birthofanewearthblog.com Open in urlscan Pro
142.11.243.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://birthofanewearthblog.com/
Effective URL:
https://birthofanewearthblog.com/
Submission: On November 12 via api (November 12th 2023, 10:48:26 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 60 HTTP transactions. The main IP is 142.11.243.43, located in United States and belongs to HOSTWINDS, US. The main domain is birthofanewearthblog.com.
TLS certificate: Issued by R3 on October 26th 2023. Valid for: 3 months.

This is the only time birthofanewearthblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	142.11.243.43 142.11.243.43	54290 (HOSTWINDS) (HOSTWINDS)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2be9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:de00:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
60	15

27 142.11.243.43 (United States) 1 redirects

ASN54290 (HOSTWINDS, US)
PTR: hwsrv-825027.hostwindsdns.com

birthofanewearthblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2be9 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtu.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:de00:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	birthofanewearthblog.com 1 redirects birthofanewearthblog.com	2 MB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	1 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	35 KB
5	gstatic.com fonts.gstatic.com	106 KB
5	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 18808 assets.hellobar.com — Cisco Umbrella Rank: 293540 hi.hellobar.com — Cisco Umbrella Rank: 57172	325 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	24 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	youtu.be 1 redirects youtu.be — Cisco Umbrella Rank: 7639	1 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6032	314 B
60	11

	Domain	Requested by
27	birthofanewearthblog.com	1 redirects birthofanewearthblog.com
10	www.youtube.com	birthofanewearthblog.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	my.hellobar.com	birthofanewearthblog.com my.hellobar.com
3	fonts.googleapis.com	birthofanewearthblog.com my.hellobar.com
2	i.ytimg.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	hi.hellobar.com	birthofanewearthblog.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	youtu.be	1 redirects
1	assets.hellobar.com	birthofanewearthblog.com
1	pro.ip-api.com	my.hellobar.com
60	15

This site contains links to these domains. Also see Links.

Domain
www.hellobar.com
youtu.be
www.godaddy.com

Subject Issuer	Validity	Valid
birthofanewearthblog.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-25` - `2024-08-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
assets.hellobar.com GTS CA 1P5	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.hellobar.com Amazon RSA 2048 M03	`2023-09-15` - `2024-10-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://birthofanewearthblog.com/
Frame ID: 0326715253DB8B5BA5FD78C4871C4000
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
Frame ID: BAAF1C97220BBA3BE0E580FCF3D33261
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Birth of a New Earth Blog – Creating our own New World – Leaving Evil Behind

Page URL History Show full URLs

http://birthofanewearthblog.com/ HTTP 302
https://birthofanewearthblog.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

87 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

3623 kB
Transfer

6341 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hellobar.com/?sid=614921&hbt=animated

Search URL Search Domain Scan URL

URL: https://www.hellobar.com/?sid=641209&hbt=animated

Search URL Search Domain Scan URL

URL: https://youtu.be/3Kt1-GBPcpU
Title: https://youtu.be/3Kt1-GBPcpU

Search URL Search Domain Scan URL

URL: https://www.godaddy.com/
Title: GoDaddy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://birthofanewearthblog.com/ HTTP 302
https://birthofanewearthblog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://youtu.be/3Kt1-GBPcpU?_=1 HTTP 303
https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be

Request Chain 51

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

60 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
birthofanewearthblog.com/
Redirect Chain

http://birthofanewearthblog.com/
https://birthofanewearthblog.com/

85 KB
85 KB

815ms
273ms

Document
text/html

142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 5b44bcac1fcd1878f78a5682bfb581d11cd17a2e15be7b8a0dad1efb47529236

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 12 Nov 2023 22:48:15 GMT
link: <https://birthofanewearthblog.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.25.2

Redirect headers

Content-Length: 5
Content-Type: text/plain; charset=utf-8
Date: Sun, 12 Nov 2023 22:48:14 GMT
Location: https://birthofanewearthblog.com/

GET
H2 200 style.min.css
birthofanewearthblog.com/wp-includes/css/dist/block-library/ 50 KB
50 KB 158ms
157ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Mon, 22 Feb 2021 21:25:12 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "60342138-c88a"
content-length: 51338
content-type: text/css

GET
H2 200 theme.min.css
birthofanewearthblog.com/wp-includes/css/dist/block-library/ 2 KB
2 KB 345ms
344ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Tue, 13 Oct 2020 13:10:30 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5f85a746-8f9"
content-length: 2297
content-type: text/css

GET
H2 200 font-awesome.min.css
birthofanewearthblog.com/wp-content/plugins/contact-widgets/assets/css/ 30 KB
30 KB 345ms
345ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Wed, 20 Nov 2019 18:45:22 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5dd589c2-777f"
content-length: 30591
content-type: text/css

GET
H2 200 style.css
birthofanewearthblog.com/wp-content/themes/primer/ 91 KB
91 KB 345ms
345ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/themes/primer/style.css?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 028d2679c451d3b8f7a01d9212fae6cb3549702462d5511d362b41e7ab7ba76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Wed, 03 Feb 2021 04:24:59 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "601a259b-16ac2"
content-length: 92866
content-type: text/css

GET
H2 200 wp-emoji-release.min.js Show response
birthofanewearthblog.com/wp-includes/js/ 14 KB
14 KB 915ms
906ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Thu, 04 Feb 2021 09:24:11 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "601bbd3b-3795"
content-length: 14229
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9

Requested by

Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Nov 2023 22:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 22:33:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Nov 2023 22:48:16 GMT

GET
H2 200 default.css
birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/css/ 4 KB
4 KB 957ms
955ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/css/default.css?ver=2
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: bb27e798787afb227e67cc887e4da0bde0f955a92e304c9f90e49eb0272685df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Sat, 10 Jul 2021 03:53:42 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "60e919c6-f5a"
content-length: 3930
content-type: text/css

GET
H2 200 jquery.min.js Show response
birthofanewearthblog.com/wp-includes/js/jquery/ 87 KB
88 KB 924ms
923ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5f7dedd5-15d98"
content-length: 89496
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
birthofanewearthblog.com/wp-includes/js/jquery/ 11 KB
11 KB 1094ms
1093ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5fb63b61-2bd8"
content-length: 11224
content-type: application/javascript

GET
H2 200 email-posts-to-subscribers.js Show response
birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers//inc/ 2 KB
2 KB 1094ms
1093ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers//inc/email-posts-to-subscribers.js?ver=2.2
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Sat, 15 Apr 2023 02:48:28 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "643a107c-8c3"
content-length: 2243
content-type: application/javascript

GET
H2 200 tracker.js Show response
birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/ 1 KB
1 KB 1095ms
1094ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 44f9b644648bc617dc561b8bb575276387fdbe044c97d84f0fb6e80e4997120c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:16 GMT
last-modified: Mon, 16 Oct 2023 00:05:02 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "652c7e2e-592"
content-length: 1426
content-type: application/javascript

GET
H2 200 custom.js Show response
birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/js/ 288 B
330 B 1096ms
1095ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/js/custom.js?ver=1
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 199785b1e59c9a2646d5d2eb3103ec5b2bfc5297524c7be096821bb192aa18a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:16 GMT
last-modified: Sat, 10 Jul 2021 03:53:42 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "60e919c6-120"
content-length: 288
content-type: application/javascript

GET
H2 200 02df96bc54ca531c64f18da4cff56e3bac516965.js Show response
my.hellobar.com/ 7 KB
2 KB 375ms
274ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/02df96bc54ca531c64f18da4cff56e3bac516965.js
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a5d5491d3778af25af6b655135111337bbe4b90fdea43801db5ebeb0891c900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 12 Nov 2023 04:35:33 GMT
server: cloudflare
x-amz-request-id: MNMRE2P6512H9TVR
etag: W/"21fe80e4547e80cf7946c86354e8645b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 8252525608759293-FRA
x-amz-id-2: n01hGqIShml15QPFRMBQLc/4N1/eOknzXp7U3pYW8oICpzuaX7ihzA862W2y9j0UOQ1UgKE4icw=

GET
H2 200 cropped-Creating-Our-New-World-2.png
birthofanewearthblog.com/wp-content/uploads/2018/08/ 1 MB
1 MB 1096ms
1096ms Image
image/png 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://birthofanewearthblog.com/wp-content/uploads/2018/08/cropped-Creating-Our-New-World-2.png
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: d198dc51747e9a82a2e310c398d5da4ebeaab7df73464d636663c9a0aa9cf265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:15 GMT
last-modified: Sun, 19 Aug 2018 22:37:03 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5b79f10f-178211"
content-length: 1540625
content-type: image/png

GET
H2 200 ajax-loader.gif
birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers/inc/ 2 KB
2 KB 740ms
740ms Image
image/gif 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers/inc/ajax-loader.gif
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Sat, 15 Apr 2023 02:48:28 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "643a107c-739"
content-length: 1849
content-type: image/gif

GET
H2 200 mediaelementplayer-legacy.min.css
birthofanewearthblog.com/wp-includes/js/mediaelement/ 11 KB
11 KB 463ms
450ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5f735862-2bf8"
content-length: 11256
content-type: text/css

GET
H2 200 wp-mediaelement.min.css
birthofanewearthblog.com/wp-includes/js/mediaelement/ 4 KB
4 KB 463ms
451ms Stylesheet
text/css 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5cfaccce-105a"
content-length: 4186
content-type: text/css

GET
H2 200 navigation.min.js Show response
birthofanewearthblog.com/wp-content/themes/primer/assets/js/ 418 B
460 B 464ms
452ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.9
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Wed, 03 Feb 2021 04:24:59 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "601a259b-1a2"
content-length: 418
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
birthofanewearthblog.com/wp-includes/js/ 1 KB
2 KB 464ms
453ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/wp-embed.min.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Tue, 16 May 2023 21:24:22 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "6463f486-5c6"
content-length: 1478
content-type: application/javascript

GET
H2 200 mediaelement-and-player.min.js Show response
birthofanewearthblog.com/wp-includes/js/mediaelement/ 154 KB
154 KB 464ms
454ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5f735862-267aa"
content-length: 157610
content-type: application/javascript

GET
H2 200 mediaelement-migrate.min.js Show response
birthofanewearthblog.com/wp-includes/js/mediaelement/ 1 KB
1 KB 464ms
454ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Thu, 04 Feb 2021 09:24:11 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "601bbd3b-4a9"
content-length: 1193
content-type: application/javascript

GET
H2 200 wp-mediaelement.min.js Show response
birthofanewearthblog.com/wp-includes/js/mediaelement/ 906 B
950 B 465ms
455ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Thu, 04 Feb 2021 09:24:11 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "601bbd3b-38a"
content-length: 906
content-type: application/javascript

GET
H2 200 vimeo.min.js Show response
birthofanewearthblog.com/wp-includes/js/mediaelement/renderers/ 6 KB
6 KB 465ms
456ms Script
application/javascript 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: 722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "5f735862-1940"
content-length: 6464
content-type: application/javascript

GET
H2 429 srs_simple_hits_counter_js.js
birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/ 0
0 466ms
457ms Script
text/plain 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/srs_simple_hits_counter_js.js?ver=5.6.12
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
content-length: 27
content-type: text/plain; charset=utf-8

GET
H2 200 hit Show response
birthofanewearthblog.com/wp-json/wp-statistics/v2/ 131 B
374 B 462ms
450ms XHR
application/json 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL

https://birthofanewearthblog.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=Lw=&referred=&_=1699829297479

Requested by

Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=5.6.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),

Reverse DNS

hwsrv-825027.hostwindsdns.com

Software

nginx/1.25.2 /

Resource Hash

9da284a40812a6542ddbb236751d57abb25ec2d882754fe6a4b388c71604f4b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthofanewearthblog.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
x-content-type-options: nosniff
server: nginx/1.25.2
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: no-cache
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://birthofanewearthblog.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birthofanewearthblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 202729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:29:28 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0

Request headers

Referer
Origin: https://birthofanewearthblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 modules-v2.js Show response
my.hellobar.com/ 295 KB
73 KB 58ms
58ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v2.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/02df96bc54ca531c64f18da4cff56e3bac516965.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83c45ec16412f142c625685546a359af44ff28d2fcf2f7014f82f661ad320e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:17 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: E6ETB3AP26RR2EDQ
age: 4423
cf-polished: origSize=302364
x-amz-server-side-encryption: AES256
x-amz-id-2: WUUbhPK2aM5QkVKa94LoM/a2nsUuyiBVsYh3JiyBpwHIdIIMYFkkyA0T+xB/tuZ28QcGsYUmolQ=
cf-bgj: minify
last-modified: Fri, 10 Nov 2023 15:30:06 GMT
server: cloudflare
etag: W/"c01c05655fa42b762391168dd89dbb51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 82525257b93b9293-FRA

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 158 B
314 B 131ms
40ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: c067a35278b10f89aae5a14ae09d8a7e2dc2a3240d3e389caa295b352b86826f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 12 Nov 2023 22:48:18 GMT
Content-Length: 158
Content-Type: application/json; charset=utf-8

GET
H2 200 clever_ads.js Show response
my.hellobar.com/ 43 B
296 B 48ms
48ms Script
application/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/clever_ads.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:18 GMT
cf-cache-status: HIT
x-amz-request-id: 8QT8AXYP9ZFQMMRQ
age: 6465
cf-polished: origSize=45
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: CzZQX2LEt+VQxhXzkTprHfsF6MT6a6luuhqHOVdvYgI3KiGQvxTHTN8/ZpAIec3inx8d0z2uvnY=
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 07:47:23 GMT
server: cloudflare
etag: "7e9ec97ef70197804a968a2b2c74d155"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8252525989f79293-FRA

GET
H2 200 smooth-impact-default.jpg
assets.hellobar.com/ 248 KB
248 KB 377ms
265ms Image
image/jpeg 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.hellobar.com/smooth-impact-default.jpg
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b169b67074d21d7c3b903a323578636328289918e6ea837b1891c5456d9996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:18 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Tue, 22 Aug 2017 12:33:22 GMT
server: cloudflare
x-amz-request-id: W44RRWT1XWQEBHVV
etag: "7c6b2d53528451c2adacc38ab7b4cfcc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8252525a9f571e66-FRA
content-length: 253667
x-amz-id-2: oLlCkE5GDIer6QgaFgjCBXCSUzVChtN72Xexgf8SrHYPAHjs75O8nmUFaZUkfK37S6Xbao4yMls=

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57966a795b597a33ffae34e64e49afce3593799db09342d57ce6a14e95a5a955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Nov 2023 22:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 22:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Nov 2023 22:48:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birthofanewearthblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 240086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 04:06:52 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
761 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,400i|Roboto:400,400i

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff95b9ad4d9dcff70af22293dc7634310b9dd17bcb2e84399a410c2d7e107a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Nov 2023 22:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Nov 2023 22:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Nov 2023 22:48:18 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 154ms
60ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 12 Nov 2023 22:48:18 GMT

GET
H2 200 mejs-controls.svg
birthofanewearthblog.com/wp-includes/js/mediaelement/ 4 KB
5 KB 503ms
503ms Image
image/svg+xml 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mejs-controls.svg
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: hwsrv-825027.hostwindsdns.com
Software: nginx/1.25.2 /
Resource Hash: ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:18 GMT
last-modified: Tue, 01 Aug 2017 04:43:51 GMT
server: nginx/1.25.2
accept-ranges: bytes
etag: "59800707-11f6"
content-length: 4598
content-type: image/svg+xml

GET
H2

200

watch
www.youtube.com/
Redirect Chain

https://youtu.be/3Kt1-GBPcpU?_=1
https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be

0
0

79ms
78ms

Media
text/html

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

date: Sun, 12 Nov 2023 22:48:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups; report-to="SHORT_URL"
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
location: https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be
report-to: {"group":"SHORT_URL","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SHORT_URL"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/ 215 KB
67 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 21:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68298
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Nov 2024 21:28:59 GMT

GET
H3 200 3Kt1-GBPcpU Show response
www.youtube.com/embed/ Frame BAAF 91 KB
38 KB 100ms
99ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

879ae254b68273894ca3fc5523093a880ca00c7c3dc455ccb0e62a163c447f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthofanewearthblog.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Nov 2023 22:48:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/5bdfe6d5/ Frame BAAF 377 KB
48 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 20:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48775
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Nov 2024 20:59:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAAF 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options: nosniff
age: 58688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 06:30:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAAF 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 352012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 21:01:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame BAAF 56 KB
17 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98363ded52b5ce2eec06a5d8d855b87707f5cd02729ffddf4d058e4901de9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17669
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:33:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/ Frame BAAF 321 KB
96 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98280
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Nov 2024 22:13:28 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame BAAF 2 MB
759 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f63c84a93df18a64253a18ff542d3dbe06ea9df9164b29f130c9e17abaf68517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 777281
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Nov 2024 05:59:24 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame BAAF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

47ms
46ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5a9adc272826aed262e92eb0a4b623315aecf1aa7eb238b76f03558cc962ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 12 Nov 2023 22:48:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BAAF 29 B
495 B 127ms
40ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:42:47 GMT
x-content-type-options: nosniff
age: 332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 22:57:47 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 136ms
46ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 12 Nov 2023 22:48:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BAAF 69 KB
32 KB 53ms
53ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

625abc0516372891065fe9d7bc6c0e8f45e57c93ebc076a883f4812e0bf00e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32422
x-xss-protection: 0

GET
H2 200 Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js Show response
www.google.com/js/th/ Frame BAAF 38 KB
15 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 03:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15072
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Nov 2024 03:33:39 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/3Kt1-GBPcpU/ Frame BAAF 3 KB
3 KB 163ms
76ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3Kt1-GBPcpU/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab17162edeef119ec5dcc24ed8c3743ed16c9f0c357b76a98f3269d89fe2614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2668
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 00:48:19 GMT

GET
DATA 200
OK truncated
/ Frame BAAF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKZVAD0NhoVR3RMcXh5SJ9falCUQUUuk8Bc1ieu4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BAAF 2 KB
2 KB 126ms
39ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKZVAD0NhoVR3RMcXh5SJ9falCUQUUuk8Bc1ieu4=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8af33f0b947174cb5611d060b11ed2fb7cef1824325131ad570db38706862779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:39:52 GMT
x-content-type-options: nosniff
age: 507
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1933
x-xss-protection: 0
server: fife
etag: "v2e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 13 Nov 2023 22:39:52 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/3Kt1-GBPcpU/ Frame BAAF 21 KB
21 KB 101ms
49ms Image
image/webp 2a00:1450:4001:81c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/3Kt1-GBPcpU/sddefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fce0d4849ae7d2b9e3058c0b395cb3042468b7dc8066ccb78415206a1e269aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21374
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 00:48:19 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame BAAF 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?6zrhjA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 12 Nov 2023 22:48:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BAAF 90 B
134 B 50ms
49ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9b73b893cd49a04300879315060ce3585737d78122a171d75d024d20341b941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 12 Nov 2023 22:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 gAskhsgPVoOtHbrloCS-v2pUL5bia9k7I0wmOV9xzs5JJcXZSSSS
hi.hellobar.com/v/KPDoKRfgZJnOrkqZH0i6SS-GXCmRtMINH1ASjSS/ 35 B
376 B 747ms
638ms Image
image/gif 2600:9000:2156:de00:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/KPDoKRfgZJnOrkqZH0i6SS-GXCmRtMINH1ASjSS/gAskhsgPVoOtHbrloCS-v2pUL5bia9k7I0wmOV9xzs5JJcXZSSSS?f=i&t=1699829300&s=23796792663801bb492730e9efe3f445be3f7db2764ae648d773574ef85a465f0881a4b26fd7f7d0cb974abcca4255df721c0d1db8d64eb328490fc26beb236e
Requested by: Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthofanewearthblog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 15:33:25 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 95050
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 35
x-amz-cf-id: Q1hmkDTPgfYauidFUnnGoJYAtmE_I16QK2D48AmlibxPbWbDVn6GOA==

GET
H3 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birthofanewearthblog.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 22:15:00 GMT
x-content-type-options: nosniff
age: 433999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Nov 2024 22:15:00 GMT

POST
H2 200 admin-ajax.php Show response
birthofanewearthblog.com/wp-admin/ 0
230 B 364ms
364ms XHR
text/html 142.11.243.43
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL

https://birthofanewearthblog.com/wp-admin/admin-ajax.php

Requested by

Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),

Reverse DNS

hwsrv-825027.hostwindsdns.com

Software

nginx/1.25.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://birthofanewearthblog.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 12 Nov 2023 22:48:20 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx/1.25.2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://birthofanewearthblog.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BAAF 28 B
54 B 252ms
252ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Goog-Request-Time: 1699829301477
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtYS1JQbGF4S0RZayizrMWqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699829299324&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C425%2C239&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 12 Nov 2023 22:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 12 Nov 2023 22:48:21 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 72_bPH7Mgas
			.youtube.com/	1970-01-20 20:29:41	Name: VISITOR_INFO1_LIVE Value: XKRPlaxKDYk

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/srs_simple_hits_counter_js.js?ver=5.6.12 Message: Failed to load resource: the server responded with a status of 429 ()
other	warning	URL: https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js(Line 1249) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.hellobar.com
birthofanewearthblog.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hi.hellobar.com
i.ytimg.com
jnn-pa.googleapis.com
my.hellobar.com
pro.ip-api.com
static.doubleclick.net
www.google.com
www.youtube.com
youtu.be
yt3.ggpht.com
142.11.243.43
2600:9000:2156:de00:1b:45dc:7080:93a1
2606:4700:10::6816:e17
2606:4700:10::ac43:2be9
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2016
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200e
51.77.64.70
028d2679c451d3b8f7a01d9212fae6cb3549702462d5511d362b41e7ab7ba76e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f
0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
199785b1e59c9a2646d5d2eb3103ec5b2bfc5297524c7be096821bb192aa18a9
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
27bd6083d5c3afcc96234c072ec945eec094d854f88572071e928d552d0af2a0
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
44f9b644648bc617dc561b8bb575276387fdbe044c97d84f0fb6e80e4997120c
4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314
4ab17162edeef119ec5dcc24ed8c3743ed16c9f0c357b76a98f3269d89fe2614
4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86
4fce0d4849ae7d2b9e3058c0b395cb3042468b7dc8066ccb78415206a1e269aa
57966a795b597a33ffae34e64e49afce3593799db09342d57ce6a14e95a5a955
5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b44bcac1fcd1878f78a5682bfb581d11cd17a2e15be7b8a0dad1efb47529236
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
625abc0516372891065fe9d7bc6c0e8f45e57c93ebc076a883f4812e0bf00e9b
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
7a5a9adc272826aed262e92eb0a4b623315aecf1aa7eb238b76f03558cc962ee
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
879ae254b68273894ca3fc5523093a880ca00c7c3dc455ccb0e62a163c447f85
8a5d5491d3778af25af6b655135111337bbe4b90fdea43801db5ebeb0891c900
8af33f0b947174cb5611d060b11ed2fb7cef1824325131ad570db38706862779
8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb
9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da
9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9da284a40812a6542ddbb236751d57abb25ec2d882754fe6a4b388c71604f4b2
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b83c45ec16412f142c625685546a359af44ff28d2fcf2f7014f82f661ad320e9
bb27e798787afb227e67cc887e4da0bde0f955a92e304c9f90e49eb0272685df
c067a35278b10f89aae5a14ae09d8a7e2dc2a3240d3e389caa295b352b86826f
d198dc51747e9a82a2e310c398d5da4ebeaab7df73464d636663c9a0aa9cf265
d3b169b67074d21d7c3b903a323578636328289918e6ea837b1891c5456d9996
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98363ded52b5ce2eec06a5d8d855b87707f5cd02729ffddf4d058e4901de9e5
d9b73b893cd49a04300879315060ce3585737d78122a171d75d024d20341b941
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f63c84a93df18a64253a18ff542d3dbe06ea9df9164b29f130c9e17abaf68517
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff95b9ad4d9dcff70af22293dc7634310b9dd17bcb2e84399a410c2d7e107a41

birthofanewearthblog.com Open in urlscan Pro 142.11.243.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

87 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

3623 kBTransfer

6341 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

birthofanewearthblog.com Open in urlscan Pro
142.11.243.43 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

87 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

3623 kB
Transfer

6341 kB
Size

2
Cookies

60 HTTP transactions
8 data transactions