dd35da6f073f49e05
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/images/flag-nz.svg
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
i6FHL5jDATExWlIWewvTJj5WKE5lByak
content-encoding
gzip
etag
"ad098d1b550af9276392dad90838795c"
age
3821
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
848
x-amz-id-2
2qRz5Q3Z/7hFyldnRAleFlIeFpFD+BBbglr8lTx1MhzfFSs95QLstpS5mPlBKwjOE1Hgy0YTnok=
x-served-by
cache-syd10144-SYD, cache-hhn4051-HHN
last-modified
Wed, 14 Apr 2021 09:08:12 GMT
server
AmazonS3
x-timer
S1631166242.112069,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
YDHV7CYSRA49WNWM
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
12, 1
flag-au.svg
www.hallensteins.com/content/images/ 		1 KB
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/images/flag-au.svg
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a14645b125a6456184a0d31833d55ca3b8e70500c40b24fbda0ad031c8cf842
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/images/flag-au.svg
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
FXtsquW4xkS.WoQkff3.04pJsjix3ZDX
content-encoding
gzip
etag
"352b006fb10a1f05cf1b1a966357a3ca"
age
5217
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
617
x-amz-id-2
O1oogOfXX8QIxoQqIw4NVOjSKDOs20vl8tHOgfUSWq+Ncsb34YYAef7rDT1oBDzTYvR8XAMG0aU=
x-served-by
cache-syd10178-SYD, cache-hhn4051-HHN
last-modified
Wed, 14 Apr 2021 09:08:12 GMT
server
AmazonS3
x-timer
S1631166242.112107,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
2SJ07CF9J448AYCK
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
1, 1
flag-us.svg
www.hallensteins.com/content/images/ 		4 KB
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/images/flag-us.svg
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf114cd7fe5b2ca7fe0e4434ddb52bf75c0955ff3625ec749855938925c25c6d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/images/flag-us.svg
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
2zLbHSERBa7akM_eONzAfaZnM8ZlGJDc
content-encoding
gzip
etag
"03784386dde13cea60ef1f8144333241"
age
4360
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
706
x-amz-id-2
jfCTCZMdbFmHFThy9uVai86TH56JBWpW3dT6KkpeT6gYMyZmPPXuBLFo/1DsjzoiJrCor9ZwUSo=
x-served-by
cache-syd10121-SYD, cache-hhn4051-HHN
last-modified
Wed, 14 Apr 2021 09:08:12 GMT
server
AmazonS3
x-timer
S1631166242.112688,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
66DRXWC0N26JNJ00
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
11, 1
header-logo2.png
www.hallensteins.com/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/images/header-logo2.png?width=104
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a2b45862d3f643ab36ae5d23caeaac01093f5058cad1cf19de46e056da174d7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/images/header-logo2.png?width=104
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
udcUb1HmNjpIHKzJ7ShjvY8DD39Y2eZg
via
1.1 varnish, 1.1 varnish
etag
"YLO/3/+C8bXz+JYbQ2Du3epnnCoHSOYufKOdEb0pwCE"
age
935
x-cache
HIT, HIT
fastly-io-info
ifsz=13578 idim=600x231 ifmt=png ofsz=3113 odim=104x40 ofmt=png
fastly-stats
io=1
content-length
3113
x-amz-id-2
u87om6VkxSrRQIzpuo0RbfGqDGR9DVQikEmTUuqqjwvyNd5LdCJsHR4Adtk5v2XfFoino0btWG0=
x-served-by
cache-syd10143-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.112727,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
RB25BRRSZWGWM7X9
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 1
widget.js
api.getcandid.com/scripts/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/scripts/widget.js
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
252db5ca3c86e63cca75583837273fc663e7a5dd8b130f23e78184663e34ea21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:01 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 15:19:52 GMT
server
NetDNA-cache/2.2
etag
W/"0dcf3575685d71:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=1200
accept-ranges
bytes
content-length
16705
jquery-3.5.1.min.js
www.hallensteins.com/_ps/external/jquery/3/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/jquery/3/jquery-3.5.1.min.js?1602810719
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/jquery/3/jquery-3.5.1.min.js?1602810719
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5193
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
36067
x-xss-protection
1; mode=block
x-served-by
cache-akl10332-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:11:59 GMT
server
nginx
x-timer
S1631166242.996400,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f35f-15d84"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
21, 1
vue.min.js
www.hallensteins.com/_ps/external/vue/2/ 		84 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/vue/2/vue.min.js?1602810720
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/vue/2/vue.min.js?1602810720
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3303
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
36244
x-xss-protection
1; mode=block
x-served-by
cache-akl10330-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:12:00 GMT
server
nginx
x-timer
S1631166242.008414,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f360-151b4"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
8, 1
vuex.min.js
www.hallensteins.com/_ps/external/vuex/3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/vuex/3/vuex.min.js?1602810720
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5094dd1c902e23973f750d98b13d9c53bfdbd8a5c0664bbb0aec703cc459850
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/vuex/3/vuex.min.js?1602810720
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3302
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
3351
x-xss-protection
1; mode=block
x-served-by
cache-akl10326-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:12:00 GMT
server
nginx
x-timer
S1631166242.027938,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f360-2570"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
2, 1
enquire.min.js
www.hallensteins.com/_ps/external/enquire/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/enquire/enquire.min.js?1602810718
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/enquire/enquire.min.js?1602810718
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5259
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
1058
x-xss-protection
1; mode=block
x-served-by
cache-akl10328-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:11:58 GMT
server
nginx
x-timer
S1631166242.035999,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f35e-8ce"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
20, 1
slick.min.js
www.hallensteins.com/_ps/external/slick/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/slick/slick.min.js?1602810719
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/slick/slick.min.js?1602810719
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3303
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
12554
x-xss-protection
1; mode=block
x-served-by
cache-akl10328-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:11:59 GMT
server
nginx
x-timer
S1631166242.043726,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f35f-a3e1"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
2, 1
lazysizes.min.js
www.hallensteins.com/_ps/external/lazysizes/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/lazysizes/lazysizes.min.js?1602810719
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
237a2dc9f211a15d1ab64350b592da3f86a69e69103aad182b947944505de7fd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/lazysizes/lazysizes.min.js?1602810719
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5249
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
3343
x-xss-protection
1; mode=block
x-served-by
cache-akl10331-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:11:59 GMT
server
nginx
x-timer
S1631166242.052455,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f35f-1a78"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
23, 1
imagesloaded.pkgd.min.js
www.hallensteins.com/_ps/external/imagesloaded/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/external/imagesloaded/imagesloaded.pkgd.min.js?1602810719
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/external/imagesloaded/imagesloaded.pkgd.min.js?1602810719
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4814
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
1985
x-xss-protection
1; mode=block
x-served-by
cache-akl10331-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:11:59 GMT
server
nginx
x-timer
S1631166242.060646,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"5f88f35f-15da"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
15, 1
1604356218
www.hallensteins.com/sidebar-js/ 		1 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/sidebar-js/1604356218
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22ba7e618ed66aec977a8c983baf5e905c0910ec22c3e352241c3d2c31db88ad
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/sidebar-js/1604356218
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241523
x-cache
HIT, HIT
x-cache-hits
42, 1
vary
Accept-Encoding
content-length
453
x-xss-protection
1; mode=block
x-served-by
cache-akl10335-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.068891,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 23:38:39 +1300
1603931440
www.hallensteins.com/core-vue-js/ 		534 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/core-vue-js/1603931440
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bf352f9fc3b7c2c78fbb464808eb45e34416edfab3c3ef22b6c37517d70682b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/core-vue-js/1603931440
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241014
x-cache
HIT, HIT
x-cache-hits
29, 1
vary
Accept-Encoding
content-length
273
x-xss-protection
1; mode=block
x-served-by
cache-akl10328-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.070734,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 23:47:07 +1300
3240760153
www.hallensteins.com/static/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/static/js/3240760153?eNqNi0EOgCAMBJ/iC6BP8gAbUyIFaUvi7+XowYPHmczQ3pVSE4MYKRsWDIRyOcYd+ukHi8bKEotu9B1PR8g8kIwnNHrNP4bUam+y/Ht4AOhxNWs=
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e374085b30db7ef3a22b1d1977759bea29e17df6fc91dcc8a7c06ee515152892
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/js/3240760153?eNqNi0EOgCAMBJ/iC6BP8gAbUyIFaUvi7+XowYPHmczQ3pVSE4MYKRsWDIRyOcYd+ukHi8bKEotu9B1PR8g8kIwnNHrNP4bUam+y/Ht4AOhxNWs=
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1313912
x-cache
HIT, HIT
x-cache-hits
696, 1
vary
Accept-Encoding
content-length
28113
x-xss-protection
1; mode=block
x-served-by
cache-akl10322-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.078575,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Fri, 24 Sep 2021 12:45:30 +1200
peppercontent.js
www.hallensteins.com/_ps/js/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/js/peppercontent.js?1614893666
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15800534b81463417ec4f4292d0c1ccb7a31c3dd549e75948f31938baa1ab188
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/_ps/js/peppercontent.js?1614893666
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5237
x-cache
HIT, HIT
vary
Accept-Encoding
content-length
4777
x-xss-protection
1; mode=block
x-served-by
cache-akl10325-AKL, cache-hhn4051-HHN
last-modified
Thu, 04 Mar 2021 21:34:26 GMT
server
nginx
x-timer
S1631166242.102255,VS0,VE1
x-frame-options
SAMEORIGIN
etag
W/"60415262-5f95"
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
19, 1
1524152976
www.hallensteins.com/static/js/ 		141 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/static/js/1524152976?eNrTjy8o1k/OzytJzSvRL84sSdUvSC0oSC1KzkhNzs4vLdFLz8lPSswp1svNzNPLKpbXJ6Q+ObGoBKoYAGBXIyQ=
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f87b71af65cc15195ae7c084a52db3f419f9f09c001a5be4bb58bcae96cc5d74
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/js/1524152976?eNrTjy8o1k/OzytJzSvRL84sSdUvSC0oSC1KzkhNzs4vLdFLz8lPSswp1svNzNPLKpbXJ6Q+ObGoBKoYAGBXIyQ=
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1313911
x-cache
HIT, HIT
x-cache-hits
7539, 1
vary
Accept-Encoding
content-length
46410
x-xss-protection
1; mode=block
x-served-by
cache-akl10323-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.107476,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Fri, 24 Sep 2021 12:45:30 +1200
1628135889
www.hallensteins.com/global-vue-js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/global-vue-js/1628135889
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b29ef11c14132a7dcc1bd0be024fdbf4075494a9cb7f19a4cf64b359d8d26cd7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/global-vue-js/1628135889
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438349
x-cache
HIT, HIT
x-cache-hits
3, 1
vary
Accept-Encoding
content-length
5460
x-xss-protection
1; mode=block
x-served-by
cache-akl10327-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111301,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Mon, 04 Oct 2021 16:58:12 +1300
1626734986
www.hallensteins.com/typeahead-vue-js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/typeahead-vue-js/1626734986
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87376e11fa53930e64bb71db963c806ba207d45b5fe529d0fec90e19be5cedaf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/typeahead-vue-js/1626734986
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1839252
x-cache
HIT, HIT
x-cache-hits
266, 1
vary
Accept-Encoding
content-length
1439
x-xss-protection
1; mode=block
x-served-by
cache-akl10331-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111810,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Sat, 18 Sep 2021 10:49:50 +1200
1630557825
www.hallensteins.com/javascript/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/javascript/1630557825
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25c07f476b46d8cd9881341f65aadbb05b0ec83b1ad55dfc1a573165be1ed115
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/javascript/1630557825
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608413
x-cache
HIT, HIT
x-cache-hits
2449, 1
vary
Accept-Encoding
content-length
7091
x-xss-protection
1; mode=block
x-served-by
cache-akl10328-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111890,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Sat, 02 Oct 2021 17:43:48 +1300
1600393037
www.hallensteins.com/stories-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/stories-js/1600393037
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee014c446ea4163ce669e5c96d2661761dd4d86f6b320b8f37c39aaef218a21e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/stories-js/1600393037
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241071
x-cache
HIT, HIT
x-cache-hits
29, 1
vary
Accept-Encoding
content-length
2029
x-xss-protection
1; mode=block
x-served-by
cache-akl10332-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111892,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 23:46:10 +1300
1622591483
www.hallensteins.com/datalayer-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/datalayer-js/1622591483
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
805c36b8be51e1792fa216a1c3c9034da25da902d53508d7debd009d60cdb377
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/datalayer-js/1622591483
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133562
x-cache
HIT, HIT
x-cache-hits
5, 1
vary
Accept-Encoding
content-length
1652
x-xss-protection
1; mode=block
x-served-by
cache-akl10335-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111933,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 05:37:59 +1300
1606338318
www.hallensteins.com/promo-timer-javascript/ 		2 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/promo-timer-javascript/1606338318
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c332b20131761788dc90a84ef0b7ab5572c691c92a2b47bb6ccb26cbb82578b0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/promo-timer-javascript/1606338318
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2095814
x-cache
HIT, HIT
x-cache-hits
2, 1
vary
Accept-Encoding
content-length
656
x-xss-protection
1; mode=block
x-served-by
cache-akl10333-AKL, cache-hhn4051-HHN
server
nginx
x-timer
S1631166242.111978,VS0,VE1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=300
content-type
text/javascript;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=2592000
accept-ranges
bytes
expires
Wed, 15 Sep 2021 11:33:47 +1200
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=evk5kft&ht=tk&f=24349.24350.24351.24354.24355.43307.43311&a=15472819&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.64.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-64-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		213 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ccf8bd02bf166a5860c8a1043c8002a3c2616535da97e30b31f7fcd80cd17493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69114
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Sep 2021 05:44:02 GMT
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.217.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-217-212.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:43:14 GMT
content-encoding
br
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
age
92
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0c6608381c6e16c344d8596c47c9b95d.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
LHR61-C2
x-amz-cf-id
Fp5x0_924seixx5P6DndkvePLah_zr9Z7gmg1QTWQBbq4Pz_9_QpHw==
l
use.typekit.net/af/403911/00000000000000003b9b3880/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07

Request headers

Referer
https://use.typekit.net/evk5kft.css
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
server
nginx
etag
"112e33239582b68be657159b85f4e16e5ce72672"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18000
l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b

Request headers

Referer
https://use.typekit.net/evk5kft.css
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
server
nginx
etag
"e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18068
fa-light-300.woff2
www.hallensteins.com/_ps/fonts/ 		186 KB
186 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/fonts/fa-light-300.woff2
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-fetch-mode
cors
origin
https://www.hallensteins.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a
:path
/_ps/fonts/fa-light-300.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
via
1.1 varnish, 1.1 varnish
age
1550295
x-cache
HIT, HIT
x-cache-hits
6, 1
content-length
190452
x-served-by
cache-akl10330-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:12:00 GMT
server
nginx
x-timer
S1631166242.126067,VS0,VE1
etag
"5f88f360-2e7f4"
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 21 Sep 2021 07:05:46 GMT
l
use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/aee0aa/00000000000000003b9b3f03/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
597596d0c7eec4aa77fc4c84e278b9de7643ea0b3e2bf29255b5623bf86c9fbf

Request headers

Referer
https://use.typekit.net/evk5kft.css
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
server
nginx
etag
"6c6a600f247a71e5bec38230436a588f0aed8849"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13684
keen-tracker.3.0.7.min.js
content-getcandid.netdna-ssl.com/scripts/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content-getcandid.netdna-ssl.com/scripts/keen-tracker.3.0.7.min.js
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.160 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2fea746535da5c2b49962de51d3cc58076fc1b0b6b30fea75dbf23b799d5acdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2015 15:11:22 GMT
server
NetDNA-cache/2.2
etag
W/"56702d9a-3ab2"
content-type
application/x-javascript
cache-control
max-age=43200
expires
Thu, 09 Sep 2021 17:44:02 GMT
widget.css
api.getcandid.com/content/ 		63 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/content/widget.css
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6cc9016bb910517a41c6ccc36f8745a699a587adce4c1cb48c26f7007e4d027d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 20:40:16 GMT
server
NetDNA-cache/2.2
etag
"038557b84dd71:0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=5184000
accept-ranges
bytes
content-length
13223
/
api.getcandid.com/stream/css/ 		632 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/stream/css/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cache=true
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/scripts/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a31198242402c51ca7411fe72e3b2cb71ed04df82c69538a64d8cd8d62dd6c27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=604800
content-length
240
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/evk5kft.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-192.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d07f2bd9333a310ea876e4676048abd7ea845fa6181f3742603b8a2fe174b12

Request headers

Referer
https://use.typekit.net/evk5kft.css
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
server
nginx
etag
"43ec342caef431ba8b8d52f92baa84f25627c043"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19620
blank.png
api.getcandid.com/images/ 		95 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/images/blank.png
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Thu, 20 May 2021 20:40:26 GMT
server
NetDNA-cache/2.2
etag
"019fb5cb84dd71:0"
x-cache
HIT
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
95
fa-brands-400.woff2
www.hallensteins.com/_ps/fonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hallensteins.com/_ps/fonts/fa-brands-400.woff2
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-fetch-mode
cors
origin
https://www.hallensteins.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
:path
/_ps/fonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hallensteins.com/static/css/2381619066?eNqFklGOwyAMRI/SE7AcKTLgJFYJRrbT9Pgl22gVbVXyO3qMB4+HBwhByKi34YElsejND1W9gqofuRhsqLygH/7IH436lVroSaWPRBbsAhlkQukiIz0xuY2SzX0rUjsAtTbXb9vmQ4Z4r1grip8hZyxquKeOvHzxCSwJxdW10ak7EQotYBeQsO2MGzO1FH1WraW9YCjyxdI1CmJxgpD6qw0CJXW90srGpVthpmm2HiA4ra3mHqKc6ePXgdnUBKqbhJJPrd69nLP4/8nvvbnzXQ5Khm7KHCAfZJP9+yLaJg3LOfyh+P1VE97UjPHOq50N92kvv9JC5A==
Origin
https://www.hallensteins.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
via
1.1 varnish, 1.1 varnish
age
914238
x-cache
HIT, HIT
x-cache-hits
1810, 1
content-length
77452
x-served-by
cache-akl10329-AKL, cache-hhn4051-HHN
last-modified
Fri, 16 Oct 2020 01:12:00 GMT
server
nginx
x-timer
S1631166242.238060,VS0,VE1
etag
"5f88f360-12e8c"
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 30 Jul 2021 15:46:37 GMT
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/_ps/js/peppercontent.js?1614893666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f14.1e100.net
Software
ESF /
Resource Hash
9e0d8486cdfb2885f393593b70893287e4486cccb6da10fcb6d17b2660610fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
expires
Thu, 09 Sep 2021 05:44:02 GMT
/
api.getcandid.com/stream/frame/ Frame F672 		42 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
77b49cb3f836bf6eae175661ca89bc6fecb86bf6e290cd22a3e142a1b35871f1

Request headers

:method
GET
:authority
api.getcandid.com
:scheme
https
:path
/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hallensteins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-type
text/html; charset=utf-8
content-length
8760
cache-control
public, max-age=5400
content-encoding
gzip
vary
Accept-Encoding
server
NetDNA-cache/2.2
x-cache
EXPIRED
close.png
candid-io.site44.com/images/themes/minimal/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candid-io.site44.com/images/themes/minimal/close.png
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.18.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-18-187.compute-1.amazonaws.com
Software
/
Resource Hash
62d7bc5c73e98aa632102959d7542a4ac88b687fe4a58ee66af81fd4a30b0a5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 23:33:01 GMT
Via
1.1 varnish-v4
Last-Modified
Sat, 25 Jun 2016 21:07:55 GMT
Age
281461
ETag
"8cba297cb72864ef22a57b57e1e3518f"
X-Varnish
21687603 98336
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5
Content-Length
3007
previous.svg
candid-io.site44.com/images/themes/minimal/ 		198 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candid-io.site44.com/images/themes/minimal/previous.svg
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.18.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-18-187.compute-1.amazonaws.com
Software
/
Resource Hash
0f648e56cb856fc4168c85c0ed18417523fe87dd923d4708cdb1114b8defb8d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 23:33:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2017 10:39:46 GMT
Age
281461
ETag
W/"fc9ff507e3ca9ba7a01aca69d93d675c"
Vary
Accept-Encoding
X-Varnish
23105367 98338
Via
1.1 varnish-v4
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Content-Length
148
Keep-Alive
timeout=5
next.svg
candid-io.site44.com/images/themes/minimal/ 		178 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candid-io.site44.com/images/themes/minimal/next.svg
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/content/widget.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.18.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-18-187.compute-1.amazonaws.com
Software
/
Resource Hash
b568382d881699fdbebcaa0ce9f5b3bf62eceac86b9a03319fa96116863b64e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 23:33:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2017 10:38:10 GMT
Age
281461
ETag
W/"95a81c5f9aa7d1cac73f55e2c48b93ac"
Vary
Accept-Encoding
X-Varnish
23084380 393282
Via
1.1 varnish-v4
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Content-Length
140
Keep-Alive
timeout=5
0136744001631138550.jpg
www.hallensteins.com/content/blocks/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0136744001631138550.jpg?width=1600
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4923cf378888d8ac5b03d94c9bb3cd61d3a299bb2ab0cec1ce0bf174c28d839
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0136744001631138550.jpg?width=1600
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
lO2trVhBCcWIQj_VBz_TchnaT0p3q5V1
via
1.1 varnish, 1.1 varnish
etag
"jbt34Ah9LOQtmvo3btOHTXenE905SoFq3ObmEzB6+AU"
age
3232
x-cache
HIT, HIT
fastly-io-info
ifsz=182573 idim=3900x300 ifmt=jpeg ofsz=13027 odim=1600x123 ofmt=jpeg
fastly-stats
io=1
content-length
13027
x-amz-id-2
WP7SOL1XTm+/TL0/YY9RahS7V+kkbJjr0+t0v2PrZnSftRyEr9n0yuhau62JzxuLQlMpT04HjwE=
x-served-by
cache-syd10120-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.322747,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
BRS5D6B4X3ZCNB31
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
0305370001631146153.gif
www.hallensteins.com/content/blocks/ 		572 KB
572 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0305370001631146153.gif?width=1600
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccbc44965eb8d4d13b71e66673016540d06686ec366a6f48b8116ad52abdaa2b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0305370001631146153.gif?width=1600
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
H8OUXFI4qzhRKNTmgWRmT0Dm5NRC_QGR
via
1.1 varnish, 1.1 varnish
etag
"bgojvZnWSTJ4YSUPRlVvZP3bml0rYadGyPsIm5SQ3GI"
age
3230
x-cache
HIT, HIT
fastly-io-info
ifsz=1342439 idim=3900x1735 ifmt=gif ofsz=585537 odim=1600x712 ofmt=gif ofrm=23
fastly-stats
io=1
content-length
585537
x-amz-id-2
2OEQ2IjYY3bbGUhKWr3q1lOGgbjXC4g+AiG5zV4avaqMOgT0vww2ODoI399+Xrx1D4h0Zv/aYuM=
x-served-by
cache-syd10152-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323445,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
8GZY693B2300WE05
accept-ranges
bytes
content-type
image/gif
x-cache-hits
1, 1
0795658001631136205.jpg
www.hallensteins.com/content/blocks/ 		536 KB
536 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0795658001631136205.jpg?width=800&fit=crop
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
331f636d3a1e20fd5adc73e53abb839d5fff4ba8e5932b67bb320a6828213719
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0795658001631136205.jpg?width=800&fit=crop
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
gfcHq.Xc7u5IhYtqh85k9tQBNTx3NiUE
via
1.1 varnish, 1.1 varnish
etag
"wd06xFi2ENzwsfalgpS/fuQxBi4M7YoWjLP27aXiYvE"
age
4631
x-cache
HIT, HIT
fastly-io-info
ifsz=2009835 idim=1480x1800 ifmt=jpeg ofsz=548404 odim=1480x1800 ofmt=jpeg
fastly-stats
io=1
content-length
548404
x-amz-id-2
bArKUnnjqu56Y0KCe1NH/qDmL4sTuZtTWseBT4dCX/LiGHX1BrXF7bhTRcCj/FQZnqzSpFPMFFU=
x-served-by
cache-syd10162-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323730,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
HBA6PBV0KTKYVRAD
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
0884215001631042898.jpg
www.hallensteins.com/content/blocks/ 		515 KB
515 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0884215001631042898.jpg?width=800&fit=crop
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ebbe06db95056f5d9fbcf42d58b04263e413544360fa0f0bbd293122e11d973
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0884215001631042898.jpg?width=800&fit=crop
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Vb3CmynMcjtUKlaYWlb3OFseHqsoFwbk
via
1.1 varnish, 1.1 varnish
etag
"GHlAHTaLMAvOYCLdaN4v0O6ovQ9maghdYJ0OWfOmtkE"
age
3234
x-cache
HIT, HIT
fastly-io-info
ifsz=1963332 idim=1480x1800 ifmt=jpeg ofsz=527246 odim=1480x1800 ofmt=jpeg
fastly-stats
io=1
content-length
527246
x-amz-id-2
6ug4AZPbt7SLfXRTxTqC/Smhf3X63IV/eBCL3WhZCWqd2iYentDvozuZ9Bd9O2eBY+SChxjCHrI=
x-served-by
cache-syd10130-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323766,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
DRA78D1RJ2R3JEXT
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
2, 1
0076233001631046257.gif
www.hallensteins.com/content/blocks/ 		742 KB
743 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0076233001631046257.gif?width=1600
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
854ddf677b7fa3abac41f23b223aecfc9a54ddf7fb065da918c8407688b9cda0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0076233001631046257.gif?width=1600
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
f98jwkFG_X.8p0fu4YDTL2pQZ5D2hFn7
via
1.1 varnish, 1.1 varnish
etag
"QvJ4u4nNiiSo6rT/Ow/Em3xL2FLFDRXtIMXWlsP/xCs"
age
3230
x-cache
HIT, HIT
fastly-io-info
ifsz=4371029 idim=3900x1735 ifmt=gif ofsz=760292 odim=1600x712 ofmt=gif
fastly-stats
io=1
content-length
760292
x-amz-id-2
EnJreTwg7MlsGv0xMypIo910n8WdAyP+KV2DPa0QImnnseBaryqd1StXku+WDsgnLoQOA2dMfOI=
x-served-by
cache-syd10120-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323857,VS0,VE2
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
8EP0YJDWPZ0KF9Q9
accept-ranges
bytes
content-type
image/gif
x-cache-hits
1, 1
0019141001630963279.jpg
www.hallensteins.com/content/blocks/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0019141001630963279.jpg?width=800&fit=crop
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9abd840adfc01f6174b8f42f398099fed751f0db27a13549b466f93e25d7204
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0019141001630963279.jpg?width=800&fit=crop
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
HG_B1mDH1ApyDsx7ME2e2VCrXmnoZqrQ
via
1.1 varnish, 1.1 varnish
etag
"TiFDF31MB1y9wPOGXmvPq3Lv89CPmlJFbG+wZPOwKiw"
age
3234
x-cache
HIT, HIT
fastly-io-info
ifsz=409625 idim=1480x500 ifmt=jpeg ofsz=91062 odim=1480x500 ofmt=jpeg
fastly-stats
io=1
content-length
91062
x-amz-id-2
M9dLTljfQZn71TRXr+zNq72m6egyiVrJz1MvONKNmvwAfWU3TNs4F3AOhWPBACR1tekOV4aCYsU=
x-served-by
cache-syd10162-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323878,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
YFFKQKRR3K7YZM23
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
2, 1
0536480001630009052.jpg
www.hallensteins.com/content/blocks/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hallensteins.com/content/blocks/0536480001630009052.jpg?width=800&fit=crop
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f99901005c46d58704c42d90749a7651bbd4d5cefabcbcee2eaf7016762c0c0e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

:path
/content/blocks/0536480001630009052.jpg?width=800&fit=crop
pragma
no-cache
cookie
PHPSESSID=e76e90e26142366ab4ab2fea15ffa4e9; pscartkey=92f3427bce3db0b19814144261b1e80b; bp_welcome=61399f21969e3; landedpage=%2F; currentregion=17; csrftoken-ed6b967ce3=3c9c580c44eee6c77badc737c7c9b41a; candid_userid=348c86be-a7af-4b31-9005-e4a3c9308eb3
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hallensteins.com
referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
q2cq1Pt.tQD3V2D4G5XJK6zPGb3_pY.c
via
1.1 varnish, 1.1 varnish
etag
"zThbw+jajxxz9PBnk0da25Qya9yb/z11dH0Wbq7rgbA"
age
3234
x-cache
HIT, HIT
fastly-io-info
ifsz=276475 idim=1480x500 ifmt=jpeg ofsz=172049 odim=1480x500 ofmt=jpeg
fastly-stats
io=1
content-length
172049
x-amz-id-2
ocSYHFX2xC1oOoGZSJyQ6TUFeLi0mzqWgqu733X7JVPRCmZtgG9yRI7p5D77dv7sg7wjvREBCAg=
x-served-by
cache-syd10126-SYD, cache-hhn4051-HHN
server
AmazonS3
x-timer
S1631166242.323939,VS0,VE1
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
EKRT75GSXNJQ6HR5
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3114
date
Thu, 09 Sep 2021 04:52:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 09 Sep 2021 06:52:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
me9JuH2QbwPH7NBhZrzRi4GbI8/LutsxX4ontg8i5gvVdLOhMYmYTRXBXHFjeM/YYyxs47Ekmq7JMPd5BMmAaA==
x-fb-trip-id
1082456386
x-frame-options
DENY
date
Thu, 09 Sep 2021 05:44:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm...
8724567.fls.doubleclick.net/ Frame 0934
Redirect Chain
  • https://8724567.fls.doubleclick.net/activityi;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Fu...
  • https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3...
491 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
cafe /
Resource Hash
9e8ba8483ac5477427a38ff61e8f7260837fdb00f5b81d642b0181a5e32a7d81
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8724567.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hallensteins.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
expires
Thu, 09 Sep 2021 05:44:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
390
x-xss-protection
0
set-cookie
IDE=AHWqTUmEzoxU8-UzYitVrcDSUoQuI2BbJ6P4Y-Dz5qeJN67OiBcI_Tio6Av3l4Vi3Es; expires=Sat, 09-Sep-2023 05:44:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hotjar-2456165.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2456165.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-42.lhr61.r.cloudfront.net
Software
/
Resource Hash
b4d15260257dc403bcfe69544ec4e384406ad896dd0204007a8a097bc03eff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
LHR61-C2
etag
W/dcc46dfe55775252e3769fdee3264a69
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
jgVCXx6LDrNEY6NTzLq2ycwUWpnOJGwraMCSAsCijYx9I7hfURgQ2w==
via
1.1 74e2a59e06d5b7556eb510403eacd42e.cloudfront.net (CloudFront)
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 16 Sep 2021 05:44:02 GMT
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:01 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref
Ref A: 5D9FCFBE5CC649EDBBCB8E718E9971BA Ref B: PRG01EDGE0717 Ref C: 2021-09-09T05:44:02Z
etag
"80f2963dde83d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9024
activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_sourc...
10770498.fls.doubleclick.net/ Frame 5FE4
Redirect Chain
  • https://10770498.fls.doubleclick.net/activityi;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_so...
  • https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%...
653 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
cafe /
Resource Hash
5cc25820899efd29ac347321423be4f7d0f1a08a5424ee745cd9fab7684168d3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10770498.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hallensteins.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
expires
Thu, 09 Sep 2021 05:44:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
428
x-xss-protection
0
set-cookie
IDE=AHWqTUl4Fd2k3QQ5n7K3QgoGnY9_xBmX8_pvOE_GzCZBRIZPu7liUlTzmCYv9ViMPxg; expires=Sat, 09-Sep-2023 05:44:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_sour...
10770501.fls.doubleclick.net/ Frame 41A7
Redirect Chain
  • https://10770501.fls.doubleclick.net/activityi;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_s...
  • https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F...
486 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57GHJ5X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
cafe /
Resource Hash
cacb3a82d62f2839f823edec560f3666dbcc255cbace56bd10d8458b4c76254f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10770501.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hallensteins.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
expires
Thu, 09 Sep 2021 05:44:02 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
set-cookie
IDE=AHWqTUn-fXSZnJBua4vTZPCl4YLKTt0M-0NiedHYhoYx31qyxaqUaiKJRlQy8fccnJE; expires=Sat, 09-Sep-2023 05:44:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 09 Sep 2021 05:44:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7a119b1ed3613700098cbfecb98055a9d5dc77fd1381e688d8859475517699dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
95a1d781.40a2a393
date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-200-218-21.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
157,104.126.37.174
server-timing
cdn-cache; desc=MISS, edge; dur=154, origin; dur=3, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202109090544020102450021191610EB48
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,23.200.218.21
x-tt-trace-host
01da5012d53a9319bad47042a47a0f7fcbfd2fc1f7e54bc1148eb499b2617dfa057526dc8d697f3f425b6c791f92ddb0cccb3328c78155fa778dab2d27fa765ca6257b935fde7102cbb32032e9f448595319e962f402e303d4b824d7cd140fe72187d40642e8b0f258324cc9311876281b
expires
Thu, 09 Sep 2021 05:44:02 GMT
11005
cfjump.hallensteins.com.au/tag/
Redirect Chain
  • https://t.cfjump.com/tag/11005
  • https://cfjump.hallensteins.com.au/tag/11005
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfjump.hallensteins.com.au/tag/11005
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
40.82.218.196 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
commissionfactory.com
Software
/
Resource Hash
817bcc64027a521696b606d3eb7f7468aaf217b559285b32f7ba83c1758050c1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
date
Thu, 09 Sep 2021 05:43:59 GMT
vary
Accept-Encoding
p3p
policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control
private, max-age=900
content-type
application/javascript; charset=utf-8
content-length
1480

Redirect headers

location
https://cfjump.hallensteins.com.au/tag/11005
strict-transport-security
max-age=300
cache-control
private, max-age=900
p3p
policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
date
Thu, 09 Sep 2021 05:43:58 GMT
content-length
161
content-type
text/html; charset=utf-8
scarab-v2.js
cdn.scarabresearch.com/js/1AE20C822AC62EDF/ 		105 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-79.lhr61.r.cloudfront.net
Software
/
Resource Hash
c73ebbcd436cf420db05cc8a0bd0352ab94f8140b92821b7626186b177885073

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 04:44:34 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
3568
ETag
"08045871ac4f0693a6b1a6001608d559--gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript;charset=utf-8
Via
1.1 4c36faabfc67dbcb121ad26f9612cc3b.cloudfront.net (CloudFront)
Cache-Control
max-age=3600,public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
LHR61-C2
Timing-Allow-Origin
*
X-Amz-Cf-Id
1KBEevSA-o8Q9kInim5XFtz5bzbB42oCdO_gaHRwDOjaw6qbz7z3Lw==
integrate_92bd9af3e8af02bcf2cc8b70a557e34b.js
cdn.pushalert.co/ 		213 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushalert.co/integrate_92bd9af3e8af02bcf2cc8b70a557e34b.js
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.9 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d3dc921021d1c55cb5830e061b93aabd3b7a25f20d96bef0271e6f1c58ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Aug 2021 01:59:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=8640000, public
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
activityi;register_conversion=1;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSM...
8724567.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8724567.fls.doubleclick.net/activityi;register_conversion=1;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
activityi;register_conversion=1;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26am...
10770498.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10770498.fls.doubleclick.net/activityi;register_conversion=1;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
activityi;register_conversion=1;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26a...
10770501.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10770501.fls.doubleclick.net/activityi;register_conversion=1;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s21-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
www-widgetapi.js
www.youtube.com/s/player/a1c3b4e5/www-widgetapi.vflset/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a1c3b4e5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f14.1e100.net
Software
sffe /
Resource Hash
818a58d8594d44b70cb3647aeaa92747aa31ed040b84f906b3b984cae42cfa9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 17:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
130830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44703
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 00:16:56 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 17:23:32 GMT
/
api.getcandid.com/stream/css/ Frame F672 		842 B
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/stream/css/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&type=default&cache=true
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7b6255c8f48581b79ce9bf5c5fffda31769e49218247a7ee429666c6c31ab786

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public, max-age=604800
content-length
370
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame F672 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.234 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s22-in-f234.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 05:33:54 GMT
widget.frame.js
api.getcandid.com/scripts/ Frame F672 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/scripts/widget.frame.js
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
18528d0b511e777346ea84e27ab52427091b56f52df6ce96028dc404593a799d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 20:40:28 GMT
server
NetDNA-cache/2.2
etag
"0462c5eb84dd71:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=5184000
accept-ranges
bytes
content-length
17315
analytics.js
www.google-analytics.com/ Frame F672 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3114
date
Thu, 09 Sep 2021 04:52:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 09 Sep 2021 06:52:08 GMT
rules-p-DqpuXXZHgBTPd.js
rules.quantcount.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-DqpuXXZHgBTPd.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-84.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c1b76cec679e849c947bd9ea85ed8a8d911eb6578989e7d9fed68a0b33ef1e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 04:44:35 GMT
content-encoding
gzip
age
3568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 23 Mar 2021 02:44:13 GMT
server
AmazonS3
etag
W/"c47dbb90633a340aa3eaaa118d299998"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
LHR61-C2
x-amz-cf-id
_Jw0GOkxHRcs5B-ZrkYKfb58DV79bOCR-82YydM5uFgJoxfc8g-jRQ==
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 04:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3295
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Thu, 09 Sep 2021 05:49:07 GMT
/
api.getcandid.com/stream/page/ Frame F672 		120 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/stream/page/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&pageSize=40&approvalFilter=Approved&sort=Random&cache=true
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
71adf7dbcd784d515dc6caa92557c398466670b0d9bc9b0e25bba0478d9ea6fa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
5400
cache-control
public, max-age=900
x-cache
HIT
access-control-allow-headers
Accept, Content-Type, X-Requested-With
content-length
12541
modules.32d4d6c361d45587f461.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.32d4d6c361d45587f461.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2456165.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-115.lhr61.r.cloudfront.net
Software
/
Resource Hash
06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 10:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
588417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59572
access-control-allow-origin
*
last-modified
Thu, 02 Sep 2021 10:16:34 GMT
etag
"3160769f38fdb6aa7f9b79e9033d46a8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 320b04684a5b16980772c5d36c63ecea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5ONpGQNRXMcMV9A6s3H7GwFHkOg1bUmuQilIqSNk_pfgUTTMhRMQcw==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.45
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20787
x-xss-protection
0
pragma
public
x-fb-debug
d5pJyFj+KdJ4cuQ+4LnBWf+fzNqMhFBS+u9OGqqTKnKsMMdAUyRKGAusQI7rGBQtj5Z3g3/ZdlhoY9lSEfJ2iA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
693440617384565
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/693440617384565?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
6bd24dd2eaeb72e59ad21d0604ec7810e2a61d267299cc606268897d8c5c42cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
9BocQVDKst2VPnmVui+CU4HPSk4tRDFw6/RQ2GJmYp6pzwyauRnqDHaGYCvI4pZEM3THsIBiZQi3YpEehLXjBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 09 Sep 2021 05:44:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
recommender.scarabresearch.com/merchants/1AE20C822AC62EDF/ 		89 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://recommender.scarabresearch.com/merchants/1AE20C822AC62EDF/?pv=1728320069&xp=1&cv=1&ca=&cp=1&t=92f3427bce3db0b19814144261b1e80b
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.63.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-63-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9feffb6548a4376e7d9f87a05c1bf7555b4a47384a9b78f618a60825c70c62b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 05:44:02 GMT
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Vary
Accept-Encoding, User-Agent
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.hallensteins.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
89
Expires
Thu, 01 Jan 1970 00:00:00 GMT
wploader.js
static.scarabresearch.com/wpjs/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scarabresearch.com/wpjs/wploader.js?ts=2697
Requested by
Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-100.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5805ce164c47e942df156a619dab2d1e99248d7797aca8d2ad6e93468916572d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 08 Sep 2021 13:34:12 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 06 Sep 2021 14:00:48 GMT
Server
AmazonS3
Age
58191
ETag
W/"2578352498f3bb8bbb61c7f37ddf2ffe"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bd7e039818f6bd12ba37b73d719c6730.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
LHR61-C2
X-Amz-Cf-Id
wv6t_pyNwzC0S870tUCV0SwLrRt9GoAWGTIxKmeuQOccv-vCqxeonw==
collect
stats.g.doubleclick.net/j/ 		2 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-6541133-1&cid=643160782.1631166243&jid=1953891070&gjid=1837580541&_gid=913657738.1631166243&_u=aGBAgEALAAAAAE~&z=979335751
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hallensteins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Sep 2021 05:44:02 GMT
content-type
text/plain
access-control-allow-origin
https://www.hallensteins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=38924305&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save&ul=en-us&de=UTF-8&dt=Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=1953891070&gjid=1837580541&cid=643160782.1631166243&tid=UA-6541133-1&_gid=913657738.1631166243&gtm=2wg91057GHJ5X&promo1id=pc_contentpagedetail_1174&promo1nm=WELCOME-BACK&promo2id=pc_contentpagedetail_1169&promo2nm=H1-NZ-SPEND-GET&promo3id=pc_contentpagedetail_1050&promo3nm=H2-NZ-DENIM&promo4id=pc_contentpagedetail_1083&promo4nm=H2-NZ-SWEATS&promo5id=pc_contentpagedetail_1025&promo5nm=H3-NZ-DENIM&promo6id=pc_contentpagedetail_1093&promo6nm=H3-NZ-REBELLION&promo7id=pc_contentpagedetail_1109&promo7nm=H3-NZ-LICENSED-TEES&promo8id=pc_contentpagedetail_1110&promo8nm=H3-NZ-RELAXED-SHORTS&promo9id=pc_contentpagedetail_1165&promo9nm=H3-NZ-PATCHWORK&promo10id=pc_contentpagedetail_1172&promo10nm=H3-NZ-CORD&promo11id=pc_contentpagedetail_1084&promo11nm=H4-NZ-SALE-OFF-SALE&promo12id=pc_contentpagedetail_1159&promo12nm=H3-NZ-SALE-TEES&promo13id=pc_contentpagedetail_1160&promo13nm=H3-NZ-SALE-SHIRTS&promo14id=pc_contentpagedetail_1161&promo14nm=H3-NZ-SALE-KNITS&promo15id=pc_contentpagedetail_1162&promo15nm=H3-NZ-SALE-SWEATS&promo16id=pc_contentpagedetail_1163&promo16nm=H3-NZ-SALE-MERINO&promo17id=pc_contentpagedetail_1164&promo17nm=H3-NZ-SALE-JACKETS&promo18id=pc_contentpagedetail_1166&promo18nm=H3-NZ-SALE-BEANIES&promo19id=pc_contentpagedetail_1167&promo19nm=H3-NZ-SALE-COATS&promo20id=pc_contentpagedetail_1112&promo20nm=H6-NZ-GIFT&promo21id=pc_contentpagedetail_1113&promo21nm=H6-NZ-RAF&promo22id=pc_contentpagedetail_1150&promo22nm=H7-NZ-INSTAGRAM&promo23id=pc_contentpagedetail_1151&promo23nm=H7-NZ-FACEBOOK&promo24id=pc_contentpagedetail_1152&promo24nm=H7-NZ-TIK-TOK&z=1734918439
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Sep 2021 06:42:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82914
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F672 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
12010296
cdn-cachedat
2021-04-23 07:08:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ec580bd8b923316e0940945df3d5dddc
cf-ray
68be1a39bff92784-PRG
cdn-requestcountrycode
CZ
cdn-requestpullsuccess
True
/
api.getcandid.com/stream/tags/ Frame F672 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/stream/tags/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&format=json&cache=true&filter=candid_suggested,10001267-cadrona-blue,denim,10001826-light-blue,10001528-yellow,ls_shirts,10001380-swedish-blue,tees,10001903-orange,sweatshirts,10002005-multi,10002006-multi,trackshorts,sweats,college,10001257-vintage-black,10001499-natural,knitwear,jacket,puffer,ls_tshirts,10001916-black,best,homepage,ss_tshirts,10001268-solid-black,10001128-white,10001128-sage,10001128-black,10001126-tan,organic,joggers,10001900-orange,10001289-purple-heather,10001800-black,shorts,graphic_tees,baggy,10001380-blue,sweatpants
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
99bcb7435ede1767da7cfece18829f6965d87268345d660060f5c17e63eb77d6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Thu, 09 Sep 2021 05:44:03 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
5400
cache-control
public, max-age=5400
x-cache
EXPIRED
access-control-allow-headers
Accept, Content-Type, X-Requested-With
content-length
2342
blank.png
api.getcandid.com/images/ Frame F672 		95 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/images/blank.png
Requested by
Host: api.getcandid.com
URL: https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Thu, 20 May 2021 20:40:26 GMT
server
NetDNA-cache/2.2
etag
"019fb5cb84dd71:0"
x-cache
HIT
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
95
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17888855201235422_standard.jpg
api.getcandid.com/image/h/ Frame F672 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17888855201235422_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8a464b12a5ea312f7a0edca50f5e51c77f9d34113fcebf7a0e716b7762317b12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 21:49:15 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
33908
expires
Thu, 10 Mar 2022 21:49:15 GMT
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17959319860442555_standard.jpg
api.getcandid.com/image/h/ Frame F672 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17959319860442555_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6236373c3f69e0d0cff354dd8a7b4f96fc4b9f542b0c2c2a668acc8830054f0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 21:49:15 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
39318
expires
Thu, 10 Mar 2022 21:49:15 GMT
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_18198567280101639_standard.jpg
api.getcandid.com/image/h/ Frame F672 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_18198567280101639_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
05c0695ea311bcfd4557bf14830cfa8e5025f1e51700f3e7fcf97265a0ce0c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 23:56:48 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
43560
expires
Thu, 10 Mar 2022 23:56:48 GMT
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17905516834936375_standard.jpg
api.getcandid.com/image/h/ Frame F672 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17905516834936375_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f78c6bec99f0754f04b98e4f8dae78dfcaed335735e27633336f92c594587997

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 21:49:15 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
32929
expires
Thu, 10 Mar 2022 21:49:15 GMT
scontent-iad3-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F241363157_338502264689963_3216577476367763827_n.jpg%3F_nc_cat%3D111%26ccb%3D1-5%26_nc_sid%3D8ae9d6%26_nc_ohc%3DsxAzhVfXSmIAX_Y2jh9%2F_nc_ht%3Ds...
api.getcandid.com/image/h/ Frame F672 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/scontent-iad3-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F241363157_338502264689963_3216577476367763827_n.jpg%3F_nc_cat%3D111%26ccb%3D1-5%26_nc_sid%3D8ae9d6%26_nc_ohc%3DsxAzhVfXSmIAX_Y2jh9%2F_nc_ht%3Dscontent-iad3-1.cdninstagram.com%26edm%3DAJ7ooaQEAAAA%26oh%3D25ae3261814c7b0bd8d4d9ab23b2a030%26oe%3D613DAC05?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
20514ad265ee5abb60cf8a9039f6852304264d25c8ec154a50fd4bf2f65ae32f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Thu, 09 Sep 2021 05:33:55 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
38736
expires
Mon, 14 Mar 2022 05:33:55 GMT
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17888689916487806_standard.jpg
api.getcandid.com/image/h/ Frame F672 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17888689916487806_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1ddcb00787c2f4190c18e336255fbf628d0bc2a715b0714de5a451512720a99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 23:56:58 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
45659
expires
Thu, 10 Mar 2022 23:56:58 GMT
%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17916288106914143_standard.jpg
api.getcandid.com/image/h/ Frame F672 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.getcandid.com/image/h/%2F%2Fapi.getcandid.com%2Fi%2Fh%2Fa%252fstream-media%252fbfc1dca0-6717-4281-85cb-7eb5f67fca83_17916288106914143_standard.jpg?w=300
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4547c61a95494c7ef77a2d55047ec49bfa6d3c90bd6002cd7851bced8e6dd115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 23:56:58 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
image/jpeg
cache-control
public, max-age=16070400
content-length
49570
expires
Thu, 10 Mar 2022 23:56:58 GMT
5216135.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5216135.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Sep 2021 05:44:02 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 84FBDDB760574C62A5FDFE7A81457DAB Ref B: PRG01EDGE0717 Ref C: 2021-09-09T05:44:02Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5216135&tm=gtm002&Ver=2&mid=485564b0-4ba0-4a98-b768-5665935a889b&sid=f04029e0113011eca437ed1c90d1f528&vid=f0406340113011ecb5d483a5ec2fc5bd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ&p=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save&r=&lt=1206&evt=pageLoad&msclkid=N&sv=1&rn=858207
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 09 Sep 2021 05:44:02 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 5D046492081C405C867ABB4EBE06D270 Ref B: PRG01EDGE0717 Ref C: 2021-09-09T05:44:02Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8F14 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2456165.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-65.lhr61.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hallensteins.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 19 Jul 2021 07:34:14 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ec1080f781e2e3f66cbfcee94de754cc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
x-amz-cf-id
v7UsLRoplyglvWJAbiZMCNtSTb5OA9QP5abznemJ6hp3kVXUxjgpfg==
age
4486189
truncated
/ Frame F672 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68feb7e27b5930a15b5523bdfe697322b10b27bf5c721dadf42a077197277e35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
bfc1dca0-6717-4281-85cb-7eb5f67fca83_17883504920302704_standard.mp4
api.getcandid.com/v/h/a/stream-media/ Frame F672 		448 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/v/h/a/stream-media/bfc1dca0-6717-4281-85cb-7eb5f67fca83_17883504920302704_standard.mp4
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 21:49:05 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
video/mp4
cache-control
public, max-age=16070400
content-length
1141775
expires
Thu, 10 Mar 2022 21:49:05 GMT
bfc1dca0-6717-4281-85cb-7eb5f67fca83_17850763376593800_standard.mp4
api.getcandid.com/v/h/a/stream-media/ Frame F672 		384 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://api.getcandid.com/v/h/a/stream-media/bfc1dca0-6717-4281-85cb-7eb5f67fca83_17850763376593800_standard.mp4
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer
https://api.getcandid.com/stream/frame/?id=bfc1dca0-6717-4281-85cb-7eb5f67fca83&cId=cw_0&margin=10&controlNav=true&width=294&count=40&min=0&approvalFilter=Approved&theme=ct-minimal&slideshow=true&animationLoop=true&animationSpeed=1000&slideshowSpeed=7000&scale=true&cache=true
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 09 Sep 2021 05:44:02 GMT
last-modified
Sun, 05 Sep 2021 21:49:05 GMT
server
NetDNA-cache/2.2
x-cache
HIT
content-type
video/mp4
cache-control
public, max-age=16070400
content-length
516933
expires
Thu, 10 Mar 2022 21:49:05 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-6541133-1&cid=643160782.1631166243&jid=1953891070&_u=aGBAgEALAAAAAE~&z=2015511903
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1626430584;event=refresh;labels=_fp.event.NZ%20Homepage;source=gtm;rf=0;a=p-DqpuXXZHgBTPd;url=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1626430584;event=refresh;labels=_fp.event.NZ%20Homepage;source=gtm;rf=0;a=p-DqpuXXZHgBTPd;url=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1510543022-1631166242883;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=hallensteins.com;je=0;sr=1600x1200x24;dst=0;et=1631166242882;tzo=0;ogl=type.website%2Ctitle.Men's%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%2Cdescription.Shop%20online%20at%20Hallenstein%20Brothers%252E%20New%20Zealand's%20home%20of%20menswear%252E%20Find%20the%20la%2Cimage.https%3A%2F%2Fwww%252Ehallensteins%252Ecom%2Fcontent%2Fimages%2Fog_image%252Ejpg%2Curl.https%3A%2F%2Fwww%252Ehallensteins%252Ecom%2F
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medi...
adservice.google.com/ddm/fls/z/ Frame 0934 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Requested by
Host: 8724567.fls.doubleclick.net
URL: https://8724567.fls.doubleclick.net/activityi;dc_pre=CPmL3OOX8fICFUSnUQodBEsIVg;src=8724567;type=allvi0;cat=halle0;ord=1;num=2140779532264;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8724567.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
33a5ca9d.40a2a599
date
Thu, 09 Sep 2021 05:44:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-200-218-94.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
159,104.126.37.174
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=4, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202109090544020102450452134110E7BE
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.200.218.94
x-tt-trace-host
01da5012d53a9319bad47042a47a0f7fcbfd2fc1f7e54bc1148eb499b2617dfa05f693293fbb334afa26a23db1e581acac98c9a3d2ad17c7998880bfdb9d6cf30f086b6eb1e3dec8e6f63344ddd8ec75d912434953041253d07a3bd54495065601e72cc47521b132572eff419a0fff083a
expires
Thu, 09 Sep 2021 05:44:03 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BP2RJVQOIAS4I7M02R0G&hostname=www.hallensteins.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
edce1b919ae20aa8cc927cd1c7d55280bab15d34f6db2e40628aa8d507b8bb7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id
773c0629.40a2a5ef
date
Thu, 09 Sep 2021 05:44:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-4-76.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
168,104.126.37.174
server-timing
cdn-cache; desc=MISS, edge; dur=157, origin; dur=11, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
2021090905440301024503104122112671
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.44.4.76
x-tt-trace-host
01da5012d53a9319bad47042a47a0f7fcbfd2fc1f7e54bc1148eb499b2617dfa05ec30fdffff04eb2f736f6d089b717746be4c2956c1263791f6124fa1c15a913790d2cb0e62ce133b2de43e3f544b832d5dfbfd461a3ef20339ecac6866044a636630d501b8a351c1184f32a50a35a2c7
expires
Thu, 09 Sep 2021 05:44:03 GMT
dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3D...
adservice.google.com/ddm/fls/z/ Frame 41A7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Requested by
Host: 10770501.fls.doubleclick.net
URL: https://10770501.fls.doubleclick.net/activityi;dc_pre=CL-83OOX8fICFRbUUQodgFsKsA;src=10770501;type=broad0;cat=omg_r0;ord=5817385456177;gtm=2wg910;auiddc=1344708509.1631166243;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://10770501.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=*;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Ds...
adservice.google.com/ddm/fls/z/ Frame 5FE4 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=*;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Requested by
Host: 10770498.fls.doubleclick.net
URL: https://10770498.fls.doubleclick.net/activityi;dc_pre=CLeP3OOX8fICFZa-UQodJKUM0g;src=10770498;type=broad0;cat=rt_ha0;ord=2700265641314;gtm=2wg910;auiddc=1344708509.1631166243;u1=%2F;u2=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save;u3=;u4=New%20Zealand;u15=undefined;ps=1;~oref=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://10770498.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wpes6.js
static.scarabresearch.com/wpjs/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scarabresearch.com/wpjs/wpes6.js?ts=2697
Requested by
Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/1AE20C822AC62EDF/scarab-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-100.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff37e550740ba950e857ac9f385d4e4aa54f6354e06db92d72e8c63869be4295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 08 Sep 2021 14:01:07 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 06 Sep 2021 14:00:53 GMT
Server
AmazonS3
Age
56577
ETag
W/"ee3fb38d732105d736aec4aca173eae4"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bd7e039818f6bd12ba37b73d719c6730.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
LHR61-C2
X-Amz-Cf-Id
k8PhoSPxM9lWsL6eSSSt8XZQZOepvSfPbS9e6CZFB1KP-sM7uGKdhA==
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=693440617384565&ev=PageView&dl=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save&rl=&if=false&ts=1631166243042&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1631166243041.2002290333&it=1631166242764&coo=false&tm=1&rqm=GET
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 09 Sep 2021 05:44:03 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
710 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BP2RJVQOIAS4I7M02R0G
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hallensteins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
956f5ce2.40a2a8ff
date
Thu, 09 Sep 2021 05:44:03 GMT
x-cache-remote
TCP_MISS from a23-44-4-119.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
166,104.126.37.174
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=11, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202109090544030102450491833610CFCC
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.44.4.119
x-tt-trace-host
01da5012d53a9319bad47042a47a0f7fcbfd2fc1f7e54bc1148eb499b2617dfa05ba24c4b276f4e27c8e65d322c41314bd7f39d99601a1fa14b9ed3ee0829608b74b87e09f9472a5da1fd763e4aa3ce98aaac143e4c7d078db1b7f249acd93067d0d46743c00cd54a1ccdc9f947512b407
expires
Thu, 09 Sep 2021 05:44:03 GMT
campaigns
webchannel-content.eservice.emarsys.net/customer/799606326/ 		10 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webchannel-content.eservice.emarsys.net/customer/799606326/campaigns?url=https:%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save&prev_url=&lang=en&ca=&uli=false
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.30.117.34.bc.googleusercontent.com
Software
/
Resource Hash
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hallensteins.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 05:44:03 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
x-frame-options
DENY
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection
1; mode=block
expires
0
/
recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25/ 		213 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25/?pv=48120973&f=f%3AWEBPERSONALIZATION%2Cl%3A50%2Co%3A0%7Cf%3AWP_NONCONTACT%2Cl%3A50%2Co%3A0&cv=1&ca=&cp=1&lang=en&vi=77DC53D984C371AE&fields=item%7Cc_campaign_id%7Cc_campaign_priority%7Cc_campaign_rank%7Cc_content_v3&t=92f3427bce3db0b19814144261b1e80b&ta=%7B%22name%22%3A%22localtime%22%2C%22attributes%22%3A%7B%22localtime%22%3A1631166243359%7D%7D&url=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.60.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-60-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5b326027becf6fb40d2538fbac2a9e0f921b853b55829690d5eda2192f79702a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 05:44:03 GMT
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Vary
Accept-Encoding, User-Agent
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.hallensteins.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
213
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=693440617384565&ev=Microdata&dl=https%3A%2F%2Fwww.hallensteins.com%2F%3Futm_source%3DSMS%26amp%3Butm_medium%3Dsept-2021%26amp%3Butm_campaign%3Dspend-save&rl=&if=false&ts=1631166243545&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%22%2C%22meta%3Adescription%22%3A%22Shop%20online%20at%20Hallenstein%20Brothers.%20New%20Zealand%27s%20home%20of%20menswear.%20Find%20the%20latest%20men%27s%20fashion%20trends%20in%20jeans%2C%20tees%2C%20t-shirts%2C%20and%20Tailoredwear.%20Afterpay%2C%20Laybuy%20%26%20Humm%20payment%20options%20available.%20Get%20Free%20Shipping%20on%20orders%20over%20%2460%20in%20New%20Zealand.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Men%27s%20Clothes%20Online%20%7C%20Hallenstein%20Brothers%20NZ%22%2C%22og%3Adescription%22%3A%22Shop%20online%20at%20Hallenstein%20Brothers.%20New%20Zealand%27s%20home%20of%20menswear.%20Find%20the%20latest%20men%27s%20fashion%20trends%20in%20jeans%2C%20tees%2C%20t-shirts%2C%20and%20Tailoredwear.%20Afterpay%2C%20Laybuy%20%26%20Humm%20payment%20options%20available.%20Get%20Free%20Shipping%20on%20orders%20over%20%2460%20in%20New%20Zealand.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hallensteins.com%2Fcontent%2Fimages%2Fog_image.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hallensteins.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1631166243041.2002290333&it=1631166242764&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.hallensteins.com
URL: https://www.hallensteins.com/?utm_source=SMS&amp;utm_medium=sept-2021&amp;utm_campaign=spend-save
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hallensteins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 05:44:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 09 Sep 2021 05:44:03 GMT

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| psdatalayer object| dataLayer object| DD_LOGS object| checkout string| jsonerror string| classname string| pagename string| baseurl object| candid object| _Keen function| Keen object| doc number| videoAutoPlay function| $ function| jQuery function| Vue object| Vuex object| enquire object| lazySizesConfig object| lazySizes function| EvEmitter function| imagesLoaded function| updatesizeguide object| core-vue-directives object| core-vue-components object| peppercontentjs object| tag object| firstScriptTag function| onYouTubeIframeAPIReady object| peppercheckout object| regeneratorRuntime object| vcCombobox object| globalMixin object| vcProductDropdownColour object| vcDropdown object| vcProductDropdownSize object| vcSlick object| GlobalEventBus object| vcSearchResult object| vcSearchInput object| ps object| promoStrip object| processed function| promoCountdown object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids function| hj object| _hjSettings object| _qevents object| emarsys object| ecom object| cartcontent string| ls_merchantid string| ls_itemglue object| la_attributes object| la_purchasedimensions boolean| lb_islive string| ls_weborderprefix undefined| item object| ScarabQueue undefined| itemName undefined| emarsys_purchase_command function| isTrue function| getObjectValues object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _scq object| _scwebpersonalization object| ScarabArrays object| ScarabUtil function| ScarabModule object| Scarab object| PushAlertCo object| pushalertbyiw function| UET function| UET_init function| UET_push object| uetq string| pubcidCookie string| TiktokAnalyticsObject object| ttq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| SENTRY_RELEASE function| WPSLogLevel function| TiktokJelly object| _jelly_sdks object| SCARAB_OK_ function| CommissionFactory

32 Cookies

Domain/Path Name / Value
recommender.scarabresearch.com/merchants/1AE20C822AC62EDF Name: s
Value: 6637D62680D8AF16
recommender-eu.scarabresearch.com/merchants/1C8043B0378A9A25 Name: s
Value: 7265D03DF3B912CB
.bit.ly/ Name: _bit
Value: l895I1-7ce6b5912f459706bd-00S
www.hallensteins.com/ Name: PHPSESSID
Value: e76e90e26142366ab4ab2fea15ffa4e9
www.hallensteins.com/ Name: pscartkey
Value: 92f3427bce3db0b19814144261b1e80b
www.hallensteins.com/ Name: bp_welcome
Value: 61399f21969e3
www.hallensteins.com/ Name: landedpage
Value: %2F
www.hallensteins.com/ Name: currentregion
Value: 17
www.hallensteins.com/ Name: csrftoken-ed6b967ce3
Value: 3c9c580c44eee6c77badc737c7c9b41a
.hallensteins.com/ Name: candid_userid
Value: 348c86be-a7af-4b31-9005-e4a3c9308eb3
.youtube.com/ Name: YSC
Value: 4_RiUF0irwA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4UMD3wlN5tM
.hallensteins.com/ Name: _gcl_au
Value: 1.1.1344708509.1631166243
.hallensteins.com/ Name: _dlt
Value: 1
.hallensteins.com/ Name: _ga
Value: GA1.2.643160782.1631166243
.hallensteins.com/ Name: _gid
Value: GA1.2.913657738.1631166243
.bing.com/ Name: MUID
Value: 04B0D7E3F6936C76024FC74EF7D66D94
.doubleclick.net/ Name: IDE
Value: AHWqTUl4Fd2k3QQ5n7K3QgoGnY9_xBmX8_pvOE_GzCZBRIZPu7liUlTzmCYv9ViMPxg
.hallensteins.com/ Name: _dc_gtm_UA-6541133-1
Value: 1
recommender.scarabresearch.com/ Name: cdv
Value: 77DC53D984C371AE
.hallensteins.com/ Name: _uetsid
Value: f04029e0113011eca437ed1c90d1f528
.hallensteins.com/ Name: _uetvid
Value: f0406340113011ecb5d483a5ec2fc5bd
.hallensteins.com/ Name: scarab.visitor
Value: %2277DC53D984C371AE%22
.hallensteins.com/ Name: _hjid
Value: 387e315b-e499-4f27-94a1-fc38018c9e33
.hallensteins.com/ Name: _hjFirstSeen
Value: 1
.hallensteins.com/ Name: _fbp
Value: fb.1.1631166243041.2002290333
www.hallensteins.com/ Name: _hjIncludedInSessionSample
Value: 0
.hallensteins.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
recommender-eu.scarabresearch.com/ Name: cdv
Value: 77DC53D984C371AE
www.hallensteins.com/ Name: _dd_s
Value: logs=1&id=ba67914c-9704-4830-98c5-a774f22e28da&created=1631166242507&expire=1631167143508
.quantserve.com/ Name: mc
Value: 61399f27-e219b-86a72-cb5b8
.hallensteins.com/ Name: __qca
Value: P0-1510543022-1631166242883

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10770498.fls.doubleclick.net
10770501.fls.doubleclick.net
8724567.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
analytics.tiktok.com
api.getcandid.com
bat.bing.com
bit.ly
candid-io.site44.com
cdn.pushalert.co
cdn.scarabresearch.com
cfjump.hallensteins.com.au
connect.facebook.net
content-getcandid.netdna-ssl.com
maxcdn.bootstrapcdn.com
p.typekit.net
pixel.quantserve.com
recommender-eu.scarabresearch.com
recommender.scarabresearch.com
rules.quantcount.com
script.hotjar.com
secure.quantserve.com
static.hotjar.com
static.scarabresearch.com
stats.g.doubleclick.net
t.cfjump.com
use.typekit.net
vars.hotjar.com
webchannel-content.eservice.emarsys.net
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hallensteins.com
www.youtube.com
104.109.64.186
104.126.37.178
104.18.11.207
13.224.217.212
13.224.225.100
13.224.225.115
13.224.225.42
13.224.225.65
13.224.225.79
13.224.225.84
142.250.180.14
142.250.180.4
142.250.200.46
151.101.114.132
151.139.237.160
151.139.245.9
172.217.169.66
172.217.169.72
18.157.63.213
185.60.218.24
185.60.218.35
204.79.197.200
216.58.212.198
216.58.212.234
23.32.238.192
3.211.18.187
34.117.30.199
40.82.218.196
52.57.60.131
64.233.166.154
67.199.248.10
91.228.74.134
94.31.29.128
0179b9328e11106aceea5972035e20ff0417a88f3e1c5d7c5f2fb719d2a1a088
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c0695ea311bcfd4557bf14830cfa8e5025f1e51700f3e7fcf97265a0ce0c76
06009f7eeb9f8524ea331e672cab99b44167badae53c6ac33aadc4d29b42b1e9
0f648e56cb856fc4168c85c0ed18417523fe87dd923d4708cdb1114b8defb8d6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15800534b81463417ec4f4292d0c1ccb7a31c3dd549e75948f31938baa1ab188
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18528d0b511e777346ea84e27ab52427091b56f52df6ce96028dc404593a799d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ddcb00787c2f4190c18e336255fbf628d0bc2a715b0714de5a451512720a99e
20514ad265ee5abb60cf8a9039f6852304264d25c8ec154a50fd4bf2f65ae32f
22ba7e618ed66aec977a8c983baf5e905c0910ec22c3e352241c3d2c31db88ad
237a2dc9f211a15d1ab64350b592da3f86a69e69103aad182b947944505de7fd
251d3356fd63a1395d963870890e7170f871d502bd4279d85d9cc71bbc8b159a
252db5ca3c86e63cca75583837273fc663e7a5dd8b130f23e78184663e34ea21
25c07f476b46d8cd9881341f65aadbb05b0ec83b1ad55dfc1a573165be1ed115
2fea746535da5c2b49962de51d3cc58076fc1b0b6b30fea75dbf23b799d5acdd
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
331f636d3a1e20fd5adc73e53abb839d5fff4ba8e5932b67bb320a6828213719
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3bf352f9fc3b7c2c78fbb464808eb45e34416edfab3c3ef22b6c37517d70682b
3c1b76cec679e849c947bd9ea85ed8a8d911eb6578989e7d9fed68a0b33ef1e1
44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07
4547c61a95494c7ef77a2d55047ec49bfa6d3c90bd6002cd7851bced8e6dd115
479a88b36a9e0fd38bdfd22e19701576cd6cb01f36a21ce9935ad6a2d746e620
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
56dc4c4ae3fbb32f792c424bad74b95f3ff0b4100778401303ecace1de61de4f
5805ce164c47e942df156a619dab2d1e99248d7797aca8d2ad6e93468916572d
597596d0c7eec4aa77fc4c84e278b9de7643ea0b3e2bf29255b5623bf86c9fbf
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b326027becf6fb40d2538fbac2a9e0f921b853b55829690d5eda2192f79702a
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5cc25820899efd29ac347321423be4f7d0f1a08a5424ee745cd9fab7684168d3
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6236373c3f69e0d0cff354dd8a7b4f96fc4b9f542b0c2c2a668acc8830054f0f
62d7bc5c73e98aa632102959d7542a4ac88b687fe4a58ee66af81fd4a30b0a5b
68feb7e27b5930a15b5523bdfe697322b10b27bf5c721dadf42a077197277e35
69885c352b73c062750dd828a00cb617eea070cd1053590cedd947a7b5d5b152
6a14645b125a6456184a0d31833d55ca3b8e70500c40b24fbda0ad031c8cf842
6bd24dd2eaeb72e59ad21d0604ec7810e2a61d267299cc606268897d8c5c42cd
6cc9016bb910517a41c6ccc36f8745a699a587adce4c1cb48c26f7007e4d027d
6d07f2bd9333a310ea876e4676048abd7ea845fa6181f3742603b8a2fe174b12
6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71adf7dbcd784d515dc6caa92557c398466670b0d9bc9b0e25bba0478d9ea6fa
77b49cb3f836bf6eae175661ca89bc6fecb86bf6e290cd22a3e142a1b35871f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a119b1ed3613700098cbfecb98055a9d5dc77fd1381e688d8859475517699dd
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b6255c8f48581b79ce9bf5c5fffda31769e49218247a7ee429666c6c31ab786
805c36b8be51e1792fa216a1c3c9034da25da902d53508d7debd009d60cdb377
817bcc64027a521696b606d3eb7f7468aaf217b559285b32f7ba83c1758050c1
818a58d8594d44b70cb3647aeaa92747aa31ed040b84f906b3b984cae42cfa9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854ddf677b7fa3abac41f23b223aecfc9a54ddf7fb065da918c8407688b9cda0
87376e11fa53930e64bb71db963c806ba207d45b5fe529d0fec90e19be5cedaf
8a464b12a5ea312f7a0edca50f5e51c77f9d34113fcebf7a0e716b7762317b12
8ebbe06db95056f5d9fbcf42d58b04263e413544360fa0f0bbd293122e11d973
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
99bcb7435ede1767da7cfece18829f6965d87268345d660060f5c17e63eb77d6
9a2b45862d3f643ab36ae5d23caeaac01093f5058cad1cf19de46e056da174d7
9e0d8486cdfb2885f393593b70893287e4486cccb6da10fcb6d17b2660610fc7
9e8ba8483ac5477427a38ff61e8f7260837fdb00f5b81d642b0181a5e32a7d81
9feffb6548a4376e7d9f87a05c1bf7555b4a47384a9b78f618a60825c70c62b6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a31198242402c51ca7411fe72e3b2cb71ed04df82c69538a64d8cd8d62dd6c27
a4923cf378888d8ac5b03d94c9bb3cd61d3a299bb2ab0cec1ce0bf174c28d839
b29ef11c14132a7dcc1bd0be024fdbf4075494a9cb7f19a4cf64b359d8d26cd7
b4d15260257dc403bcfe69544ec4e384406ad896dd0204007a8a097bc03eff8a
b568382d881699fdbebcaa0ce9f5b3bf62eceac86b9a03319fa96116863b64e2
bf114cd7fe5b2ca7fe0e4434ddb52bf75c0955ff3625ec749855938925c25c6d
c332b20131761788dc90a84ef0b7ab5572c691c92a2b47bb6ccb26cbb82578b0
c73ebbcd436cf420db05cc8a0bd0352ab94f8140b92821b7626186b177885073
c9abd840adfc01f6174b8f42f398099fed751f0db27a13549b466f93e25d7204
cacb3a82d62f2839f823edec560f3666dbcc255cbace56bd10d8458b4c76254f
ccbc44965eb8d4d13b71e66673016540d06686ec366a6f48b8116ad52abdaa2b
ccf8bd02bf166a5860c8a1043c8002a3c2616535da97e30b31f7fcd80cd17493
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d49d3dc921021d1c55cb5830e061b93aabd3b7a25f20d96bef0271e6f1c58ce0
d5094dd1c902e23973f750d98b13d9c53bfdbd8a5c0664bbb0aec703cc459850
d59f2aa9ec1859fd55b207dc1868e133d037f8e1954b60d1b49296bb51a17d02
d89afc68e39edd5a4609fadecb276acfa3efbb327d8cd59efea20bef3089183d
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
dce4dd92f69c9fb964bc8f5eb8d082aa9018083d7005325dd35da6f073f49e05
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e374085b30db7ef3a22b1d1977759bea29e17df6fc91dcc8a7c06ee515152892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edce1b919ae20aa8cc927cd1c7d55280bab15d34f6db2e40628aa8d507b8bb7d
ee014c446ea4163ce669e5c96d2661761dd4d86f6b320b8f37c39aaef218a21e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f78c6bec99f0754f04b98e4f8dae78dfcaed335735e27633336f92c594587997
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87b71af65cc15195ae7c084a52db3f419f9f09c001a5be4bb58bcae96cc5d74
f99901005c46d58704c42d90749a7651bbd4d5cefabcbcee2eaf7016762c0c0e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff37e550740ba950e857ac9f385d4e4aa54f6354e06db92d72e8c63869be4295