halls.md Open in urlscan Pro
2606:4700:20::681a:d65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.205-251-145-39.cprapid.com/
Effective URL:
https://halls.md/
Submission: On October 26 via api (October 26th 2024, 2:06:20 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 70 HTTP transactions. The main IP is 2606:4700:20::681a:d65, located in United States and belongs to CLOUDFLARENET, US. The main domain is halls.md.
TLS certificate: Issued by WE1 on September 8th 2024. Valid for: 3 months.

This is the only time halls.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.251.145.39 205.251.145.39	11042 (NTHL) (NTHL)
17	2606:4700:20:... 2606:4700:20::681a:d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:3a00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
5	2600:9000:211... 2600:9000:211e:8400:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2600:9000:236... 2600:9000:236e:1c00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.173.205.104 18.173.205.104	16509 (AMAZON-02) (AMAZON-02)
70	16

1 205.251.145.39 (Houston, United States) 1 redirects

ASN11042 (NTHL, US)
PTR: server.halls.md

mail.205-251-145-39.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:d65 (United States)

ASN13335 (CLOUDFLARENET, US)

halls.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:81 (United States)

ASN13335 (CLOUDFLARENET, US)

static.moosefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.moosefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webmoose.moosefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:3a00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:211e:8400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:236e:1c00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.205.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-104.fra56.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4693 embed-ssl.wistia.com — Cisco Umbrella Rank: 8869 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 7763 distillery.wistia.com — Cisco Umbrella Rank: 7755	1 MB
17	halls.md halls.md	194 KB
8	moosefile.com static.moosefile.com images.moosefile.com webmoose.moosefile.com	136 KB
6	gstatic.com fonts.gstatic.com	183 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	84 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5097	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	98 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	cprapid.com 1 redirects mail.205-251-145-39.cprapid.com	387 B
70	11

	Domain	Requested by
17	halls.md	halls.md
13	fast.wistia.com	halls.md fast.wistia.com
6	fonts.gstatic.com	fonts.googleapis.com
5	pipedream.wistia.com	fast.wistia.com
5	embed-cloudfront.wistia.com	fast.wistia.com
4	distillery.wistia.com	fast.wistia.com
4	images.moosefile.com	halls.md
3	static.moosefile.com	halls.md
2	embed-ssl.wistia.com	halls.md
2	connect.facebook.net	halls.md connect.facebook.net
2	www.google-analytics.com	halls.md www.google-analytics.com
1	webmoose.moosefile.com	static.moosefile.com
1	www.facebook.com	connect.facebook.net
1	js.sentry-cdn.com	fast.wistia.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.googleapis.com	halls.md
1	mail.205-251-145-39.cprapid.com	1 redirects
70	18

This site contains links to these domains. Also see Links.

Domain
wistia.com
breast-cancer.ca
talkingmoose.ca
www.facebook.com

Subject Issuer	Validity	Valid
halls.md WE1	`2024-09-08` - `2024-12-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
moosefile.com WE1	`2024-09-10` - `2024-12-09`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-04` - `2024-11-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M02	`2024-08-13` - `2025-09-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://halls.md/
Frame ID: 7E6657846EF1F044016666AA9083E8DC
Requests: 70 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=238415116352951&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df57739f7dadfbd272%26domain%3Dhalls.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhalls.md%252Ff614bf2800e0d85e8%26relation%3Dparent.parent&container_width=880&href=https%3A%2F%2Fhalls.md%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: B021C840B5122E30C431DD11720CFF3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Moose and Doc – halls.md

Page URL History Show full URLs

https://mail.205-251-145-39.cprapid.com/ HTTP 301
https://halls.md/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

88 %
IPv6

11
Domains

18
Subdomains

16
IPs

2
Countries

2086 kB
Transfer

4186 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wistia.com/?utm_type=player&utm_campaign=wistia-branding&utm_medium=referral&utm_source=wistia&about=388473

Search URL Search Domain Scan URL

URL: https://breast-cancer.ca/
Title: Breast Cancer Information

Search URL Search Domain Scan URL

URL: https://talkingmoose.ca/
Title: Talking Moose

Search URL Search Domain Scan URL

URL: https://talkingmoose.ca/3d-anti-anxiety-ui
Title: User Interface options

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/WaitingForMoose/
Title: Waiting for Moose

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.205-251-145-39.cprapid.com/ HTTP 301
https://halls.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
halls.md/
Redirect Chain

https://mail.205-251-145-39.cprapid.com/
https://halls.md/

41 KB
11 KB

664ms
619ms

Document
text/html

2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6503d8a404c814589b43b7e9c372e4de3cbd7e556ce781cc5379a6c478840a98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8d8b014ddda937d7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 14:06:07 GMT
link: <https://halls.md/wp-json/>; rel="https://api.w.org/", <https://halls.md/wp-json/wp/v2/pages/1669>; rel="alternate"; type="application/json", <https://halls.md/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHDAfMaO2tsg314OeC6nYYiSub832N2sXgbeNSWXv5JcMYysmkTsWpLgRZL8ps0dp9tkm4vjCLFOZkJx0V4VNGfZj1s990MvsYSUEbcF1TnslAhWdxvV%2F6LLb6kR0uYs4xSsH3Q1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Oct 2024 14:06:06 GMT
Keep-Alive: timeout=5, max=100
Location: https://halls.md/
Server: Apache
Vary: User-Agent
X-Redirect-By: WordPress

GET
H2 200 dynamik-min.css
halls.md/wp-content/uploads/dynamik-gen/theme/ 54 KB
9 KB 387ms
385ms Stylesheet
text/css 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-content/uploads/dynamik-gen/theme/dynamik-min.css?ver=1713022036
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212932cf173214b255255d707de482d7d316b18cdde7b3768153ec6b8e7558af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrqBSti%2FeQ0NgOrXlbkrwaT%2FNuomG8u%2BEfaaldevrbz84vJihNm6g%2BAVEzz5OrcskawAD6zuLhqzOhpAtCq%2BE6BvFOz2plvuxPk9Dx74vaL2osrWYKCXLH5SEVJ3lj0NE1daiUQQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218f637d7-FRA
accept-ranges: bytes
content-length: 9033
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/css
last-modified: Sat, 13 Apr 2024 15:27:16 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 style.min.css
halls.md/wp-includes/css/dist/block-library/ 111 KB
15 KB 391ms
389ms Stylesheet
text/css 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUI6djPbqhd3cOeM0HwqXJYx%2FsvZrsAEFomoEPYZq68D3TwGNcoGjNypkkmc5W3Uwg66Cvq60id175FSw9PvDldKiNE%2BC4OgcFgh29MSTGyzfzo4bmdxhg%2BEROKw2r3ZW6OQODpK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218f737d7-FRA
accept-ranges: bytes
content-length: 14991
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 23:28:03 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 167ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a82dae239730246d43e8b6138e41e3ed8c42c4076836b0e5843bd2a1e1b9cafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 14:06:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 14:06:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 14:06:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 styles.min.css
static.moosefile.com/css/ 21 KB
4 KB 197ms
23ms Stylesheet
text/css 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.moosefile.com/css/styles.min.css
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d922ad24f17cec1dbae60679aab6f9d116479a765cf94e66d853d4177fbca47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"d9929dd369590ad619ebc365cae0794b"
age: 1369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7j13qYukiNlU21aoUr282HkHISGsheuhDFar1rXQtdSGvw24qDri5LPWA9faCM6UNvhKBDEHM21o%2FRV8olVgrtSDbx6CZg7VKO2CV%2BxCO3klQ%2FJxcMxckkuV2bPe9opwfdtKP%2BMEAs3yn7vsYJ%2B5rElw"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: H3V72SK0AN1YC8MC
cf-ray: 8d8b01532f764d6d-FRA
date: Sat, 26 Oct 2024 14:06:07 GMT
content-type: text/css
last-modified: Mon, 10 Sep 2018 05:11:56 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: tFksHLKJX0V/14hdLTTkec/Eox78xDuZ7gMm0E/Z47UQxkGJsuj8V7r20zUN2SWPJlJWJxQUWuk=

GET
H2 200 jquery.min.js Show response
halls.md/wp-includes/js/jquery/ 86 KB
30 KB 386ms
385ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRASFypgPTZ1QMkkR7TjY6UuzEFxEYUUgQvYWN42zRZ7ZV%2BKaNGRJByYyLcrbL6dPcXTAg5HuaBnL%2B%2FukM3RVGuH6bcuNX4ygx0vbrZpcFwUAeiGyYSvzZl2uxCqt5%2BpyUW8QnvD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218f937d7-FRA
accept-ranges: bytes
content-length: 30368
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/javascript
last-modified: Mon, 29 Apr 2024 23:28:03 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 jquery-migrate.min.js Show response
halls.md/wp-includes/js/jquery/ 13 KB
5 KB 386ms
385ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UwNrCX2nNrRzo0k4E9gtXLVVxEnHUq9ejlTU5ffVpNQC2uSVlr8UDOplqHgFzaWMPFeuikCx2SIQNJZWXZHDj6Gkhpr8zVYqeTifOvCqCPm7HBL4ULHwy%2FEUKrqdNgZuQLrc651B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218fa37d7-FRA
accept-ranges: bytes
content-length: 4872
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/javascript
last-modified: Mon, 29 Apr 2024 23:28:03 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 HallsMD.png
halls.md/wp-content/uploads/2014/10/ 52 KB
52 KB 378ms
377ms Image
image/png 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halls.md/wp-content/uploads/2014/10/HallsMD.png
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b593da401178486825e25618069d86fd8e525d9e7ac569fbfbcf0b395e584eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWsxkgr6FaDql0UhhPkbluIve71L6iKV1RL%2BgYz5DPoKCywNS%2Ba%2BIAI7nbjBXCigxzluCXit%2FmjfyTiDc7%2BYUQUbx%2Fc7jSVUF9GC%2FYV7IZrYmxkxYTcEX7Tx%2Br0YB3kZHPTYIA%2BE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218fb37d7-FRA
accept-ranges: bytes
content-length: 53082
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: image/png
last-modified: Tue, 14 Oct 2014 03:30:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 HallsMd2.png
halls.md/wp-content/uploads/2014/10/ 37 KB
37 KB 377ms
377ms Image
image/png 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halls.md/wp-content/uploads/2014/10/HallsMd2.png
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b8fa76d03005a5c8f980eda2c5b2107bf23181ca3564c21bf636b68f319416

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0urNZA8fPAJw%2FTZUITNaG0rlrqwhVxSoq4KEpEPopNWAo1sUPGRvd1eT8ecHpwdz%2FDXheKc2LNjwceo1UA4UijDIu7%2BraKOeev8osv8bE8c7qOo5dpO5S%2Fka1v2Lqw3dXPrNI2wi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b015218fc37d7-FRA
accept-ranges: bytes
content-length: 37564
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: image/png
last-modified: Tue, 14 Oct 2014 03:32:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bz7ba75gw7.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 69ms
15ms Script
application/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/bz7ba75gw7.jsonp

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

aad78fdbfb92d2bf529020ab7bfe01bc9592930e33b69eacabeff6dedd013572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-request-id: 9eccc361-7695-452a-8fe8-088b4da48cac
content-encoding: br
etag: W/"aad78fdbfb92d2bf529020ab7bfe01bc"
age: 155200
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: hAdfkt-taYaAUYS2WjfBOYl7X40v1rWpaEUNOiapPPvyE8RsSYDQSA==
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kjyo7100177-IAD, cache-fra-etou8220101-FRA
x-runtime: 0.048181
x-cache-hits: 39, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 50
x-timer: S1729951568.279236,VS0,VE2
via: 1.1 b530298a539e971cee361eb408cead3a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1626
x-amz-cf-pop: IAD61-P4
server: envoy

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 837 KB
143 KB 70ms
17ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39264dd4572bc098ef6415aca7479136121b3c889da2c9ce1d508c32a2deaa37

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: br
etag: "c4957fe547cd9b7b7ad8d4f39931b45b"
age: 535
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-etou8220101-FRA
x-cache-hits: 32, 29
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951568.284343,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 145736
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 content-filler.png
halls.md/wp-content/themes/dynamik-gen/images/ 97 B
458 B 377ms
376ms Image
image/png 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halls.md/wp-content/themes/dynamik-gen/images/content-filler.png
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b360e5899c2f4118cd2ed6e1107e8300788233e600e218567a05b435f4b9920

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdbYS9HfxwHdIxHUu51k5%2B8Vc1Zl5sCjJ6PMdaXQX2D8ajRWYDKzqyZ1J%2FjDg4RyryKSIf6A2kfyDdHUJLv%2B5zdQqxwNogOgj8GlvzZPGn53ZKYgKWiyz5lhv8V8%2F3ryjMHWp6oz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b01547b2037d7-FRA
accept-ranges: bytes
content-length: 97
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: image/png
last-modified: Sat, 13 Apr 2024 15:27:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 email-decode.min.js Show response
halls.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halls.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67180f7e-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4KLQWW9XlombDFyRmCE1j7BCmzza0RkNN0Bqih25gIxGZF%2BKIEjEHvYAmIgZ01WJkvk5jQ7I%2FlYmGT3VnYnR24ndtDjitwRTB1EBvWmaEnxz4CDAG1ApoQCkXEGgs4gz1JIa%2FLH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d8b01549b3737d7-FRA
expires: Mon, 28 Oct 2024 14:06:08 GMT
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 20:47:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 comment-reply.min.js Show response
halls.md/wp-includes/js/ 3 KB
2 KB 1196ms
1195ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-includes/js/comment-reply.min.js?ver=6.5.5
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QU1Nn3fz%2F%2FaFXP4v%2FQ1JiAqTdFYWJsl7QPN%2B%2FD4yeLdqOAcquCqa7fmCZCxIKa%2FCh9%2ForpTRip4fvt1wDwXK7hZgxpkGCb1X7y5urb%2F5mVqWbcoj2IM5OfFiBQAgtuO6vnPQXDrm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b01556c0337d7-FRA
accept-ranges: bytes
content-length: 1351
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: text/javascript
last-modified: Mon, 12 Dec 2022 00:29:46 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 responsive.js Show response
halls.md/wp-content/themes/dynamik-gen/lib/js/ 1 KB
803 B 1314ms
1314ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-content/themes/dynamik-gen/lib/js/responsive.js?ver=2.6.9.93
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b7d0a39ca318d3b1ee97d77dd1e46ba6b8d498984fee067b10be335cf74c71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BzY%2FHjWwTpJ9VAA5Q7z9LqD49tumy2tLJU71IqHA7it9jvAa%2BiQ3QBU5QPhBMQxD%2Fv6KlxUy0pTMv4AUKWva8QgFfQWvARt2NFIb1EPyCq98BMCLAxQ%2B5rnwUicJjzwj1tnpdFH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b0154ab5437d7-FRA
accept-ranges: bytes
content-length: 460
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: text/javascript
last-modified: Sat, 13 Apr 2024 15:27:13 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 custom-scripts.js Show response
halls.md/wp-content/uploads/dynamik-gen/theme/ 438 B
591 B 2196ms
2194ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-content/uploads/dynamik-gen/theme/custom-scripts.js?ver=1713022036
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49ec2daac9898a2a368deb649c9e8eaf2f7a9e64866110c50ae1dfcad0f534f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzeUp79sjHHJavpz9iyFQZDwC8fX7z0x%2FDHUuqYerpYGU%2B4cXFW%2FdzbRAt36L%2BqPVgOKhHVCGDc2bQm91YQFGEvDucd%2BxBvFoXhzU7wcB%2FO17%2FAh7WVfwoT90I1RcYt%2BrGXrRSZa"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b01556c0237d7-FRA
accept-ranges: bytes
content-length: 261
date: Sat, 26 Oct 2024 14:06:10 GMT
content-type: text/javascript
last-modified: Sat, 13 Apr 2024 15:27:16 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 MooseChat.min.js Show response
static.moosefile.com/scripts/ 17 KB
6 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.moosefile.com/scripts/MooseChat.min.js
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f982d46d6e7b82a1d01371382f96e764ec08f13934993738c3a374b842c8b371

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"242c909c117180793c1ee633afc67498"
age: 1370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bw%2BKT%2Bh1gmXgwdVRYZ%2Fh87T3kiZjz6LZuegU0NlKWeQHdqTA0CVQ0eqYIbkZdJ7lXroZTeEI%2BeStayef%2B4wrrZzay6q8Sb%2Bw9KEOWG7Vxti%2Fg2DKU6HmNjDNd6%2Fd6t2VOdEJCIVo0K1C8uxQH1Oo8WMD"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: KE92FMYMQJ608BVA
cf-ray: 8d8b015569cf4d6d-FRA
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/javascript
last-modified: Mon, 10 Sep 2018 05:06:36 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: t4/EKFJlxwGPsuZvNctyB+H6ee2K0SXVdRfr8z9QXRsd7OjFZxnKWSk4bmYAK7u+JxoIymDL5Ow=

GET
H2 200 WebMoose.min.js Show response
static.moosefile.com/scripts/ 8 KB
3 KB 21ms
19ms Script
application/javascript 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.moosefile.com/scripts/WebMoose.min.js
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d38d19780bb4501eb45588cbc4c8cdb9a7e27c58ecd57eff25e7963ca626ce3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"c8c14810f38475e80a3660456b00bdad"
age: 1370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6H9j9LLEbv%2Bqu%2BiiSgYFEnXzRdrT6ygEYoqdMu697LiMwP66d3OvtniQ2nN1KeGIofo7suRPWH6wPAgg8yi%2FxErWJWCd%2FD7DX7sZc3oRM9Ef9IkTfjcLxsN5GVFfOuZEKX%2FSPCVJNu%2FQPxIIb57JVTL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 26ARKYDCVMWF9NGH
cf-ray: 8d8b015569d14d6d-FRA
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/javascript
last-modified: Mon, 10 Sep 2018 04:59:13 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: LrC8ToqEk7dbYvTZjY98Jgi7khBGMhxUI4ZqsBJ4Q6wTj0T1GM/dVIbN5IAVOcyRv36n1K1/IRc=

GET a32242fe-f4b6-4ada-8692-3985b24045bf
https://halls.md/ Frame 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: gzip
age: 2393
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 43ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: halls.md
URL: https://halls.md/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

604690d069bc9a268e583849821dc286c014202acca82c33ba43d14ea30d106c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-md5: 58P+Rg++IPhN43oDoBSsuA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "21b5ecb513ac3434554b6d1c2acdcef4"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 14:16:25 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 7ebcdd24217862e0d26b54566bf276f8
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4439, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: M6fUp2jz1OcWstmpNnxHpNwlJ/kicL4I69q0FGJ5KTmms7yhY1DbxxG1iydMraxKYfSmmMLpTA43HBn6iSB2Pg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H3 200 -F6xfjBsISg9aMakPm3wow.woff2
fonts.gstatic.com/s/handlee/v18/ 16 KB
16 KB 52ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/handlee/v18/-F6xfjBsISg9aMakPm3wow.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3807ea30015f5082c0a3e2b7803885310db888be091dbc86fecb1ca67f3c622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 409567
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 20:20:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 20:20:01 GMT
last-modified: Thu, 24 Aug 2023 21:11:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16148
x-xss-protection: 0
server: sffe

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 45ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 336989
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:29:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:29:39 GMT
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45300
x-xss-protection: 0
server: sffe

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 52ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 407827
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 20:49:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 20:49:01 GMT
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47048
x-xss-protection: 0
server: sffe

GET
H3 200 KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
fonts.gstatic.com/s/architectsdaughter/v18/ 13 KB
13 KB 50ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 337624
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:19:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:19:04 GMT
last-modified: Tue, 19 Apr 2022 19:51:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13156
x-xss-protection: 0
server: sffe

GET
H3 200 1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfIA.woff2
fonts.gstatic.com/s/raleway/v34/ 23 KB
23 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfIA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4417b0caf8ea5f30be33c9b91014cde2749ae07fa5110925802a01d1b0116e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 397132
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 23:47:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 23:47:16 GMT
last-modified: Wed, 01 May 2024 20:31:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23044
x-xss-protection: 0
server: sffe

GET
H3 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 42 KB
42 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://fonts.googleapis.com/

Response headers

age: 337561
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:20:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:20:07 GMT
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42500
x-xss-protection: 0
server: sffe

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 28ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7732155dca86ce2a82ae45d1a6fcc4f5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0155cbb18c6fa4bcc8ea54018489864b69cb63f651573ac2bdfe003247390a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://halls.md/

Response headers

content-md5: 1+kVMpFahAHF9/jWQcvxgA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "041a8da44aafb6f4141cd5a7a3ea7c54"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 12:21:43 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: aa56c9e35ae5970c1815fce4ec603af8
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug: jtGmUtU6/EeU2z5ByLo3dcMSu5RUMOJKyCjodfS/evNBlA+xDa8GaJCvXg//W8QN6S/tdBynOMR3qC5m5QAUEw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 84058
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
429 B 19ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1285333682&t=pageview&_s=1&dl=https%3A%2F%2Fhalls.md%2F&ul=de-de&de=UTF-8&dt=Moose%20and%20Doc%20%E2%80%93%20halls.md&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1960077030&gjid=1862839470&cid=1455502726.1729951568&tid=UA-51423016-1&_gid=1127432469.1729951568&_r=1&_slc=1&z=762066958

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

25d61f12bc5cf5839f75fa28535b0cf4701a8ca9130329e7ce1ed37e65e74f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halls.md/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://halls.md
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
98 KB 60ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T3CYF11C7E&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9509879a53ab456f0fa5d5d28b72834cf83e296ccc27b35969f7a3ce82a00aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 14:06:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99720
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ghtvnyal3b.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 44ms
8ms Fetch
application/json 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ghtvnyal3b.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ebae53ccc5487e6f90912cd493235228920f3a4ce57dd9e5b51b790a5ffb71d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-request-id: 8419249a-8694-422a-8233-91cc9f33fb82
content-encoding: br
etag: W/"ebae53ccc5487e6f90912cd493235228"
age: 72383
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: WyfzLzVngvNczCyYU2xLtItwQp0ixgvYc-5TDMcoUPnE9mBD4MlyAg==
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kjyo7100169-IAD, cache-fra-etou8220132-FRA
x-runtime: 0.052360
x-cache-hits: 70, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 54
x-timer: S1729951569.616522,VS0,VE1
via: 1.1 7b202b0b95f342da5624fd62f00b9014.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1473
x-amz-cf-pop: MIA3-C4
server: envoy

GET
H2 200 share-v2.js Show response
fast.wistia.com/assets/external/ 76 KB
21 KB 9ms
8ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/share-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

84a8cb0eae625371c509a5a192918a13290755d786a6eaff9a84783c8b9439ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: br
etag: "b1685eff27a4c47771e600f82b81694f"
age: 971
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kjyo7100166-IAD, cache-fra-etou8220101-FRA
x-cache-hits: 49, 4
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951569.600370,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20852
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 40ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T3CYF11C7E&gtm=45je4ao0v9135403408za200&_p=1729951568398&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&ul=de-de&sr=1600x1200&cid=1455502726.1729951568&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhalls.md%2F&dt=Moose%20and%20Doc%20%E2%80%93%20halls.md&sid=1729951568&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2298
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3CYF11C7E&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://halls.md
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 zuzsx1rljr.json Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 13ms
11ms Fetch
application/json 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/zuzsx1rljr.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7e579aabdbe47d6a8eec8bd87020e33fabd5349dfdb91e0a11ce7c487e1d5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-request-id: e35c2919-70a8-4d0f-90aa-53e6a1d1402d
content-encoding: br
etag: W/"7e579aabdbe47d6a8eec8bd87020e33f"
age: 72383
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: 7FIDaGHdnwh1ybb7XFCb1nU0CyoI274TrWSgaPgHD46Uro0U_PYT1w==
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-etou8220132-FRA
x-runtime: 0.051369
x-cache-hits: 85, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 53
x-timer: S1729951569.628266,VS0,VE2
via: 1.1 7188701415bacec1212330181f9c1646.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1237
x-amz-cf-pop: IAD61-P4
server: envoy

GET
H2 200 wistiaLogo.js Show response
fast.wistia.com/assets/external/ 70 KB
19 KB 8ms
7ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistiaLogo.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b7f5f1dba659030a84f1b7e7dcae664f0e795f9d7b3f7992a341821c8b7a5f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

content-encoding: br
etag: "ddb9e66ab94d5c367ff28143396ed42e"
age: 1317
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Thu, 24 Oct 2024 19:56:31 GMT
x-served-by: cache-iad-kjyo7100092-IAD, cache-fra-etou8220101-FRA
x-cache-hits: 16, 4
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951569.628123,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18774
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 9d58f261cca0dc4874d3b33e9326ab47c5ca6021.webp
embed-ssl.wistia.com/deliveries/ 71 KB
72 KB 548ms
473ms Image
image/webp 2600:9000:211e:3a00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/9d58f261cca0dc4874d3b33e9326ab47c5ca6021.webp?image_crop_resized=1280x720
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: addc32bdae67f7e0986e55f9d94269056d8d39f0e47a6902ddfe8b4416b1ce2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

surrogate-key: 9d58f261cca0dc4874d3b33e9326ab47c5ca6021 thumbnail-delivery
etag: WraUh9RjJQQ-vGmNSSDkS6DgUUI=
access-control-request-method: *
x-cache: Miss from cloudfront
x-amz-cf-id: u9WYsiQLYqPlMtoTVwYABR4h11Fb1ARdP0Cn1cXZUIjDkBP1R9ILNQ==
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: image/webp
content-disposition: inline
vary: Origin
last-modified: Mon, 23 May 2016 04:39:27 UTC
edge-cache-tag: 9d58f261cca0dc4874d3b33e9326ab47c5ca6021
cache-control: max-age=31536000
x-envoy-upstream-service-time: 367
x-cdn: cloudfront
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
accept-ranges: none
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 a3e5aed7ad2a1004d36fbf225133c902371161ae.webp
embed-ssl.wistia.com/deliveries/ 150 KB
151 KB 515ms
504ms Image
image/webp 2600:9000:211e:3a00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/a3e5aed7ad2a1004d36fbf225133c902371161ae.webp?image_crop_resized=1920x1080
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: cd83a3d925845397cef46d7ed432bdc6c5c2ff48ae9cb0c291443629eccabf30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

surrogate-key: a3e5aed7ad2a1004d36fbf225133c902371161ae thumbnail-delivery
etag: tmJdhyeGuEZHBQ9XtC-lZpdRhW8=
access-control-request-method: *
x-cache: Miss from cloudfront
x-amz-cf-id: 7OR07GVLi6APrA7vZXC5fqIK-tM6BgbdgWtdGKZQ5MN3miWSUN1ybQ==
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: image/webp
content-disposition: inline
vary: Origin
last-modified: Thu, 29 Sep 2016 18:38:09 UTC
edge-cache-tag: a3e5aed7ad2a1004d36fbf225133c902371161ae
cache-control: max-age=31536000
x-envoy-upstream-service-time: 398
x-cdn: cloudfront
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
accept-ranges: none
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 520 KB
128 KB 8ms
7ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

345243e199b620db57c4b3dfb7f5641b4117aafa312841b28ac69e0e392d4252

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer

Response headers

content-encoding: br
etag: "8861e1fe1ffff4bcdfa99349a7cc69a6"
age: 771
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kcgs7200143-IAD, cache-fra-etou8220132-FRA
x-cache-hits: 34, 7
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951569.821916,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130845
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 8ms
8ms Image
image/gif 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://halls.md/

Response headers

etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
age: 490
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:08 GMT
last-modified: Wed, 10 May 2023 19:48:54 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-fra-etou8220132-FRA
x-cache-hits: 6591316, 9
content-type: image/gif
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951569.892715,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1214
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bz7ba75gw7.m3u8 Show response
fast.wistia.com/embed/medias/ 930 B
1 KB 8ms
8ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/bz7ba75gw7.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

42d2dc30429d30ed7c2c1eb927c5d24d7f7b3322169943107e4d88298371a8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-request-id: 90729034-9182-4792-8f45-f568abd2e636
etag: W/"42d2dc30429d30ed7c2c1eb927c5d24d"
age: 159389
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: AjrodX_g8N7aTqsKVISAXfo9x-XvLBPS-CLqCcmi30aZqYqzPjP6aQ==
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: application/x-mpegURL
x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-etou8220132-FRA
x-runtime: 0.041682
x-cache-hits: 86, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 43
x-timer: S1729951569.898881,VS0,VE1
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 930
x-amz-cf-pop: IAD61-P1
server: envoy

GET
H2 200 a3591ba5e949a37083cc6f5a4191e903.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 31ms
8ms Script
text/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

362392fc54b3bd30058cd9d2dea9321e8a3a51a955267416558005295241ff86

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; style-src * 'unsafe-inline'; media-src ; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src data:; object-src 'none'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; base-uri 'none'; frame-ancestors 'self' .sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; img-src blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4fa83a04a79526f52c70b6a9a1a90534db4a724f
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer: https://halls.md/

Response headers

content-encoding: gzip
age: 31
x-envoy-attempt-count: 1
x-content-type-options: nosniff
date: Sat, 26 Oct 2024 14:06:08 GMT
content-type: text/javascript
x-served-by: getsentry-web-default-common-production-7546bd96bd-76mbd, cache-chi-klot8100079-CHI, cache-fra-etou8220152-FRA
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: worker-src blob:; style-src * 'unsafe-inline'; media-src *; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; object-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; base-uri 'none'; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4fa83a04a79526f52c70b6a9a1a90534db4a724f
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin: *
x-envoy-upstream-service-time: 15
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1331
x-xss-protection: 1; mode=block

GET
H2 200 72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 400 B
980 B 38ms
10ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:8400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 5153277d37f4c160d66032d4faaf66f280db309bea18e024d6b8142337934cba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
surrogate-key: 72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
age: 72386
expires: Sat, 25 Oct 2025 17:59:42 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: YLKLeV_8fsiIl0BRznuPBd4xtH8qOHnAsbkjBgfDf-R75aGA6x0jjw==
date: Fri, 25 Oct 2024 17:59:42 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
cache-control: max-age=31536000
x-envoy-upstream-service-time: 215
x-cdn: cloudfront
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 400
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8/ 453 KB
454 KB 12ms
11ms XHR
video/mp2t 2600:9000:211e:8400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b27732a2cd61087036bb6fa7c503c939050f1aebca844e25ffec8c13c0e63e76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
surrogate-key: 72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
age: 72386
expires: Sat, 25 Oct 2025 17:59:42 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: tCd5YDBLLKuc3l6kFRhhieeDY2OGBKD6yLgwjaPQvE7fKb68uWJ39g==
date: Fri, 25 Oct 2024 17:59:42 GMT
content-type: video/MP2T
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
cache-control: max-age=31536000
x-envoy-upstream-service-time: 69
x-cdn: cloudfront
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 463608
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 be22163b81137b4f828fefcea642c1c1d88088d0.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 400 B
974 B 310ms
309ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:8400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 59c98d63d56659bea8cde7868386e5f322422fcbbcc37efdb8e21ae6394d7caa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
surrogate-key: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
expires: Sun, 26 Oct 2025 14:06:09 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: XEZZ_3U4kbDRy_tgICD_X8IZkIsJ_T4Kx3no5IOau9n6T34t4ydIVw==
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
cache-control: max-age=31536000
x-envoy-upstream-service-time: 204
x-cdn: cloudfront
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 400
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/ 159 KB
160 KB 181ms
180ms XHR
video/mp2t 2600:9000:211e:8400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 0e2990e9b7c316e6320430f04ebe1c9e328b39fc7ea077f489b312042161ab94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
surrogate-key: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
expires: Sun, 26 Oct 2025 14:06:09 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: xoosoF88Kw7cOg_z4IwROyXd0aWcMTyEQjiIYeVVzibI6N7Q2190qg==
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: video/MP2T
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
cache-control: max-age=31536000
x-envoy-upstream-service-time: 77
x-cdn: cloudfront
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162808
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/ 144 KB
145 KB 318ms
318ms XHR
video/mp2t 2600:9000:211e:8400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8fc31ca9bb47939c67a5974c5c9ec1736320cdaf89818cd1cea6599941c94761

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
surrogate-key: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
expires: Sun, 26 Oct 2025 14:06:09 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: RRzS4gZ1xj0qgbJbW8Dlop1AyOv1BqbBKt630gZrW-B7qW5NMW_i6Q==
date: Sat, 26 Oct 2024 14:06:09 GMT
content-type: video/MP2T
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
cache-control: max-age=31536000
x-envoy-upstream-service-time: 75
x-cdn: cloudfront
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 147768
x-amz-cf-pop: FRA56-C2
server: envoy

GET
H2 200 wp-emoji-release.min.js Show response
halls.md/wp-includes/js/ 18 KB
5 KB 399ms
378ms Script
text/javascript 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N78yiREq1K1DnNE%2BK133lGZdypJK%2FLcNGrv4hEPan9RXQB3Wi%2FsnyX4FLmeSsVHvfrog2hA5WxjZUOn0pJ9POvVrvv0zCIUanZ7zKOoY4eF%2B4kwxzIO45mIFuAIvPGycM%2Bv37BPI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b0163482c37d7-FRA
accept-ranges: bytes
content-length: 5062
date: Sat, 26 Oct 2024 14:06:10 GMT
content-type: text/javascript
last-modified: Mon, 29 Apr 2024 23:28:03 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 like.php
www.facebook.com/v2.7/plugins/ Frame B021 0
0 51ms
28ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=238415116352951&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df57739f7dadfbd272%26domain%3Dhalls.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhalls.md%252Ff614bf2800e0d85e8%26relation%3Dparent.parent&container_width=880&href=https%3A%2F%2Fhalls.md%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7732155dca86ce2a82ae45d1a6fcc4f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halls.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Oct 2024 14:06:10 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430085418645619885"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430085418645619885"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2909, tp=-1, tpl=-1, uplat=21, ullat=0
x-fb-debug: bz6Tx45Wyyx1WssyQTfUwtI+Cen+nLWpgtxfZkPWXFcvK8eThnpQw2L7tnoBJxvfrM800BbMe7cYiz6SLGOTtA==
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d1a400b1b85822ac0bae7d235a315ea1239d052b65a1cafa4378164b6c097a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 TanyaName.png
images.moosefile.com/common/ 23 KB
24 KB 581ms
563ms Image
image/png 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.moosefile.com/common/TanyaName.png
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae3cf48a77dcdb86455a4efe0f9b7e2a6a5876e944c064b03d49498593f9003

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f3b7ea673c0eade4368154f4b555b243"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOdPKsfxm0IXvWWMna1bKnYcVKX1thgOw7JicgoxaoqFhugXaB9BgV8bIjyTntoE4VnKvgEIB3xbJpEJ9UqRQ3tMgr4VCvzCOx3XJEp73G5ctDL4PyaEDMfBFFpLM%2BgU%2BEtjnW66ZwNWQpMzMYdlxfl%2B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 3J9W496TEYMV16QW
cf-ray: 8d8b016408a34d6d-FRA
accept-ranges: bytes
content-length: 23724
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: image/png
last-modified: Thu, 02 Apr 2015 19:27:52 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: WmybN77EyC840wCwrAxQNIG7EYY17Vjyx1K0UtIeMb289OVPZxSTeL2ARloInLgWzNUAbEnpRys=

GET
H2 206 harp95.mp3
images.moosefile.com/harp/ 64 KB
65 KB 739ms
739ms Media
audio/mpeg 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.moosefile.com/harp/harp95.mp3
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5342833bf888af23b1ca3e89d7f8b93c5f617e4b03a60254fe4949867cdbe175

Request headers

Referer: https://halls.md/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "57d7ba130853d8fd2759d2f08f03064d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPCgxVIGIj%2BL5PqH9ryrPR9%2BpsKJjF0egB0ZbBPssZzbfXppgl2LKGHrfH5grp5em7jAcd3cuEjsUq8RWhMJEDDyJi6xRZdrgMG%2FUsUHjl4p0hIEz9C9dtIrk5ygW1n1Wq1T7Bp%2BMkV83CS0JJNYFct7"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-65726/65727
x-amz-request-id: 3J9VGZ3SK3Z8RT8M
cf-ray: 8d8b016428d14d6d-FRA
Content-Length: 65727
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: audio/mpeg
last-modified: Thu, 19 Mar 2015 04:23:47 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: dU3Lh3CpufIUuK6wbbB6kB0Nso0lC7reDNurZAzuU0EaMcKMT9wiBfAbqMjMPUv1LYq5GF/P9AI=

GET
H2 206 guitar59.mp3
images.moosefile.com/guitar/ 32 KB
33 KB 562ms
561ms Media
audio/mpeg 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.moosefile.com/guitar/guitar59.mp3
Requested by: Host: halls.md
URL: https://halls.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2479469fe02e3a437f5d4717df431f2302f51c66f86e4c2e04d61b21ce9976e6

Request headers

Referer: https://halls.md/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f92e3b5bb60ef427ebdcb6f74109e1c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjbmGtU9LTXWcga4ymv%2BDxN03t3S2CDHSwvRA02bvH7rML2ZkaOpRKQAPNnbm60zLD8rUaSf6s0ekaGqNgbhWvZW0HpgKOrned5HeTiMC%2FoRbSp9Y47GFF9hdq0nzFJvULhAcBoFPjI%2FxnJBNiy72f2E"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-33125/33126
x-amz-request-id: 3J9RDV374A5TRG45
cf-ray: 8d8b016428d34d6d-FRA
Content-Length: 33126
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: audio/mpeg
last-modified: Thu, 19 Mar 2015 04:25:58 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: yf+kwkXOlVqM+FTBMDSIigmzlXd9LYgraEBYS/SbtMl8PhywOY+dFhHiCfs6VYgI/ZBq1kGBGt8=

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 83 KB
22 KB 8ms
7ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e0d7b6ca68bf1ce04a494712dad37c198e383a932fe3cba18bd255d046ccc1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer

Response headers

content-encoding: br
etag: "2817eb400d39c2f17c0e36a7c62d00a1"
age: 538
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:11 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-etou8220132-FRA
x-cache-hits: 20, 16
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951571.372412,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22500
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
330 B 278ms
108ms Fetch
text/plain 2600:9000:236e:1c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://halls.md/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: 2OqHQKY5KcF7oZCPmRuVGuvqWVi-z3PYTgMwAZAdiAdub5M8F59T9w==
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: FRA60-P1
server: envoy

POST
H2 204 x
distillery.wistia.com/ 0
0 243ms
103ms Fetch 18.173.205.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-104.fra56.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halls.md/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 6g4IXGw_9fzDGPAcfvN1iCv_Re7RNcpiHhzTW-Aszu220GJGIbzpBg==
date: Sat, 26 Oct 2024 14:06:11 GMT
x-amz-cf-pop: FRA56-P12
server: envoy

GET
H2 200 manual_quality_video.js Show response
fast.wistia.com/assets/external/engines/ 86 KB
22 KB 9ms
8ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/manual_quality_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

65a90a41ffe830e0e60cbed64a92a2a077da33b1da8a8b0b03f1236df03fdf51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer

Response headers

content-encoding: br
etag: "3eb33d12757110341f34b8cf1c337ed9"
age: 1139
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:11 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kcgs7200026-IAD, cache-fra-etou8220132-FRA
x-cache-hits: 11, 4
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951571.373061,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22396
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 x
distillery.wistia.com/ 0
0 239ms
100ms Fetch 18.173.205.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-104.fra56.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halls.md/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: cHwSqWCr7RqNjrpX857OP9SlNDaLkr1FO_x-K3NWwxeY1DIGguZyvQ==
date: Sat, 26 Oct 2024 14:06:11 GMT
x-amz-cf-pop: FRA56-P12
server: envoy

POST
H2 204 x
distillery.wistia.com/ 0
0 234ms
101ms Fetch 18.173.205.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-104.fra56.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halls.md/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 4Rx4v8msPEUGz3zoW4PtLVuAMcqVxukWVG0q1Bd0qhSOmML96Vfk3w==
date: Sat, 26 Oct 2024 14:06:11 GMT
x-amz-cf-pop: FRA56-P12
server: envoy

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 274ms
112ms Fetch
text/plain 2600:9000:236e:1c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://halls.md/

Response headers

x-envoy-upstream-service-time: 0
access-control-allow-methods: POST, OPTIONS
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: 9Xr_3NtiBe8FfUHIvSxf_Lri1wpD3exYPrvM8a2ZMjUTrnDYev4SZw==
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: FRA60-P1
server: envoy

GET
H2 200 jokes.js Show response
webmoose.moosefile.com/js/ 4 KB
2 KB 400ms
383ms Script
application/javascript 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webmoose.moosefile.com/js/jokes.js
Requested by: Host: static.moosefile.com
URL: https://static.moosefile.com/scripts/MooseChat.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6259532cca56499a6255f41a17d7b558ecca3e7ea6571c0c51c0064520074546

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"a167075d3a599b044d87237bd672fead"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiKuxvaiivFnuPYQeJYry5nWQzrRmv5Hz4GAdlBU83gbEFrIT1%2Fam%2Bp7SQiI1cMuNFzb9X0Qhu7wnaV0XPV2ymnrjlbqWlGsvBwIiB%2Bqd5j5OMV1Ae8Uxr7MJmrYyv%2FrPU4snGDD9lgIDuHvLaLuNfUQC%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: XD2HED3JCHP777RT
cf-ray: 8d8b01693d964d6d-FRA
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: application/javascript
last-modified: Mon, 23 Apr 2018 08:28:59 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 9fSIJmmHO4yMLm9WGgtEzsy84rQPJPD7uEBov0wmGiVnRpUEDnOufRWZQ4ui2vr3w4CGZdFEh/U=

GET
H2 200 ghtvnyal3b.m3u8 Show response
fast.wistia.com/embed/medias/ 931 B
1 KB 14ms
13ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ghtvnyal3b.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2cefa2d4ddbfba79019bb982a7eba7164225461f73e81513ddf578092ae53606

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

x-request-id: b13e85ea-32f5-4ed6-a0b3-5790fda9ce35
etag: W/"2cefa2d4ddbfba79019bb982a7eba716"
age: 159391
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: u4TVZJlxdvgKq-MLvFJT4vptxRehGrsU6fAB-TS0HUwtkma6QLrTPw==
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: application/x-mpegURL
x-served-by: cache-iad-kcgs7200040-IAD, cache-fra-etou8220132-FRA
x-runtime: 0.031388
x-cache-hits: 14, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 32
x-timer: S1729951571.381239,VS0,VE5
via: 1.1 b3bc6011219d758c8763878f39b43b9e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 931
x-amz-cf-pop: IAD61-P1
server: envoy

GET
H2 200 favicon.ico
halls.md/ 1 KB
1 KB 382ms
382ms Other
image/x-icon 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNuJGe86vhp785NZsyCva%2FJIMxYTdlOC8UxFXqnhGNYHjIaA3QdMs14zR3%2FpUQvEhoxv324hfznB9lzmXlbVjDawRBJDlQMDnHl33uZPeJL3U%2Fiak%2BNbsrbpT%2Fs3Nz6zW6kQRkXd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b016a2e4e37d7-FRA
accept-ranges: bytes
content-length: 987
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: image/x-icon
last-modified: Sat, 15 Nov 2014 23:43:34 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 favicon.ico
halls.md/ 1 KB
0 0ms
0ms Other
image/x-icon 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNuJGe86vhp785NZsyCva%2FJIMxYTdlOC8UxFXqnhGNYHjIaA3QdMs14zR3%2FpUQvEhoxv324hfznB9lzmXlbVjDawRBJDlQMDnHl33uZPeJL3U%2Fiak%2BNbsrbpT%2Fs3Nz6zW6kQRkXd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b016a2e4e37d7-FRA
accept-ranges: bytes
content-length: 987
date: Sat, 26 Oct 2024 14:06:11 GMT
content-type: image/x-icon
last-modified: Sat, 15 Nov 2014 23:43:34 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 favicon.ico
halls.md/wp-content/themes/genesis/images/ 34 KB
5 KB 376ms
375ms Other
image/x-icon 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://halls.md/wp-content/themes/genesis/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657f68bfd98bbea2979035fdba943eb5c7c438c33f0ab9f586ca70692f647ab7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLvPBLEB0AWiwOKhrZQthSF%2FrLbpH0FZoGHZNukm4V8j4azr1iDcdj3MYg9cyD63LP%2FjnCrJd9WR9x9qxy6PQTMOaU27dVWRe7YV75RnO%2B4c0%2FPAwd4dlo6E%2B6jpG85d99L9OEEt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b016d993137d7-FRA
accept-ranges: bytes
content-length: 4373
date: Sat, 26 Oct 2024 14:06:12 GMT
content-type: image/x-icon
last-modified: Sat, 13 Apr 2024 15:27:12 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 105ms
103ms Fetch
text/plain 2600:9000:236e:1c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://halls.md/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: oIQM9yHQ7HyNkImJKHUx0ARanhoGD3LnjUqbw19xrX9jluJaF5e5VA==
date: Sat, 26 Oct 2024 14:06:12 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: FRA60-P1
server: envoy

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 55 KB
14 KB 10ms
9ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1eede821380256f0bb814f92a8a277f3ecfbb9cf6568133f9361b11e87e2bf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://halls.md
Referer

Response headers

content-encoding: br
etag: "f5507fe81f885b47b85100d2ace96b17"
age: 537
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Sat, 26 Oct 2024 14:06:12 GMT
last-modified: Thu, 24 Oct 2024 19:56:30 GMT
x-served-by: cache-iad-kiad7000085-IAD, cache-fra-etou8220132-FRA
x-cache-hits: 35, 13
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1729951572.364866,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14219
asset-version: 60f5d5d4cfc3abf169b08090d2825e768a633de9
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 103ms
99ms Fetch
text/plain 2600:9000:236e:1c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://halls.md/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: 0kGceVHzy-sfJL0lbkAfK97tm5tQBRkrjSO2QkJLEWAzTtOzRf8msg==
date: Sat, 26 Oct 2024 14:06:12 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: FRA60-P1
server: envoy

GET
H2 200 aTanya1.png
images.moosefile.com/common/ 3 KB
0 542ms
541ms Image
image/png 2606:4700:20::681a:81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.moosefile.com/common/aTanya1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "5c381f42b78f6d203b13193ccc294718"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHMsZCjo7nZcRe3YDsqMWW0u1%2FG9zewvpAJ0AEQgBz4cTSXA6L5iYyq2Xv%2FI4IEJLNM33uIKRa3WIf6YwppCJ9rjJlLMoVY0sxqFyi5njKqpBNv%2F80zoKbOhMWpm%2FUenjqxrthbFWyWFfp%2FsMIbnszhB"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 5ZSXW2Q1Q002KT80
cf-ray: 8d8b017e4d394d6d-FRA
accept-ranges: bytes
content-length: 8261
date: Sat, 26 Oct 2024 14:06:15 GMT
content-type: image/png
last-modified: Tue, 06 Dec 2016 06:33:39 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 0pvdvwUX9kNs0SXeJzFM9dXFJesy4z0+NM5Yw4dYmYPD22pVehV8WmUGkEdxPEdWZKaJR4CqMOg=

GET
H2 404 aTanya1.png
halls.md/ 19 KB
19 KB 611ms
600ms Image
text/html 2606:4700:20::681a:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://halls.md/aTanya1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47eb746369dc8a7de30be18f59b8a7fc6f23f55be5c49a1e5ba9e427f78df904

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://halls.md/

Response headers

link: <https://halls.md/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=86400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6QcsMfqpZWAaEuvy8xweDE3jVdMdGeZRwKOw%2BRmNo9MwfAtJviz45sFqAnGNJKSRuZsmKKui1IdHpOq3bihjQamL7zZHsXxoEM7QuFZcgzUEoKdYr99AKdWGMx4em7vKKI46AGK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8b01850e5337d7-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Sat, 26 Oct 2024 14:06:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
server: cloudflare

POST
H2 204 x
distillery.wistia.com/ 0
0 114ms
99ms Fetch 18.173.205.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-104.fra56.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halls.md/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: CUHWmi0n-a8ytGuBuCW8L51mkdkmMv3m0LIkzBsgpH8ZikVzJWtQxg==
date: Sat, 26 Oct 2024 14:06:17 GMT
x-amz-cf-pop: FRA56-P12
server: envoy

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 132ms
127ms Fetch
text/plain 2600:9000:236e:1c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://halls.md/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: 7v1POdSMyInV_orD6D8ZTtnV1JvxRCSNsZHukkDsau2zXpO-Yv0edw==
date: Sat, 26 Oct 2024 14:06:18 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: FRA60-P1
server: envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: halls.md
URL: blob:https://halls.md/a32242fe-f4b6-4ada-8692-3985b24045bf

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mail.205-251-145-39.cprapid.com/	1970-01-21 09:18:07	Name: wordpress_test_cookies Value: -407641606
halls.md/	1970-01-21 09:18:07	Name: wordpress_test_cookies Value: -1177771416
.halls.md/	1970-01-21 10:08:31	Name: _ga Value: GA1.2.1455502726.1729951568
.halls.md/	1970-01-21 00:33:57	Name: _gid Value: GA1.2.1127432469.1729951568
.halls.md/	1970-01-21 00:32:31	Name: _gat Value: 1
.halls.md/	1970-01-21 10:08:31	Name: _ga_T3CYF11C7E Value: GS1.2.1729951568.1.0.1729951568.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://halls.md/aTanya1.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
halls.md
images.moosefile.com
js.sentry-cdn.com
mail.205-251-145-39.cprapid.com
pipedream.wistia.com
region1.google-analytics.com
static.moosefile.com
webmoose.moosefile.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
halls.md
18.173.205.104
2001:4860:4802:34::36
205.251.145.39
2600:9000:211e:3a00:1e:c86:4140:93a1
2600:9000:211e:8400:1e:c86:4140:93a1
2600:9000:236e:1c00:3:471f:5240:93a1
2606:4700:20::681a:81
2606:4700:20::681a:d65
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:830::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::729
2a04:4e42::644
0155cbb18c6fa4bcc8ea54018489864b69cb63f651573ac2bdfe003247390a4b
0b593da401178486825e25618069d86fd8e525d9e7ac569fbfbcf0b395e584eb
0d38d19780bb4501eb45588cbc4c8cdb9a7e27c58ecd57eff25e7963ca626ce3
0e2990e9b7c316e6320430f04ebe1c9e328b39fc7ea077f489b312042161ab94
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
1eede821380256f0bb814f92a8a277f3ecfbb9cf6568133f9361b11e87e2bf2f
212932cf173214b255255d707de482d7d316b18cdde7b3768153ec6b8e7558af
2479469fe02e3a437f5d4717df431f2302f51c66f86e4c2e04d61b21ce9976e6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b7d0a39ca318d3b1ee97d77dd1e46ba6b8d498984fee067b10be335cf74c71
25d61f12bc5cf5839f75fa28535b0cf4701a8ca9130329e7ce1ed37e65e74f11
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
2ae3cf48a77dcdb86455a4efe0f9b7e2a6a5876e944c064b03d49498593f9003
2cefa2d4ddbfba79019bb982a7eba7164225461f73e81513ddf578092ae53606
2d1a400b1b85822ac0bae7d235a315ea1239d052b65a1cafa4378164b6c097a4
345243e199b620db57c4b3dfb7f5641b4117aafa312841b28ac69e0e392d4252
362392fc54b3bd30058cd9d2dea9321e8a3a51a955267416558005295241ff86
39264dd4572bc098ef6415aca7479136121b3c889da2c9ce1d508c32a2deaa37
42d2dc30429d30ed7c2c1eb927c5d24d7f7b3322169943107e4d88298371a8e8
47eb746369dc8a7de30be18f59b8a7fc6f23f55be5c49a1e5ba9e427f78df904
49ec2daac9898a2a368deb649c9e8eaf2f7a9e64866110c50ae1dfcad0f534f8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5153277d37f4c160d66032d4faaf66f280db309bea18e024d6b8142337934cba
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5342833bf888af23b1ca3e89d7f8b93c5f617e4b03a60254fe4949867cdbe175
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
59c98d63d56659bea8cde7868386e5f322422fcbbcc37efdb8e21ae6394d7caa
604690d069bc9a268e583849821dc286c014202acca82c33ba43d14ea30d106c
6259532cca56499a6255f41a17d7b558ecca3e7ea6571c0c51c0064520074546
6503d8a404c814589b43b7e9c372e4de3cbd7e556ce781cc5379a6c478840a98
657f68bfd98bbea2979035fdba943eb5c7c438c33f0ab9f586ca70692f647ab7
65a90a41ffe830e0e60cbed64a92a2a077da33b1da8a8b0b03f1236df03fdf51
7d922ad24f17cec1dbae60679aab6f9d116479a765cf94e66d853d4177fbca47
7e579aabdbe47d6a8eec8bd87020e33fabd5349dfdb91e0a11ce7c487e1d5943
84a8cb0eae625371c509a5a192918a13290755d786a6eaff9a84783c8b9439ba
8fc31ca9bb47939c67a5974c5c9ec1736320cdaf89818cd1cea6599941c94761
9509879a53ab456f0fa5d5d28b72834cf83e296ccc27b35969f7a3ce82a00aa0
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9b360e5899c2f4118cd2ed6e1107e8300788233e600e218567a05b435f4b9920
a4417b0caf8ea5f30be33c9b91014cde2749ae07fa5110925802a01d1b0116e0
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a82dae239730246d43e8b6138e41e3ed8c42c4076836b0e5843bd2a1e1b9cafa
aad78fdbfb92d2bf529020ab7bfe01bc9592930e33b69eacabeff6dedd013572
addc32bdae67f7e0986e55f9d94269056d8d39f0e47a6902ddfe8b4416b1ce2d
b27732a2cd61087036bb6fa7c503c939050f1aebca844e25ffec8c13c0e63e76
b7f5f1dba659030a84f1b7e7dcae664f0e795f9d7b3f7992a341821c8b7a5f41
c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd83a3d925845397cef46d7ed432bdc6c5c2ff48ae9cb0c291443629eccabf30
d3807ea30015f5082c0a3e2b7803885310db888be091dbc86fecb1ca67f3c622
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d7b6ca68bf1ce04a494712dad37c198e383a932fe3cba18bd255d046ccc1e5
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
ebae53ccc5487e6f90912cd493235228920f3a4ce57dd9e5b51b790a5ffb71d3
f4b8fa76d03005a5c8f980eda2c5b2107bf23181ca3564c21bf636b68f319416
f982d46d6e7b82a1d01371382f96e764ec08f13934993738c3a374b842c8b371

halls.md Open in urlscan Pro 2606:4700:20::681a:d65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

88 %IPv6

11 Domains

18 Subdomains

16 IPs

2 Countries

2086 kBTransfer

4186 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

halls.md Open in urlscan Pro
2606:4700:20::681a:d65 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

88 %
IPv6

11
Domains

18
Subdomains

16
IPs

2
Countries

2086 kB
Transfer

4186 kB
Size

6
Cookies

70 HTTP transactions
2 data transactions