urlscan.io logo urlscan.io
SecurityTrails logo

halls.md Open in urlscan Pro
2606:4700:20::ac43:467b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mail.205-251-145-39.cprapid.com/
Effective URL: https://halls.md/
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 73 HTTP transactions. The main IP is 2606:4700:20::ac43:467b, located in United States and belongs to CLOUDFLARENET, US. The main domain is halls.md.
TLS certificate: Issued by GTS CA 1P5 on May 13th 2024. Valid for: 3 months.
This is the only time halls.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    205.251.145.39 (Houston, United States)

ASN11042 (NTHL, US)
PTR: server.halls.md
mail.205-251-145-39.cprapid.com
16    2606:4700:20::ac43:467b (United States)

ASN13335 (CLOUDFLARENET, US)
halls.md
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700:20::ac43:4a90 (United States)

ASN13335 (CLOUDFLARENET, US)
static.moosefile.com
images.moosefile.com
webmoose.moosefile.com
15    2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:211e:1600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-ssl.wistia.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
browser.sentry-cdn.com
5    2600:9000:211e:d400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-cloudfront.wistia.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    18.173.205.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-116.fra56.r.cloudfront.net
distillery.wistia.com
5    2600:9000:236e:5e00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pipedream.wistia.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
30 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 6775
embed-ssl.wistia.com — Cisco Umbrella Rank: 12593
embed-cloudfront.wistia.com
distillery.wistia.com — Cisco Umbrella Rank: 10149
pipedream.wistia.com — Cisco Umbrella Rank: 10340
1 MB
16 halls.md
halls.md
175 KB
8 moosefile.com
static.moosefile.com
images.moosefile.com
webmoose.moosefile.com
174 KB
6 gstatic.com
fonts.gstatic.com
184 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7058
browser.sentry-cdn.com — Cisco Umbrella Rank: 6381
31 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
92 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
341 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
1 cprapid.com
mail.205-251-145-39.cprapid.com
387 B
73 12
Domain Requested by
16 halls.md halls.md
15 fast.wistia.com halls.md
fast.wistia.com
6 fonts.gstatic.com fonts.googleapis.com
5 pipedream.wistia.com fast.wistia.com
5 embed-cloudfront.wistia.com fast.wistia.com
4 images.moosefile.com halls.md
3 distillery.wistia.com fast.wistia.com
3 www.google-analytics.com halls.md
www.google-analytics.com
3 static.moosefile.com halls.md
2 embed-ssl.wistia.com halls.md
2 connect.facebook.net halls.md
connect.facebook.net
1 webmoose.moosefile.com static.moosefile.com
1 browser.sentry-cdn.com js.sentry-cdn.com
1 www.facebook.com connect.facebook.net
1 js.sentry-cdn.com fast.wistia.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com halls.md
1 mail.205-251-145-39.cprapid.com 1 redirects
73 20

This site contains links to these domains. Also see Links.

Domain
breast-cancer.ca
talkingmoose.ca
www.facebook.com
Subject Issuer Validity Valid
halls.md
GTS CA 1P5		 2024-05-13 -
2024-08-11		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
moosefile.com
E1		 2024-05-15 -
2024-08-13		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.wistia.com
Amazon RSA 2048 M02		 2024-01-01 -
2025-01-28		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://halls.md/
Frame ID: 921E20EB2CC1BF46A5C767133A6AB54D
Requests: 75 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=238415116352951&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ba03c44e4452632%26domain%3Dhalls.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhalls.md%252Ff399c6280ea8aeb41%26relation%3Dparent.parent&container_width=880&href=https%3A%2F%2Fhalls.md%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: BD916B6D107B5FF53A01F4D9C3A88029
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Moose and Doc – halls.md

Page URL History Show full URLs

  1. https://mail.205-251-145-39.cprapid.com/ HTTP 301
    https://halls.md/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

79 %
IPv6

12
Domains

20
Subdomains

19
IPs

3
Countries

2168 kB
Transfer

4294 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.205-251-145-39.cprapid.com/ HTTP 301
    https://halls.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
halls.md/
Redirect Chain
  • https://mail.205-251-145-39.cprapid.com/
  • https://halls.md/
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66aa0f5d8875268a8fb43f4c8cec128fa2274df7ccff2fdac1460eec93c24139

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
89a719673a7635e1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 17:18:57 GMT
link
<https://halls.md/wp-json/>; rel="https://api.w.org/", <https://halls.md/wp-json/wp/v2/pages/1669>; rel="alternate"; type="application/json", <https://halls.md/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hnxZLjAl555IJVhqT4Svn6sW6anTN0hHYr2%2F1z19in3SCBGJ48jKcKUGwL2fASCgLcujIEhRwZNVqERH36EURbhKGw7Ge6ZcqI35s7gUbJxzzdOnNgF9vv46y7h3qe3WhJZwP7w"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jun 2024 17:18:56 GMT
Keep-Alive
timeout=5, max=100
Location
https://halls.md/
Server
Apache
Vary
User-Agent
X-Redirect-By
WordPress
dynamik-min.css
halls.md/wp-content/uploads/dynamik-gen/theme/ 		54 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-content/uploads/dynamik-gen/theme/dynamik-min.css?ver=1713022036
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212932cf173214b255255d707de482d7d316b18cdde7b3768153ec6b8e7558af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Apr 2024 15:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLHlH2fmOGAca3h6dQBJasedstPYncMuQNcKyoeLZD104NbXOz0EQEi5J0%2BE05nVVZZ24vslPn%2BCwroKLrgUzWV2sEWEzovGMYrRXIcGocumAY9UInmkpWvFCpXRCL9KTyXpqOOp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
accept-ranges
bytes
cf-ray
89a7197c2f0435e1-FRA
content-length
9033
style.min.css
halls.md/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 23:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNhudkIWVWSI2n4KiJbuhz1WQycgsYfWe%2FcVIVSI9HgIb%2FWV%2BnlU3BdWInieQFE0okJsKn%2Bj2OMa1CfM25KeF0vDE0Qz0EyWLRCLM8ZW%2FtSR3ltTQKOsfEutRWuvUF6NntLQw7my"}],"group":"cf-nel","max_age":604800}
content-type
text/css
accept-ranges
bytes
cf-ray
89a7197c2f0935e1-FRA
content-length
14991
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e7a4847f95869498c4105c8240f8d18782dad4b01dd391e4c54e407c76679a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 17:19:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 17:19:00 GMT
styles.min.css
static.moosefile.com/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.moosefile.com/css/styles.min.css
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d922ad24f17cec1dbae60679aab6f9d116479a765cf94e66d853d4177fbca47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Sep 2018 05:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
NPDQCHSVCMA8J10T
etag
W/"d9929dd369590ad619ebc365cae0794b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keSI2bgO3caJDXLlxy6VYfsYBOFgsoG3DME53BIckAboLBy3GM%2BRAPRVEzsGXVDweqUWu6%2Ftm4X3LTEn5QTcQ5UpGMh1nKp%2FfK%2FUi0r7HFmUWk9niFgVSsa3Q%2Fcnw0fVjBiKNQqN7Lp0FSDNN3TgIYZA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
89a7197c99c2bbfd-FRA
x-amz-id-2
Fw55hRegfflcB/UUWeFZrlqet/Hitut133ca4WA2D8P4KIAq3U60POyHSBZqgraIx/KgrLFsFm4=
jquery.min.js
halls.md/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 23:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA269i507Ts%2BLIJiSGOfrXvAHysVZ1RkTICqOALdoy72TbeKxzTmCH5IKlqMFzoLCpFGUt9km3kmPUT7QWey%2FBQWIs73TqiWTnuvFLKG1G2AbditG3vhLOjd0fjQdXtKbopN1qKR"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a7197c3f0d35e1-FRA
content-length
30368
jquery-migrate.min.js
halls.md/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 23:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axdmCdrmBW3gmwuACt%2F0l7r%2BxIxC%2FQUqnC%2FEmt3MuGlLFwEZIcMbzPtLUnITmxqRfrdYuDnFvBLxR42sfAXGSOV2XDI9VTEfN94AvyFgCLsHc1YPnGFddEkYc8t4UqIHQQxuiuda"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a7197c3f0f35e1-FRA
content-length
4872
HallsMD.png
halls.md/wp-content/uploads/2014/10/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halls.md/wp-content/uploads/2014/10/HallsMD.png
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b593da401178486825e25618069d86fd8e525d9e7ac569fbfbcf0b395e584eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Oct 2014 03:30:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZoK%2Be1XI0%2B553lXVutU6XMXgVVAvrB6rRDWUxgQAj31%2F8eXpJBCBJt6z1PNbyLsIOIoJ%2F0scrRzD6KFy6Ff3Sum5A%2BzmdX9ITL0Ezmu4tBSWarHX%2B1LN9nxixkg%2BIVRflbcHfTHB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7197c3f1035e1-FRA
content-length
53082
HallsMd2.png
halls.md/wp-content/uploads/2014/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halls.md/wp-content/uploads/2014/10/HallsMd2.png
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b8fa76d03005a5c8f980eda2c5b2107bf23181ca3564c21bf636b68f319416

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Oct 2014 03:32:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gp%2BX%2FVNcwSgf43k7R%2BQQF7JJayA6Dg1DPkUXujfzMY66eE15B5IQg6i%2FHbPyWh3PRlwM6p3dW%2FY8BvSzFWlG547B5CcwSS4jK2LvaRQ0TV%2B%2BV0yAzhLGD%2FmzbOOPPz9f03VNZ60j"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7197c3f1135e1-FRA
content-length
37564
bz7ba75gw7.jsonp
fast.wistia.com/embed/medias/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/bz7ba75gw7.jsonp
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7624b24174a782579f6640096e2c8efa7e3336926c4c869cb0fb319c495c77dd
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD55-P5
age
29777
x-cache
Miss from cloudfront, MISS, HIT
x-envoy-upstream-service-time
52
content-length
1594
x-request-id
8950fad5-3e36-4afc-8962-747ee2d4cd19
x-served-by
cache-iad-kjyo7100177-IAD, cache-fra-etou8220088-FRA
x-runtime
0.050745
x-browser-version
126
server
envoy
x-timer
S1719508741.096931,VS0,VE1
etag
W/"7624b24174a782579f6640096e2c8efa"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QPXOx-aWVQRLN65Vy4UelUjlbAYESmaUJP87HBXZPyBPPl3U-dXIhA==
x-cache-hits
0, 0
E-v1.js
fast.wistia.com/assets/external/ 		790 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f14d1ccf694037e07c0be48026e6ac8792c06c2582f62e1e296744743afb059
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2154
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
137074
x-served-by
cache-iad-kcgs7200045-IAD, cache-fra-etou8220088-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:20 GMT
server
AmazonS3
x-timer
S1719508741.096885,VS0,VE0
etag
"c302d56fcf69d01008056b6e2238cd0b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21, 114
content-filler.png
halls.md/wp-content/themes/dynamik-gen/images/ 		97 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halls.md/wp-content/themes/dynamik-gen/images/content-filler.png
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b360e5899c2f4118cd2ed6e1107e8300788233e600e218567a05b435f4b9920

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 13 Apr 2024 15:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0UTLVJFh0Xe4Y8aFYXyElhev85x3ALBFjV6V3GBJbqS4sMSGE%2Bf7E0cnttvKcbUHbzBrHHDUegZeA480MZsKvgWYUABLQ8ReIDmGkAKzgLFJ%2BUs8h0SNIQjCuk7%2FZ9JCeK2smdB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7197eaab435e1-FRA
content-length
97
email-decode.min.js
halls.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Jun 2024 13:43:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"667c1af7-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nk9lpHIgABajkuI3vzHBe%2F%2F0h1mk69y2D5YELjJc36bzmZjLJksuJWjqW18HkLok%2FxxHHXiqfHclnBtgHg2ep09KO%2By2XASDsGXWyuuf5Y%2B5YVHsZoCcq5NLA19QYEQOA4ev4xpP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89a7197ecb0835e1-FRA
expires
Sat, 29 Jun 2024 17:19:00 GMT
comment-reply.min.js
halls.md/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-includes/js/comment-reply.min.js?ver=6.5.5
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 12 Dec 2022 00:29:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kktsl8qcLVf07d4KpwsgH55NN2PAoBvStWbOH4fa6%2BU2R2mBw2LJh2eHvdn65rXgWBJmYKjQsPsjnDSQ3GxmsIJithecSiq%2FRYdAvr8aY2FFNPROYyWt48IY4JzZ6Ch11f2XooLE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a7197f8c0035e1-FRA
content-length
1351
responsive.js
halls.md/wp-content/themes/dynamik-gen/lib/js/ 		1 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-content/themes/dynamik-gen/lib/js/responsive.js?ver=2.6.9.93
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b7d0a39ca318d3b1ee97d77dd1e46ba6b8d498984fee067b10be335cf74c71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Apr 2024 15:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSeMT37NxRmGtR7s1ojPAK6eus7F3LG7QZ424sC4fhditq1cP4tycVIdVOkXDP3rOhW7dcFj95NTwrJTaG22b1D9Bfd%2FJmMWStdd06SJHrUsYMPsWNQEKnaJwKGeCqSvHGauTo5d"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a7197efb3d35e1-FRA
content-length
460
custom-scripts.js
halls.md/wp-content/uploads/dynamik-gen/theme/ 		438 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-content/uploads/dynamik-gen/theme/custom-scripts.js?ver=1713022036
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ec2daac9898a2a368deb649c9e8eaf2f7a9e64866110c50ae1dfcad0f534f8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Apr 2024 15:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgG6Kr9M51vdSa%2BxXyK%2FCAH2gC3Uhb5kEAgpDjfbdGZyLU2si%2FngNKeF%2FAa80gq%2BSIiFT6bdfCO4FaTA9PK0qK14kktXj2eN0HsMUinw3V7Ku8vwn0Ht7lJS6ypkbmglvAyd0BUo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a7197f8bfb35e1-FRA
content-length
261
MooseChat.min.js
static.moosefile.com/scripts/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.moosefile.com/scripts/MooseChat.min.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f982d46d6e7b82a1d01371382f96e764ec08f13934993738c3a374b842c8b371

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Sep 2018 05:06:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
767J2CS9NN7QZN3E
etag
W/"242c909c117180793c1ee633afc67498"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jn1cdPvh6wrjZ17G1oTYZNQeY3FGF%2BQzH%2BO5lrL8wuWGe0gQcKECZg6gt0zQop9o0J2XTyMTFIJSK%2BGbktvZtt6u6kxN7UDyZ0gXL1Mv%2F8Egz3DObCuMSwWdP41cWP3gNsw%2Bmtt%2F4rqSeCyQO7AE5oYs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
89a7197f8f80bbfd-FRA
x-amz-id-2
BRrh87tCHkxNsTTcBuBPyGvIlqvowa49Xpw9zbTA1xPfDQ6d4sWtJFIGXB+4qmPrPXgcyGRc6ik=
WebMoose.min.js
static.moosefile.com/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.moosefile.com/scripts/WebMoose.min.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d38d19780bb4501eb45588cbc4c8cdb9a7e27c58ecd57eff25e7963ca626ce3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Sep 2018 04:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
XZE2FQNNBAZ3MR91
etag
W/"c8c14810f38475e80a3660456b00bdad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0bLA0YjViKbEMFZ7YAmw%2FxwSL0CB%2F7peQzRXwjW7H4vxACbaWYvbCP5tL7aKAURkeNHgiju1%2BjAcH%2Buu%2ByjkF977mzVjjH7qSlqTX5tuRleiS9l1I1HbBMmBARE%2BSn%2FrwdjxV6zo5UvdChvSZOqC768"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
89a7197f8f84bbfd-FRA
x-amz-id-2
Cr1HQUKVPB7/yUKRSxGj3wKcWDFt4FabYXeXRSrhiq9KDDugNEfUe4WqNbG6Ag4W8X1Uf76kFyc=
8685c89a-4187-4f3b-9649-5a2d5a27dd37
https://halls.md/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://halls.md/8685c89a-4187-4f3b-9649-5a2d5a27dd37
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 15:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5880
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 27 Jun 2024 17:41:01 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08c5fd7bfd5393e59ba9a4487f2244f2598e02a3681bdc05515275b17675a278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:19:01 GMT
content-md5
rz1dwR6HGYBjX+carVawJw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
HckI8u0JZlBAiBvjW4TQzUTOY1VfBsH3wmrFpGiBnsbIdkLS1laSkp6DLBGY+naHOZXbzkwmFtOPEm2X+aFJPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6af57f1fd4c349abc29a3b3b8ec58bd8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"263a67defd1664ee155fb708bddefd8c"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 27 Jun 2024 17:34:59 GMT
-F6xfjBsISg9aMakPm3wow.woff2
fonts.gstatic.com/s/handlee/v18/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/handlee/v18/-F6xfjBsISg9aMakPm3wow.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3807ea30015f5082c0a3e2b7803885310db888be091dbc86fecb1ca67f3c622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:56:17 GMT
x-content-type-options
nosniff
age
181364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16148
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:11:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:56:17 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:17:26 GMT
x-content-type-options
nosniff
age
154895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:17:26 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:17:52 GMT
x-content-type-options
nosniff
age
180069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 15:17:52 GMT
KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
fonts.gstatic.com/s/architectsdaughter/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 01:37:31 GMT
x-content-type-options
nosniff
age
56490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13156
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 01:37:31 GMT
1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfIA.woff2
fonts.gstatic.com/s/raleway/v34/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4bbLDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4417b0caf8ea5f30be33c9b91014cde2749ae07fa5110925802a01d1b0116e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:59:15 GMT
x-content-type-options
nosniff
age
181186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23044
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:59:15 GMT
jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Architects+Daughter%7CHandlee%7CLato%3A300%2C400%7CPT+Sans%3A400%2C700%2C400italic%7CRaleway%3A600i&display=auto&ver=2.6.9.93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 03:37:02 GMT
x-content-type-options
nosniff
age
49319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 03:37:02 GMT
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4464136b7c031bde37807fbeb769c4a6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
81e5a84759b92833d68948915eac7f7065394a81a89f471b825d00f154689f64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:19:01 GMT
content-md5
HSjSTAmGLLL82w0AVSUx1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87599
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4330, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
v1s3tZxaFN0PerhEI4M7Mwxk9ClrVhZfEUmaFe5CHmgiWrcoAbazeRHycwsgsfFOe38byCopzN9H4UMelqb/JA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b12eb44baf3ea917504be1ac59b6eb55
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"96d3b900cf14650345f331c8d4dcbb4a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 27 Jun 2025 15:41:01 GMT
collect
www.google-analytics.com/j/ 		16 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=887018527&t=pageview&_s=1&dl=https%3A%2F%2Fhalls.md%2F&ul=de-de&de=UTF-8&dt=Moose%20and%20Doc%20%E2%80%93%20halls.md&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1648003647&gjid=231416502&cid=2082687230.1719508741&tid=UA-51423016-1&_gid=1199596953.1719508741&_r=1&_slc=1&z=1629974397
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
78eb7599f951b00de7095b63516350d89b6fa4038b0beff0bd456bf1cd42826e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 17:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halls.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51423016-1&cid=2082687230.1719508741&jid=1648003647&gjid=231416502&_gid=1199596953.1719508741&_u=IEBAAAAAAAAAACAAI~&z=915472562
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Jun 2024 17:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halls.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T3CYF11C7E&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b07306a9485a3eebf872f8234e0194755d8ced873fd5f83a9093e7080cee9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94177
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jun 2024 17:19:01 GMT
ghtvnyal3b.json
fast.wistia.com/embed/medias/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/ghtvnyal3b.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
4f3fc86aff367007d5cda81af4a0c1522272d14d6ac2502162215b8e98d2e624
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
29776
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
64
content-length
1439
x-request-id
428d1e09-860a-403a-af65-e9f07b547dbe
x-served-by
cache-iad-kjyo7100169-IAD, cache-fra-etou8220020-FRA
x-runtime
0.062528
x-browser-version
126
server
envoy
x-timer
S1719508741.448380,VS0,VE1
etag
W/"4f3fc86aff367007d5cda81af4a0c152"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6IJk2ssjCsfp4TcWbo4Q2g2LxsWbPFRi71O4H8o62sRtcEa4_46i0A==
x-cache-hits
18, 0
share-v2.js
fast.wistia.com/assets/external/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/share-v2.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfaf7d68e6fbe467b173cf34430d2d5af20e2e586fbe4aece4814baade091de0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2155
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20266
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-etou8220088-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:21 GMT
server
AmazonS3
x-timer
S1719508741.428661,VS0,VE0
etag
"e71e29cfb50cce3339c5bc75ea216f9a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13, 4
zuzsx1rljr.json
fast.wistia.com/embed/medias/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/zuzsx1rljr.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
284337ca522066bc842c816ccadd2391a523d390f035443a4fc1d668d12fee34
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 5084a25d91022b55b5acf281581c6444.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD61-P1
age
29776
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
53
content-length
1202
x-request-id
8a80a414-cc0f-4461-83f5-0ae74c707a3f
x-served-by
cache-iad-kiad7000051-IAD, cache-fra-etou8220020-FRA
x-runtime
0.051495
x-browser-version
126
server
envoy
x-timer
S1719508741.448358,VS0,VE2
etag
W/"284337ca522066bc842c816ccadd2391"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mCB4-IRcQPqOPZ4OOoSxDk4OtzBPT3YA7RHmFEg6cX9VZcZHiSHxCA==
x-cache-hits
5, 0
wistiaLogo.js
fast.wistia.com/assets/external/ 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistiaLogo.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29e954b663ed6018e36cccec6ce38e2e49feedac91d77693a2cb43e120685dab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2154
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20573
x-served-by
cache-iad-kiad7000097-IAD, cache-fra-etou8220088-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:21 GMT
server
AmazonS3
x-timer
S1719508741.437034,VS0,VE0
etag
"ee51ec4233f267bc0cbd50e4d6fc624e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
20, 6
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
a3e5aed7ad2a1004d36fbf225133c902371161ae.webp
embed-ssl.wistia.com/deliveries/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/a3e5aed7ad2a1004d36fbf225133c902371161ae.webp?image_crop_resized=1920x1080
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
cd83a3d925845397cef46d7ed432bdc6c5c2ff48ae9cb0c291443629eccabf30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:12:49 GMT
access-control-request-method
*
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
age
21972
edge-cache-tag
a3e5aed7ad2a1004d36fbf225133c902371161ae
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
460
content-disposition
inline
surrogate-key
a3e5aed7ad2a1004d36fbf225133c902371161ae thumbnail-delivery
last-modified
Thu, 29 Sep 2016 18:38:09 UTC
server
envoy
etag
tmJdhyeGuEZHBQ9XtC-lZpdRhW8=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
IUSUMWIWOgcKWQwuUHR0zRxCeXEgSdpb8Xzl-HX5ZgnF9sv-Kdou_g==
9d58f261cca0dc4874d3b33e9326ab47c5ca6021.webp
embed-ssl.wistia.com/deliveries/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/9d58f261cca0dc4874d3b33e9326ab47c5ca6021.webp?image_crop_resized=1280x720
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
addc32bdae67f7e0986e55f9d94269056d8d39f0e47a6902ddfe8b4416b1ce2d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 11:12:49 GMT
access-control-request-method
*
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
age
21972
edge-cache-tag
9d58f261cca0dc4874d3b33e9326ab47c5ca6021
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
227
content-disposition
inline
surrogate-key
9d58f261cca0dc4874d3b33e9326ab47c5ca6021 thumbnail-delivery
last-modified
Mon, 23 May 2016 04:39:27 UTC
server
envoy
etag
WraUh9RjJQQ-vGmNSSDkS6DgUUI=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
LKm5OBHDVCZ3cTmeHsn7sMSQSTIJW8KE0N625hrS9_yP5D6uD9QNHg==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T3CYF11C7E&gtm=45je46q0v9135403408za200&_p=1719508741324&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=2082687230.1719508741&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhalls.md%2F&dt=Moose%20and%20Doc%20%E2%80%93%20halls.md&sid=1719508741&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5489&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3CYF11C7E&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 17:19:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halls.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls_video.js
fast.wistia.com/assets/external/engines/ 		510 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec1cbbed320229e91a69623cd83f43b8e78f341cbc45a573dd93a3ab895592bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2155
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
127780
x-served-by
cache-iad-kcgs7200146-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:20 GMT
server
AmazonS3
x-timer
S1719508742.658688,VS0,VE0
etag
"6dcccc04e0ed00f5872fee7adce29f96"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
12, 46
blank.gif
fast.wistia.com/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
883
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1719508742.760920,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4048899, 22
bz7ba75gw7.m3u8
fast.wistia.com/embed/medias/ 		930 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/bz7ba75gw7.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
42d2dc30429d30ed7c2c1eb927c5d24d7f7b3322169943107e4d88298371a8e8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:01 GMT
via
1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
304752
x-cache
Miss from cloudfront, MISS, HIT
x-envoy-upstream-service-time
38
content-length
930
x-request-id
981268a2-479e-47d4-9a78-a7d18bb34f68
x-served-by
cache-iad-kjyo7100027-IAD, cache-fra-etou8220020-FRA
x-runtime
0.037078
x-browser-version
126
server
envoy
x-timer
S1719508742.766951,VS0,VE2
etag
W/"42d2dc30429d30ed7c2c1eb927c5d24d"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rzpdJxfzsDPYPvQSuIufSWhRYj98cFEIJRDZrY2kmEKNqjPCyvogEQ==
x-cache-hits
0, 0
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca8c45e76cb8b6fe8ebfc708d87a777b61f30bb9b0e561a4411df49e01e1289b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; default-src 'none'; base-uri 'none'; img-src * blob: data:; style-src * 'unsafe-inline'; worker-src blob:; font-src * data:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=ca654dd2282c62d6cd9a379003a605d60e3d6922
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; default-src 'none'; base-uri 'none'; img-src * blob: data:; style-src * 'unsafe-inline'; worker-src blob:; font-src * data:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=ca654dd2282c62d6cd9a379003a605d60e3d6922
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 17:19:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
30
x-envoy-upstream-service-time
23
content-length
1279
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-55c967c8f9-nxjtt, cache-chi-klot8100079-CHI, cache-fra-etou8220117-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8
embed-cloudfront.wistia.com/deliveries/ 		400 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
5153277d37f4c160d66032d4faaf66f280db309bea18e024d6b8142337934cba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
265
content-length
400
surrogate-key
72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UlRXL5wW3dEK26mggd7JvfaMgUuGMhvzAtGRFsz9X_BEEfvDQLKGgA==
expires
Fri, 27 Jun 2025 17:19:02 GMT
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8/ 		453 KB
454 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/72ccde18ae297b4e577065c0f1a9e612bec80efc.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
b27732a2cd61087036bb6fa7c503c939050f1aebca844e25ffec8c13c0e63e76

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
134
content-length
463608
surrogate-key
72ccde18ae297b4e577065c0f1a9e612bec80efc-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pneQP8C06fj8ej1OsCMnFmq-3vmpA0NiQzPLRPY9B1Ox7u22xrMPlg==
expires
Fri, 27 Jun 2025 17:19:02 GMT
wp-emoji-release.min.js
halls.md/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 23:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFU8PYT1DTGMSTluL%2B8LlboW2eAO0gxpE2EjyBpPuD7Cu3AgT%2BnVO6JfGKKs%2FDTDFbzoQiAHUf6I44SR2%2Fl9kUoo4U7WGsqig5GaJA0eF4D52hNKJmeqMQE2BXos6d%2F4ogLJkesm"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
accept-ranges
bytes
cf-ray
89a719879f8c35e1-FRA
content-length
5062
like.php
www.facebook.com/v2.7/plugins/ Frame BD91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=238415116352951&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ba03c44e4452632%26domain%3Dhalls.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhalls.md%252Ff399c6280ea8aeb41%26relation%3Dparent.parent&container_width=880&href=https%3A%2F%2Fhalls.md%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4464136b7c031bde37807fbeb769c4a6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://halls.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Thu, 27 Jun 2024 17:19:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385233812127761817"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385233812127761817"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=2775, tp=-1, tpl=-1, uplat=29, ullat=0
x-fb-debug
YXtLGSlEmYj4svU8EBgFGVBWUWVq0ijZ0Z2IfH23dw15O1QmgwYEToUT+2kZE44hFX7eC7vcllfeIwzfqV7O/w==
x-xss-protection
0
truncated
/ 		156 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d1a400b1b85822ac0bae7d235a315ea1239d052b65a1cafa4378164b6c097a4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
TanyaName.png
images.moosefile.com/common/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.moosefile.com/common/TanyaName.png
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae3cf48a77dcdb86455a4efe0f9b7e2a6a5876e944c064b03d49498593f9003

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Apr 2015 19:27:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
JRVFETGXCJB1T44D
etag
"f3b7ea673c0eade4368154f4b555b243"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96aOmJ4GkqodMOnCIHDOjM7NKxBtWQ1J3uLPTsofoFuaHPa7%2Fwye8NNSjjRF4k4GAWJw5aI89C4fcb13ywBpk%2Bnek4g9319%2FpCgJdOyip4vSzW8XjLe5h9eGA%2F1Zf7oV%2BKaNJIt0zlDoPwzJ4XWmQ%2BBZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
89a7198878ffbbfd-FRA
content-length
23724
x-amz-id-2
B3XQb2wcqpkzQ33Eje7O4N8G8QJIRJiVuSkfFObFf46PAUVilkz0vJ6F7Ipi9gHfEiOBnjoJ7eI=
harp45.mp3
images.moosefile.com/harp/ 		70 KB
71 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.moosefile.com/harp/harp45.mp3
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b6e84575f8ac169159d188338db58e656d9138e26d60d66d90be4bf7b9059c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://halls.md/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
cf-cache-status
MISS
last-modified
Thu, 19 Mar 2015 04:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
JRVCBD94X025CMJR
etag
"e1268a53801650a63e5b29297400d68f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8akZGbWKceMjxdvGU9ZRqmfI9ZNZz5HY3vw2J8tYYuSmsHGzuNtQ6pklmfx%2FJHH9oyUi7IcHqpvd%2FBAsY0m6TodeXm91Q9aKKgUy37J%2B2ehMt0rR6YcAIk2MLLO2Yt430WzA0OY96i8eaogCBV9kSEnd"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-71995/71996
cache-control
max-age=2678400
cf-ray
89a7198878f9bbfd-FRA
Content-Length
71996
x-amz-id-2
d0NGLWV6H47UHExL5PTSjH/6wBAJo1NKMXgMNPDs1s1YxxCYQHXpyCQ4XWlGKZbv9iutr/OIpTw=
guitar44.mp3
images.moosefile.com/guitar/ 		57 KB
57 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.moosefile.com/guitar/guitar44.mp3
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862ff5a6026a577216a41bba1cf9f13d7d820456d6a68ed6eac8cafec4190c78

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://halls.md/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
cf-cache-status
MISS
last-modified
Thu, 19 Mar 2015 04:25:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
JRVD9KJ1B2PR0E7K
etag
"41ff03300939fcec0a9592cfb4574dd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4d%2BbUnKXLyeNwGMCrM3T4Ni39Fc1TlNciqCLYqcPF%2FGs2CNSchVz9VZInuz0mgKSXba0Y%2B4Tg%2BtdH5Cl4tzvduyRy%2B0%2BHzaazEOQfJ8jW7CBKAp82STdQbidTP5y37Rmq9pkTyCW9DeQaL1j7XwQVqcU"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-58202/58203
cache-control
max-age=2678400
cf-ray
89a719887905bbfd-FRA
Content-Length
58203
x-amz-id-2
N44/4rX5w6xpqw0CaUWAjP8eMWzsFhRtXh6AkG22dGLYin354mV3KwG03so3lffpknkCZtAFF+4=
be22163b81137b4f828fefcea642c1c1d88088d0.m3u8
embed-cloudfront.wistia.com/deliveries/ 		400 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
59c98d63d56659bea8cde7868386e5f322422fcbbcc37efdb8e21ae6394d7caa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
149
content-length
400
surrogate-key
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wTtABnx6PtlJG5v0t-A4Lo0ZnEJtFMnPN47YMfdU8LVLwdVaEW3OmA==
expires
Fri, 27 Jun 2025 17:19:02 GMT
interFontFace.js
fast.wistia.com/assets/external/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/interFontFace.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2156
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18352
x-served-by
cache-iad-kjyo7100093-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:21 GMT
server
AmazonS3
x-timer
S1719508743.646584,VS0,VE0
etag
"a11f23804133ec25d4f1937fffc932da"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33, 939
bundle.es5.min.js
browser.sentry-cdn.com/7.118.0/ 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.118.0/bundle.es5.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2d1d66191391182f0a971cd85dfd9d4f4b1477674ab104131f78f531d82a6179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 21 Jun 2024 07:37:32 GMT
server
Fastly
age
549169
etag
"a4f9d0510383ec10bc55c3b536bff34f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28863
expires
Sat, 21 Jun 2025 08:46:13 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d

Request headers

Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Inter-Extended.woff
fast.wistia.com/assets/external/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/fonts/Inter-Extended.woff
Requested by
Host: halls.md
URL: https://halls.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2155
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21400
x-served-by
cache-iad-kiad7000103-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:24 GMT
server
AmazonS3
x-timer
S1719508743.683843,VS0,VE0
etag
"eb57772375a66db232881cc122a7d145"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
28, 4
seg-2-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/ 		159 KB
160 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/seg-2-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
0e2990e9b7c316e6320430f04ebe1c9e328b39fc7ea077f489b312042161ab94

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:02 GMT
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
81
content-length
162808
surrogate-key
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s4I-a9ImgJcPQjGrwrX5mEFjfL-YX0f68eIzCXnmrLGeU5QkAQb4Ug==
expires
Fri, 27 Jun 2025 17:19:02 GMT
seg-3-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/ 		144 KB
145 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/be22163b81137b4f828fefcea642c1c1d88088d0.m3u8/seg-3-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
8fc31ca9bb47939c67a5974c5c9ec1736320cdaf89818cd1cea6599941c94761

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
86
content-length
147768
surrogate-key
be22163b81137b4f828fefcea642c1c1d88088d0-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CvbgMm3YSjer0WtqMcPJKxqu888P2os6O4oN1I-AtPHoHb0lwfLTrg==
expires
Fri, 27 Jun 2025 17:19:03 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0453c72ff2db6a473f2ba0d91ef41f48dd2e320bd43ff1f8fb9e04314519264
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2156
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21782
x-served-by
cache-iad-kiad7000152-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:21 GMT
server
AmazonS3
x-timer
S1719508743.211309,VS0,VE0
etag
"b4a321b999f46e57b1176981b8ac6d42"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16, 60
manual_quality_video.js
fast.wistia.com/assets/external/engines/ 		85 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/manual_quality_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f3a817be354f5bcb45a2a891f4ffbfad2d181762815e8061d51a2e560346129
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2155
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22101
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:20 GMT
server
AmazonS3
x-timer
S1719508743.212798,VS0,VE0
etag
"70b40a648ada73714d42c90e26ae00d8"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8, 5
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-116.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
x-amz-cf-id
uhYDNQkn5n1AAA_eFYGINce8fUbuffJl5l2KxSOCYH5Dr2gvEYg9SA==
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-116.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
x-amz-cf-id
CgHebrSv97ebKWAyDGTduGscA692qz_29z6GlYXBxBunnhShu-ww5w==
mput
pipedream.wistia.com/ 		2 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
1fRy5fpirBa-E_kO6kT-qIobNm-UaGTBl4WeE6UGL1LtwFCXqIRq3A==
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-116.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
x-amz-cf-id
gyJPXuMmhnl1h6yEObHm4iZg6QxbX0QZC0nwdoFnbLlqsPMjkPC4tg==
jokes.js
webmoose.moosefile.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmoose.moosefile.com/js/jokes.js
Requested by
Host: static.moosefile.com
URL: https://static.moosefile.com/scripts/MooseChat.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6259532cca56499a6255f41a17d7b558ecca3e7ea6571c0c51c0064520074546

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Apr 2018 08:28:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
02G67FT9VHRR3JQ1
etag
W/"a167075d3a599b044d87237bd672fead"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQQH3iakWJyEL74rtdw3PesJqVeePqagE%2BQIOHLzIFiqVXdcE%2FRanlQNfF43aXy0A1Vs3KlXncU2UrAdkrKx87QMUYOb%2FV5LhO6N0Zo%2BCPGKaZy4iFe3mjRBN04aR3IWQGnIK3E7YqkwQfvhEio6fQ4uRcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
89a7198d49edbbfd-FRA
x-amz-id-2
gYnn7W3vqMljY6++SUtnovEWICps1/9TDz8DhVUlr+m5i0CRBo3KJosqfBCF3y36EbDrJv+TPug=
mput
pipedream.wistia.com/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
0
content-length
2
x-amz-cf-id
JPpmqLjVltoX7SBMxLUygy5GOzq1_nWRCv1IhzxlVRRPa7IhDCguxw==
mput
pipedream.wistia.com/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
Emajvqg0nPV6wJg-E46vsnIY9COZHoQ8IoKrBsAALJM1_bzgZTAaGA==
ghtvnyal3b.m3u8
fast.wistia.com/embed/medias/ 		931 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/ghtvnyal3b.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2cefa2d4ddbfba79019bb982a7eba7164225461f73e81513ddf578092ae53606
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
via
1.1 b3bc6011219d758c8763878f39b43b9e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD61-P1
age
22706
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
32
content-length
931
x-request-id
b13e85ea-32f5-4ed6-a0b3-5790fda9ce35
x-served-by
cache-iad-kcgs7200040-IAD, cache-fra-etou8220020-FRA
x-runtime
0.031388
x-browser-version
126
server
envoy
x-timer
S1719508743.225416,VS0,VE91
etag
W/"2cefa2d4ddbfba79019bb982a7eba716"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u4TVZJlxdvgKq-MLvFJT4vptxRehGrsU6fAB-TS0HUwtkma6QLrTPw==
x-cache-hits
14, 0
favicon.ico
halls.md/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://halls.md/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Nov 2014 23:43:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COvafaLo2%2BeGaMCieozwhIR2ERVO7WseuSkvQF0g6wZJRLw%2Fiv8cSGPhIEzSnpYmI9lnoDKxugpCNLp%2BEU9lQ0MhUdXjEUmO6FPrVrpLXnPebLo5pqiQdUvv98KGLkmdqig3R79s"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7198d2fff35e1-FRA
content-length
987
favicon.ico
halls.md/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://halls.md/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Nov 2014 23:43:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COvafaLo2%2BeGaMCieozwhIR2ERVO7WseuSkvQF0g6wZJRLw%2Fiv8cSGPhIEzSnpYmI9lnoDKxugpCNLp%2BEU9lQ0MhUdXjEUmO6FPrVrpLXnPebLo5pqiQdUvv98KGLkmdqig3R79s"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7198d2fff35e1-FRA
content-length
987
favicon.ico
halls.md/wp-content/themes/genesis/images/ 		34 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://halls.md/wp-content/themes/genesis/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657f68bfd98bbea2979035fdba943eb5c7c438c33f0ab9f586ca70692f647ab7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 13 Apr 2024 15:27:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZagHIVBuQQLJaNIZjH1bobY3WOG%2BvI2Sl%2BLejHF7%2Fhpdj0vmbwR8kID6B%2B7i9gu2IfLDak2p9LI07I%2B5kW4Og%2FIjZ8gACUZA008JfWIXIx5Ckk4iXX8f%2BkgWc98XODB3fe1xh12i"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a7198fbb6f35e1-FRA
content-length
4373
mput
pipedream.wistia.com/ 		2 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jun 2024 17:19:04 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
BQzABjwHSVNsZZkJVplayjMIcQMDTKBfKH-U6ttOsmB9YXJmoSWUMQ==
allIntegrations.js
fast.wistia.com/assets/external/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a205a917503b34b47bbea593b34b03f3fa5f5ada21894e90c36507eac825a4c7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://halls.md
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:04 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2157
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
12252
x-served-by
cache-iad-kcgs7200101-IAD, cache-fra-etou8220020-FRA
x-browser-version
126
last-modified
Thu, 27 Jun 2024 14:42:20 GMT
server
AmazonS3
x-timer
S1719508744.212922,VS0,VE0
etag
"d217cf921e49d5ce764cec30959f36aa"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
685e10360cf3d8d4d4f9f0d312f693af45f362d6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
22, 32
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=887018527&t=event&_s=2&dl=https%3A%2F%2Fhalls.md%2F&ul=de-de&de=UTF-8&dt=Moose%20and%20Doc%20%E2%80%93%20halls.md&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Play&el=Happy2meet&_u=KHBAAAABAAAAACAAI~&jid=&gjid=&cid=2082687230.1719508741&tid=UA-51423016-1&_gid=1199596953.1719508741&z=435409510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 15:23:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6948
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mput
pipedream.wistia.com/ 		2 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 27 Jun 2024 17:19:04 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
YQzr8xzWsxVutghj_rAEel7tlIe8qexTvlr58fK6jZ-RnuhdRrZNgQ==
aTanya4.png
images.moosefile.com/common/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.moosefile.com/common/aTanya4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cfac12d6e826c91ad762f8969ad169e3741cf0f5149fb9648c50ff3d0ccf678

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://halls.md/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:19:06 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Dec 2016 06:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
MGQVD9EJ49PZKMFH
etag
"b73d2dc62f3a25a4e1d16697c5d6f932"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Axt6TeOdcOmRir8qGp6gmdx7DGdZJVXTw3z84PVd0%2FqVnM4iLtQp%2BqfEFovurEY7FXfr62a3GApN1w2qpUFyYyO0IApdWOXhTEBCIA%2BIucsWOAKikAzdjxzh6%2BjC09mtlYc2f0TVi6xfhoeLL0N6DIrU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
89a719a1bf6dbbfd-FRA
content-length
7325
x-amz-id-2
C69l569h29Ue0aa+YP2iAhsFgV8o8qI9S/oNzbNwyPGe5LtSRTZoKFVhrBuoDAfbkyzTikgcy+w=

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| wistiajsonp-/embed/medias/bz7ba75gw7.jsonp object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia object| _wq string| _wistiaElemId object| wistiaEmbeds object| dataLayer object| __buffer object| google_tag_manager object| googletag object| Sentry string| CDN_LOCATION string| LOCAL_LOCATION string| IMAGES_LOCATION object| Common object| Events object| Layout object| Viewport object| LazyLoad object| Media object| Animations object| WebMoose object| addComment string| SENTRY_SDK_SOURCE object| __SENTRY__ object| twemoji object| wp object| Jokes

6 Cookies

Domain/Path Name / Value
mail.205-251-145-39.cprapid.com/ Name: wordpress_test_cookies
Value: -407641606
halls.md/ Name: wordpress_test_cookies
Value: -1177771416
.halls.md/ Name: _ga
Value: GA1.2.2082687230.1719508741
.halls.md/ Name: _gid
Value: GA1.2.1199596953.1719508741
.halls.md/ Name: _gat
Value: 1
.halls.md/ Name: _ga_T3CYF11C7E
Value: GS1.2.1719508741.1.0.1719508744.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
connect.facebook.net
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
halls.md
images.moosefile.com
js.sentry-cdn.com
mail.205-251-145-39.cprapid.com
pipedream.wistia.com
region1.google-analytics.com
static.moosefile.com
stats.g.doubleclick.net
webmoose.moosefile.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.181.238
157.240.251.9
18.173.205.116
2001:4860:4802:34::36
205.251.145.39
2600:9000:211e:1600:1e:c86:4140:93a1
2600:9000:211e:d400:1e:c86:4140:93a1
2600:9000:236e:5e00:3:471f:5240:93a1
2606:4700:20::ac43:467b
2606:4700:20::ac43:4a90
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c02::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::644
2a04:4e42:200::729
08c5fd7bfd5393e59ba9a4487f2244f2598e02a3681bdc05515275b17675a278
0b593da401178486825e25618069d86fd8e525d9e7ac569fbfbcf0b395e584eb
0d38d19780bb4501eb45588cbc4c8cdb9a7e27c58ecd57eff25e7963ca626ce3
0e2990e9b7c316e6320430f04ebe1c9e328b39fc7ea077f489b312042161ab94
0e7a4847f95869498c4105c8240f8d18782dad4b01dd391e4c54e407c76679a8
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64
212932cf173214b255255d707de482d7d316b18cdde7b3768153ec6b8e7558af
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b7d0a39ca318d3b1ee97d77dd1e46ba6b8d498984fee067b10be335cf74c71
284337ca522066bc842c816ccadd2391a523d390f035443a4fc1d668d12fee34
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
29e954b663ed6018e36cccec6ce38e2e49feedac91d77693a2cb43e120685dab
2ae3cf48a77dcdb86455a4efe0f9b7e2a6a5876e944c064b03d49498593f9003
2cefa2d4ddbfba79019bb982a7eba7164225461f73e81513ddf578092ae53606
2d1a400b1b85822ac0bae7d235a315ea1239d052b65a1cafa4378164b6c097a4
2d1d66191391182f0a971cd85dfd9d4f4b1477674ab104131f78f531d82a6179
2f14d1ccf694037e07c0be48026e6ac8792c06c2582f62e1e296744743afb059
31b6e84575f8ac169159d188338db58e656d9138e26d60d66d90be4bf7b9059c
343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8
3f3a817be354f5bcb45a2a891f4ffbfad2d181762815e8061d51a2e560346129
42d2dc30429d30ed7c2c1eb927c5d24d7f7b3322169943107e4d88298371a8e8
49ec2daac9898a2a368deb649c9e8eaf2f7a9e64866110c50ae1dfcad0f534f8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f3fc86aff367007d5cda81af4a0c1522272d14d6ac2502162215b8e98d2e624
5153277d37f4c160d66032d4faaf66f280db309bea18e024d6b8142337934cba
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
59c98d63d56659bea8cde7868386e5f322422fcbbcc37efdb8e21ae6394d7caa
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cfac12d6e826c91ad762f8969ad169e3741cf0f5149fb9648c50ff3d0ccf678
6259532cca56499a6255f41a17d7b558ecca3e7ea6571c0c51c0064520074546
657f68bfd98bbea2979035fdba943eb5c7c438c33f0ab9f586ca70692f647ab7
66aa0f5d8875268a8fb43f4c8cec128fa2274df7ccff2fdac1460eec93c24139
6b07306a9485a3eebf872f8234e0194755d8ced873fd5f83a9093e7080cee9c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7624b24174a782579f6640096e2c8efa7e3336926c4c869cb0fb319c495c77dd
78eb7599f951b00de7095b63516350d89b6fa4038b0beff0bd456bf1cd42826e
7d922ad24f17cec1dbae60679aab6f9d116479a765cf94e66d853d4177fbca47
81e5a84759b92833d68948915eac7f7065394a81a89f471b825d00f154689f64
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862ff5a6026a577216a41bba1cf9f13d7d820456d6a68ed6eac8cafec4190c78
8fc31ca9bb47939c67a5974c5c9ec1736320cdaf89818cd1cea6599941c94761
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9b360e5899c2f4118cd2ed6e1107e8300788233e600e218567a05b435f4b9920
9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d
a205a917503b34b47bbea593b34b03f3fa5f5ada21894e90c36507eac825a4c7
a4417b0caf8ea5f30be33c9b91014cde2749ae07fa5110925802a01d1b0116e0
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
addc32bdae67f7e0986e55f9d94269056d8d39f0e47a6902ddfe8b4416b1ce2d
b27732a2cd61087036bb6fa7c503c939050f1aebca844e25ffec8c13c0e63e76
bfaf7d68e6fbe467b173cf34430d2d5af20e2e586fbe4aece4814baade091de0
c443975f2b9fdbafd8337e468f9c312196f3a0beeb408c4c584d3d685c883e85
ca8c45e76cb8b6fe8ebfc708d87a777b61f30bb9b0e561a4411df49e01e1289b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd83a3d925845397cef46d7ed432bdc6c5c2ff48ae9cb0c291443629eccabf30
d0453c72ff2db6a473f2ba0d91ef41f48dd2e320bd43ff1f8fb9e04314519264
d3807ea30015f5082c0a3e2b7803885310db888be091dbc86fecb1ca67f3c622
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
ec1cbbed320229e91a69623cd83f43b8e78f341cbc45a573dd93a3ab895592bf
f4b8fa76d03005a5c8f980eda2c5b2107bf23181ca3564c21bf636b68f319416
f982d46d6e7b82a1d01371382f96e764ec08f13934993738c3a374b842c8b371