urlscan.io logo urlscan.io
SecurityTrails logo

www.bernstein.com Open in urlscan Pro
206.218.214.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bernstein.com/
Effective URL: https://www.bernstein.com/
Submission: On February 24 via manual from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 206.218.214.109, located in United States and belongs to ACML, US. The main domain is www.bernstein.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 8th 2020. Valid for: a year.
This is the only time www.bernstein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 206.218.214.109 13821 (ACML)
21 1
Apex Domain
Subdomains		 Transfer
22 bernstein.com
www.bernstein.com
738 KB
21 1
Domain Requested by
22 www.bernstein.com 1 redirects www.bernstein.com
21 1
Subject Issuer Validity Valid
*.bernstein.com
DigiCert SHA2 Secure Server CA		 2020-05-08 -
2021-05-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.bernstein.com/
Frame ID: A13F587D69775DF1211D331660BD617B
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.bernstein.com/ HTTP 302
    https://www.bernstein.com/ Page URL

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

738 kB
Transfer

1463 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bernstein.com/ HTTP 302
    https://www.bernstein.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.bernstein.com/
Redirect Chain
  • http://www.bernstein.com/
  • https://www.bernstein.com/
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
7a19cb0dadfd24d99bdf70bfd97b18f9bd6427798a9984a4eb929ed7a4489e4c
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Host
www.bernstein.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
Bernstein_SessionId=0xjdetwdbz4bpmb3u50kemva; path=/; secure; HttpOnly BernsteinDeviceID=b100947dbbf85c3af69c727e6dcfdd66fde55fbbf6cd8be99e0ca97793e0fe3df6b2d5906cf3038f2da79a04d05b746f; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
X-UA-Compatible
IE=Edge, Chrome=1
X-Frame-Options
Deny
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Referrer-Policy
origin
Access-Control-Allow-Origin
www.byallaccounts.net
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
Access-Control-Allow-Methods
GET,OPTIONS
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Date
Wed, 24 Feb 2021 10:54:32 GMT
Content-Length
5561

Redirect headers

Location
https://www.bernstein.com/
Connection
close
css
www.bernstein.com/bundles/ 		279 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
bb3d5c12206f1dc7af4a17239093e77088f7af3ee404a85f3a5251254b7480f1
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 24 Feb 2021 10:54:33 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
www.byallaccounts.net
Cache-Control
public
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
Expires
Thu, 24 Feb 2022 10:54:33 GMT
modernizr
www.bernstein.com/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Vary
Accept-Encoding
Content-Length
5229
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 24 Feb 2021 10:54:33 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
www.byallaccounts.net
Cache-Control
public
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
Expires
Thu, 24 Feb 2022 10:54:33 GMT
d-logo.png
www.bernstein.com/Bernstein/web/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/web/img/d-logo.png
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
08ab11b5caae72c079c26ccb067bbcb19c2f9226cd5ca0a7868636db4a9e7145
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
4714
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Fri, 16 Jan 2015 22:23:47 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"3fc3e118db31d01:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
m-logo.png
www.bernstein.com/Bernstein/web/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/web/img/m-logo.png
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
5fd864f5391e74f4bcb8aae60d8f6a60840ef1e62a1c44597804fc3616d6219e
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
2873
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Fri, 16 Jan 2015 22:21:54 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"8c588d5da31d01:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
b-hero-CShould-You-Invest-at-Market-Highs-blog.jpg
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/b-hero-CShould-You-Invest-at-Market-Highs-blog.jpg
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
d19f1ca57281118ffadb8a554799553f9730af82b34d03231385a172bafd6629
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
52109
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 26 Jan 2021 18:10:25 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"b5cb5385ef4d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
TBS_Sub_Article_Image.png
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/TBS_Sub_Article_Image.png
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
5821094649cc3894b60f623b5a82158df3eeca61fcba889ca073f6be1e6c2c81
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
5192
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 26 Jan 2021 18:09:28 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"499e7163ef4d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
b-hero-2021-Outlook-blog-450x115.jpg
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/b-hero-2021-Outlook-blog-450x115.jpg
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
e3eff92e67c5ed479ac788ca2febe0ce75b9d44fc58bc4b00d943818cc12d06a
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
40114
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 26 Jan 2021 18:09:54 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"d8327172ef4d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Wind-Power%20Resized-v1-450x115.jpg
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/Wind-Power%20Resized-v1-450x115.jpg
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
a04576db958c5b162c892e08610ceebdc8e5221702bfb716f46c88f0f6c7384a
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
27120
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 26 Jan 2021 18:09:54 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"35f6a72ef4d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
b-hero-What-to-know-before-you-IPO-450x115.jpg
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/b-hero-What-to-know-before-you-IPO-450x115.jpg
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
be69e1eec44c67932a39600154568d09a58ed52090af2b6e43d6c4072c353890
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
15604
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 26 Jan 2021 18:11:26 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"2616cea9ef4d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
COVID_SUB-450X115.jpg
www.bernstein.com/Bernstein/EN_US/Shared/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Shared/img/COVID_SUB-450X115.jpg
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
dd6f5e6c51ac27fca0c6b18dbd818c548d30057d61e040f7f3ed2d0413250887
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
16806
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 24 Jun 2020 15:11:01 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"3ce0edab394ad61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
450x115-iStock-1026061198.png
www.bernstein.com/Bernstein/EN_US/Research/Content/img/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/EN_US/Research/Content/img/450x115-iStock-1026061198.png
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
98ee5fdc00fd50b200110c4a8feab2eae40d501748188342b207db0e42a9a0e5
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
25441
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 05 May 2020 21:17:39 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"ac84749b2223d61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
requirejs
www.bernstein.com/bundles/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/bundles/requirejs?v=-yl4YsOutVsKFAdkFaOAZ1A6X93iR7zqt4EOCnFUqms1
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
cf3ee3428a32793f9217bc950f692d95920fbac266a9a9ac441480cf5da16fb0
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Vary
Accept-Encoding
Content-Length
7377
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 24 Feb 2021 10:54:33 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
www.byallaccounts.net
Cache-Control
public
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
Expires
Thu, 24 Feb 2022 10:54:33 GMT
KlavikaWebBasicRegular.woff
www.bernstein.com/Bernstein/web/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/Bernstein/web/fonts/KlavikaWebBasicRegular.woff
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
2d0dcc53bb9cdfba446fad6ca9e55c998d508305dc7d904a91bea16796652d67
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bernstein.com
Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Vary
Origin
Content-Length
36550
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 31 Oct 2017 22:50:29 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://www.bernstein.com, www.byallaccounts.net
ETag
"2c2e63a69a52d31:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
icon-s67b19d30db.png
www.bernstein.com/Bernstein/web/img/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/web/img/icon-s67b19d30db.png
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
06d26739d0b8e0cabe90f950419ea97edc625940fa1e88056b432b0476a86052
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
34854
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Thu, 06 Feb 2020 22:37:16 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"ed82d4fb3dddd51:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
KlavikaWebBasicBold.woff
www.bernstein.com/Bernstein/web/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/Bernstein/web/fonts/KlavikaWebBasicBold.woff
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
b64574cc5665a7294db06027fe0838c65b9fa64c2bea5d586880e2f484ed40fa
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bernstein.com
Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Vary
Origin
Content-Length
32374
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 31 Oct 2017 22:49:31 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://www.bernstein.com, www.byallaccounts.net
ETag
"17b8fb839a52d31:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
KlavikaWebBasicLight.woff
www.bernstein.com/Bernstein/web/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/Bernstein/web/fonts/KlavikaWebBasicLight.woff
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
9d605cbd2e9c25be52cf26aa1dd82bba6affbd0b88f9be7bfbaa1e796a58d24c
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bernstein.com
Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Vary
Origin
Content-Length
33181
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 31 Oct 2017 22:50:00 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://www.bernstein.com, www.byallaccounts.net
ETag
"5f3f47959a52d31:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
main
www.bernstein.com/bundles/ 		810 KB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/requirejs?v=-yl4YsOutVsKFAdkFaOAZ1A6X93iR7zqt4EOCnFUqms1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
67f11610f1e5592b58cf0628d5500b8b971c6e5e02e78c8ace4cf0c6285d2f16
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 24 Feb 2021 10:54:34 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
www.byallaccounts.net
Cache-Control
public
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
Expires
Thu, 24 Feb 2022 10:54:34 GMT
FaqContents.html
www.bernstein.com/bernstein/en_us/mybernstein/WealthHub/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/bernstein/en_us/mybernstein/WealthHub/FaqContents.html
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
6a34ba3346add11a7866ecad9f59c91bf259b6be22914034afac12d6f381c137
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.bernstein.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
1981
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Wed, 03 Feb 2021 16:15:15 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"8ef5fec147fad61:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
loading-progress.gif
www.bernstein.com/Bernstein/web/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bernstein.com/Bernstein/web/img/loading-progress.gif
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/css?v=jxh1cXfbU1VT2fFUWdbdqwg7zHrzTFLHpGbS0NDuj7A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
1acab88b41ecbb0357e429e6b26408e3ea1a2687c9dce42db7796813210dfc56
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bernstein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options
nosniff
Content-Length
7681
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
Last-Modified
Tue, 20 May 2014 16:04:16 GMT
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
www.byallaccounts.net
ETag
"003b264574cf1:0"
Accept-Ranges
bytes
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
gdpr.htm
www.bernstein.com/Bernstein/en_us/Home/ 		775 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bernstein.com/Bernstein/en_us/Home/gdpr.htm
Requested by
Host: www.bernstein.com
URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.218.214.109 , United States, ASN13821 (ACML, US),
Reverse DNS
Software
/
Resource Hash
0d78f09bb1e8512328551829f8458ee530adc981faadc8a0fa05bcf76a548f39
Security Headers
Name Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.bernstein.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
566
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge, Chrome=1
Referrer-Policy
origin
X-Frame-Options
Deny
Date
Wed, 24 Feb 2021 10:54:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
www.byallaccounts.net
Cache-Control
private
Access-Control-Allow-Headers
Cache-Control,Content-Type,Accept,Referer,User-Agent,Sec-Fetch-Dest
X-Content-Security-Policy
frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| requirejs function| require function| define boolean| isAuthenticated string| userType function| $ function| jQuery function| Hammer object| ParsleyConfig function| Inputmask function| log function| Raphael function| Color function| Chart object| icf

2 Cookies

Domain/Path Name / Value
www.bernstein.com/ Name: BernsteinDeviceID
Value: b100947dbbf85c3af69c727e6dcfdd66fde55fbbf6cd8be99e0ca97793e0fe3df6b2d5906cf3038f2da79a04d05b746f
www.bernstein.com/ Name: Bernstein_SessionId
Value: 0xjdetwdbz4bpmb3u50kemva

6 Console Messages

Source Level URL
Text
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
app [object Object]
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
icf is ready to go... [object Object]
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
[tooltip] init
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
[group-toggle] config
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
options [object Object]
console-api log URL: https://www.bernstein.com/bundles/main?v=dVEbRZOaUcMItiX0kYkZhfRs_ioOOuZZ37bmhILkLk41(Line 4)
Message:
isScrolltoElement:false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net https://players.brightcove.net https://html5-player.libsyn.com ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Security-Policy frame-src https://www.bernstein.com https://www.byallaccounts.net ;frame-ancestors https://www.bernstein.com https://www.byallaccounts.net
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.bernstein.com
206.218.214.109
06d26739d0b8e0cabe90f950419ea97edc625940fa1e88056b432b0476a86052
08ab11b5caae72c079c26ccb067bbcb19c2f9226cd5ca0a7868636db4a9e7145
0d78f09bb1e8512328551829f8458ee530adc981faadc8a0fa05bcf76a548f39
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
1acab88b41ecbb0357e429e6b26408e3ea1a2687c9dce42db7796813210dfc56
2d0dcc53bb9cdfba446fad6ca9e55c998d508305dc7d904a91bea16796652d67
5821094649cc3894b60f623b5a82158df3eeca61fcba889ca073f6be1e6c2c81
5fd864f5391e74f4bcb8aae60d8f6a60840ef1e62a1c44597804fc3616d6219e
67f11610f1e5592b58cf0628d5500b8b971c6e5e02e78c8ace4cf0c6285d2f16
6a34ba3346add11a7866ecad9f59c91bf259b6be22914034afac12d6f381c137
7a19cb0dadfd24d99bdf70bfd97b18f9bd6427798a9984a4eb929ed7a4489e4c
98ee5fdc00fd50b200110c4a8feab2eae40d501748188342b207db0e42a9a0e5
9d605cbd2e9c25be52cf26aa1dd82bba6affbd0b88f9be7bfbaa1e796a58d24c
a04576db958c5b162c892e08610ceebdc8e5221702bfb716f46c88f0f6c7384a
b64574cc5665a7294db06027fe0838c65b9fa64c2bea5d586880e2f484ed40fa
bb3d5c12206f1dc7af4a17239093e77088f7af3ee404a85f3a5251254b7480f1
be69e1eec44c67932a39600154568d09a58ed52090af2b6e43d6c4072c353890
cf3ee3428a32793f9217bc950f692d95920fbac266a9a9ac441480cf5da16fb0
d19f1ca57281118ffadb8a554799553f9730af82b34d03231385a172bafd6629
dd6f5e6c51ac27fca0c6b18dbd818c548d30057d61e040f7f3ed2d0413250887
e3eff92e67c5ed479ac788ca2febe0ce75b9d44fc58bc4b00d943818cc12d06a