Submitted URL: http://birthofanewearthblog.com/
Effective URL: https://birthofanewearthblog.com/
Submission: On May 15 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 2 countries across 6 domains to perform 47 HTTP transactions. The main IP is 142.11.243.43, located in United States and belongs to HOSTWINDS, US. The main domain is birthofanewearthblog.com.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.
This is the only time birthofanewearthblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
28 birthofanewearthblog.com
birthofanewearthblog.com
2 MB
6 gstatic.com
fonts.gstatic.com
161 KB
5 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 17842
assets.hellobar.com — Cisco Umbrella Rank: 282347
hi.hellobar.com — Cisco Umbrella Rank: 68234
326 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
16 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
4 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6182
310 B
47 6
Domain Requested by
28 birthofanewearthblog.com 1 redirects birthofanewearthblog.com
6 fonts.gstatic.com fonts.googleapis.com
3 www.youtube.com birthofanewearthblog.com
www.youtube.com
3 my.hellobar.com birthofanewearthblog.com
my.hellobar.com
3 fonts.googleapis.com birthofanewearthblog.com
my.hellobar.com
1 hi.hellobar.com birthofanewearthblog.com
1 assets.hellobar.com birthofanewearthblog.com
1 pro.ip-api.com my.hellobar.com
47 8

This site contains links to these domains. Also see Links.

Domain
www.hellobar.com
youtu.be
www.godaddy.com
Subject Issuer Validity Valid
birthofanewearthblog.com
R3
2024-04-24 -
2024-07-23
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-25 -
2024-08-24
a year crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh
assets.hellobar.com
GTS CA 1P5
2024-04-01 -
2024-06-30
3 months crt.sh
*.hellobar.com
Amazon RSA 2048 M03
2023-09-15 -
2024-10-13
a year crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://birthofanewearthblog.com/
Frame ID: 1D07B5969D3A3B6B8998B60F645BAE3F
Requests: 53 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
Frame ID: 4929C58F9FF7AB146A277B9256579E34
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Birth of a New Earth Blog – Creating our own New World – Leaving Evil Behind

Page URL History Show full URLs

  1. http://birthofanewearthblog.com/ HTTP 307
    https://birthofanewearthblog.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

94 %
HTTPS

64 %
IPv6

6
Domains

8
Subdomains

12
IPs

2
Countries

2595 kB
Transfer

2876 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://birthofanewearthblog.com/ HTTP 307
    https://birthofanewearthblog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://youtu.be/3Kt1-GBPcpU?_=1 HTTP 303
  • https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be
Request Chain 50
  • https://birthofanewearthblog.com/favicon.ico HTTP 302
  • https://birthofanewearthblog.com/wp-includes/images/w-logo-blue-white-bg.png

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
birthofanewearthblog.com/
Redirect Chain
  • http://birthofanewearthblog.com/
  • https://birthofanewearthblog.com/
85 KB
85 KB
Document
General
Full URL
https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
85048b01040af20744a560d9d92ef2b50b733d74c4203a1586f374cca014f2bc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 17:28:45 GMT
link
<https://birthofanewearthblog.com/wp-json/>; rel="https://api.w.org/"
server
nginx/1.25.5

Redirect headers

Location
https://birthofanewearthblog.com/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
birthofanewearthblog.com/wp-includes/css/dist/block-library/
50 KB
50 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:45 GMT
last-modified
Mon, 22 Feb 2021 21:25:12 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"60342138-c88a"
content-length
51338
content-type
text/css
theme.min.css
birthofanewearthblog.com/wp-includes/css/dist/block-library/
2 KB
2 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:45 GMT
last-modified
Tue, 13 Oct 2020 13:10:30 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5f85a746-8f9"
content-length
2297
content-type
text/css
font-awesome.min.css
birthofanewearthblog.com/wp-content/plugins/contact-widgets/assets/css/
30 KB
30 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:45 GMT
last-modified
Wed, 20 Nov 2019 18:45:22 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5dd589c2-777f"
content-length
30591
content-type
text/css
style.css
birthofanewearthblog.com/wp-content/themes/primer/
91 KB
91 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-content/themes/primer/style.css?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
028d2679c451d3b8f7a01d9212fae6cb3549702462d5511d362b41e7ab7ba76e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:45 GMT
last-modified
Wed, 03 Feb 2021 04:24:59 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"601a259b-16ac2"
content-length
92866
content-type
text/css
wp-emoji-release.min.js
birthofanewearthblog.com/wp-includes/js/
14 KB
14 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Thu, 04 Feb 2021 09:24:11 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"601bbd3b-3795"
content-length
14229
content-type
application/javascript
css
fonts.googleapis.com/
16 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 17:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 17:28:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 17:28:46 GMT
default.css
birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/css/default.css?ver=2
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
bb27e798787afb227e67cc887e4da0bde0f955a92e304c9f90e49eb0272685df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Sat, 10 Jul 2021 03:53:42 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"60e919c6-f5a"
content-length
3930
content-type
text/css
jquery.min.js
birthofanewearthblog.com/wp-includes/js/jquery/
87 KB
88 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5f7dedd5-15d98"
content-length
89496
content-type
application/javascript
jquery-migrate.min.js
birthofanewearthblog.com/wp-includes/js/jquery/
11 KB
11 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Thu, 19 Nov 2020 09:31:13 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5fb63b61-2bd8"
content-length
11224
content-type
application/javascript
email-posts-to-subscribers.js
birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers//inc/
2 KB
2 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers//inc/email-posts-to-subscribers.js?ver=2.2
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Sat, 15 Apr 2023 02:48:28 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"643a107c-8c3"
content-length
2243
content-type
application/javascript
custom.js
birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/js/
288 B
330 B
Script
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/wps-visitor-counter/styles/js/custom.js?ver=1
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
199785b1e59c9a2646d5d2eb3103ec5b2bfc5297524c7be096821bb192aa18a9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Sat, 10 Jul 2021 03:53:42 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"60e919c6-120"
content-length
288
content-type
application/javascript
02df96bc54ca531c64f18da4cff56e3bac516965.js
my.hellobar.com/
7 KB
2 KB
Script
General
Full URL
https://my.hellobar.com/02df96bc54ca531c64f18da4cff56e3bac516965.js
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ebe30c6e273e4b846c5bfeb9a3dc7fa7dbf7445fd0b9fbf7d7c31894715eb8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 20:42:45 GMT
server
cloudflare
x-amz-request-id
NHPFXRQBD16NXGQV
etag
W/"fae3eddd8314ed80e9fa50928a89377a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
8844d8bc5aed9101-FRA
x-amz-id-2
nYV6ZxoePhfcJ4YUScLL/zenG8YqnJhtZ+DRruHpkBbBw5fv25JWl5cy3Yr/nJqNyQ2+lE/u22U=
cropped-Creating-Our-New-World-2.png
birthofanewearthblog.com/wp-content/uploads/2018/08/
1 MB
1 MB
Image
General
Full URL
https://birthofanewearthblog.com/wp-content/uploads/2018/08/cropped-Creating-Our-New-World-2.png
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
d198dc51747e9a82a2e310c398d5da4ebeaab7df73464d636663c9a0aa9cf265

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:46 GMT
last-modified
Sun, 19 Aug 2018 22:37:03 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5b79f10f-178211"
content-length
1540625
content-type
image/png
ajax-loader.gif
birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers/inc/
2 KB
2 KB
Image
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/email-posts-to-subscribers/inc/ajax-loader.gif
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:48 GMT
last-modified
Sat, 15 Apr 2023 02:48:28 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"643a107c-739"
content-length
1849
content-type
image/gif
mediaelementplayer-legacy.min.css
birthofanewearthblog.com/wp-includes/js/mediaelement/
11 KB
11 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5f735862-2bf8"
content-length
11256
content-type
text/css
wp-mediaelement.min.css
birthofanewearthblog.com/wp-includes/js/mediaelement/
4 KB
4 KB
Stylesheet
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5cfaccce-105a"
content-length
4186
content-type
text/css
tracker.js
birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/
3 KB
3 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.6.1
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
4e7d502f3b3986ff3360391418a1062d96b466d78562fab9d0e9d4f02c8ed938

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Sat, 13 Apr 2024 16:18:13 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"661ab045-b7a"
content-length
2938
content-type
application/javascript
navigation.min.js
birthofanewearthblog.com/wp-content/themes/primer/assets/js/
418 B
460 B
Script
General
Full URL
https://birthofanewearthblog.com/wp-content/themes/primer/assets/js/navigation.min.js?ver=1.8.9
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Wed, 03 Feb 2021 04:24:59 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"601a259b-1a2"
content-length
418
content-type
application/javascript
wp-embed.min.js
birthofanewearthblog.com/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/wp-embed.min.js?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Tue, 16 May 2023 21:24:22 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"6463f486-5c6"
content-length
1478
content-type
application/javascript
mediaelement-and-player.min.js
birthofanewearthblog.com/wp-includes/js/mediaelement/
154 KB
154 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5f735862-267aa"
content-length
157610
content-type
application/javascript
mediaelement-migrate.min.js
birthofanewearthblog.com/wp-includes/js/mediaelement/
1 KB
1 KB
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Thu, 04 Feb 2021 09:24:11 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"601bbd3b-4a9"
content-length
1193
content-type
application/javascript
wp-mediaelement.min.js
birthofanewearthblog.com/wp-includes/js/mediaelement/
906 B
949 B
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
last-modified
Thu, 04 Feb 2021 09:24:11 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"601bbd3b-38a"
content-length
906
content-type
application/javascript
vimeo.min.js
birthofanewearthblog.com/wp-includes/js/mediaelement/renderers/
0
0
Script
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
content-length
27
content-type
text/plain; charset=utf-8
srs_simple_hits_counter_js.js
birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/
0
0
Script
General
Full URL
https://birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/srs_simple_hits_counter_js.js?ver=5.6.13
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
content-length
27
content-type
text/plain; charset=utf-8
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
412973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 22:45:56 GMT
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:58:55 GMT
x-content-type-options
nosniff
age
120594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:58:55 GMT
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700&subset=latin&ver=1.8.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
405806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47136
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 00:45:23 GMT
modules-v2.js
my.hellobar.com/
300 KB
74 KB
Script
General
Full URL
https://my.hellobar.com/modules-v2.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/02df96bc54ca531c64f18da4cff56e3bac516965.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ed8d1f4c943b8e7a20412280af3e7e4ca4041d53dddf6520fda9ccbb79e8b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
36ZD314WR1NQ53J4
age
2680
cf-polished
origSize=306772
x-amz-server-side-encryption
AES256
x-amz-id-2
wll7VjB0+ZKBExQIwwYJQ54A6HE9We5SoypAgkcKzJwwtUNNBa/nmxjYGsM5cTwr7DmW2QaPrnce2n6M7oyM3Q==
cf-bgj
minify
last-modified
Thu, 09 May 2024 18:38:43 GMT
server
cloudflare
etag
W/"b7045d247c4fb710726701a7aa598288"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8844d8be0d129101-FRA
json
pro.ip-api.com/
154 B
310 B
Fetch
General
Full URL
https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
165bcd5e0f6010fc49e615be91fd2faec02811d21a3839e201e97fb2f44ebd77

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 May 2024 17:28:49 GMT
Content-Length
154
Content-Type
application/json; charset=utf-8
clever_ads.js
my.hellobar.com/
43 B
287 B
Script
General
Full URL
https://my.hellobar.com/clever_ads.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:49 GMT
cf-cache-status
HIT
x-amz-request-id
0DM9J1PC0VD6AFM9
age
3762
cf-polished
origSize=45
x-amz-server-side-encryption
AES256
content-length
43
x-amz-id-2
XXntaa/j2Hcvin1b94DMA4MBdHFLcAPZuLFcTS4YLFiWszQrws85GrobAV4LBFAPXKX2bGWBDspzZddW6dl2MNZmgQiFx3Y6
cf-bgj
minify
last-modified
Fri, 04 Aug 2023 07:47:23 GMT
server
cloudflare
etag
"7e9ec97ef70197804a968a2b2c74d155"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8844d8bfbf509101-FRA
smooth-impact-default.jpg
assets.hellobar.com/
248 KB
248 KB
Image
General
Full URL
https://assets.hellobar.com/smooth-impact-default.jpg
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b169b67074d21d7c3b903a323578636328289918e6ea837b1891c5456d9996

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:50 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 22 Aug 2017 12:33:22 GMT
server
cloudflare
x-amz-request-id
98WCA9H082M5DMY2
age
3665
etag
"7c6b2d53528451c2adacc38ab7b4cfcc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8844d8c16de19271-FRA
content-length
253667
x-amz-id-2
0fF7bARMxsMlEbl0rJZ3YDwzgK93CbNRt8g+yGP6kQXakLbBP1/2Bcucp3Q0hThIpsQTx7kgn1w=
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63739f14addd092219c014d52f79624a3a8a1811eceb107bd7f023182f6ab0c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 17:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 17:28:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 17:28:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
100867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:27:43 GMT
css
fonts.googleapis.com/
6 KB
785 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,400i|Roboto:400,400i
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
662b66555a3569f3b78f4c36c40cf411497a0ac4333bf80705a438d6aa81eed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 17:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 17:28:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 17:28:50 GMT
IsbV2VMxMJNwHtBUvFZ-SNYN6IUPUDzeXcUpQtiqOOkuqGvzDRS
hi.hellobar.com/v/GvHnvN8Fk0yLdSsDg3p-FVSAWouYWpp22FArSjS/
35 B
386 B
Image
General
Full URL
https://hi.hellobar.com/v/GvHnvN8Fk0yLdSsDg3p-FVSAWouYWpp22FArSjS/IsbV2VMxMJNwHtBUvFZ-SNYN6IUPUDzeXcUpQtiqOOkuqGvzDRS?f=i&t=1715794131&s=e949f101384044a77ddca3a49ca7c2f74efefd32d5632bdf6dd09e174cf1d44026e79cd458e186e7eb9121ada51d9b8fc8acbaecef47e67d5b34e2fe7b9704d0
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 04:51:09 GMT
via
1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Apr 2018 13:15:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
45464
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Error from cloudfront
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
35
x-amz-cf-id
AYSftvm1oLmkX9ZGctTzSuB22RBeHFDs6WWDSUD4O_xc9UfIx9vmpA==
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
100868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:27:43 GMT
hit
birthofanewearthblog.com/wp-json/wp-statistics/v2/
137 B
444 B
Fetch
General
Full URL
https://birthofanewearthblog.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1&current_page_type=home&current_page_id=0&search_query&page_uri=Lw=&referred=&_=1715794134644
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
9ef69e36e187b422fc2d1c037132162b6e2381da3fbadd698802c5548e372e00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 15 May 2024 17:28:54 GMT
x-content-type-options
nosniff
server
nginx/1.25.5
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-cache
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://birthofanewearthblog.com/wp-json/>; rel="https://api.w.org/"
player_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/player_api
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 15 May 2024 17:28:54 GMT
mejs-controls.svg
birthofanewearthblog.com/wp-includes/js/mediaelement/
4 KB
5 KB
Image
General
Full URL
https://birthofanewearthblog.com/wp-includes/js/mediaelement/mejs-controls.svg
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:54 GMT
last-modified
Tue, 01 Aug 2017 04:43:51 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"59800707-11f6"
content-length
4598
content-type
image/svg+xml
watch
www.youtube.com/
Redirect Chain
  • https://youtu.be/3Kt1-GBPcpU?_=1
  • https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be
0
0

www-widgetapi.js
www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/
42 KB
14 KB
Script
General
Full URL
https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://birthofanewearthblog.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13973
x-xss-protection
0
last-modified
Mon, 13 May 2024 04:15:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 May 2025 16:38:24 GMT
3Kt1-GBPcpU
www.youtube.com/embed/ Frame 4929
0
0
Document
General
Full URL
https://www.youtube.com/embed/3Kt1-GBPcpU?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fbirthofanewearthblog.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://birthofanewearthblog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 17:28:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
admin-ajax.php
birthofanewearthblog.com/wp-admin/
0
230 B
XHR
General
Full URL
https://birthofanewearthblog.com/wp-admin/admin-ajax.php
Requested by
Host: birthofanewearthblog.com
URL: https://birthofanewearthblog.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://birthofanewearthblog.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:28:55 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx/1.25.5
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://birthofanewearthblog.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
w-logo-blue-white-bg.png
birthofanewearthblog.com/wp-includes/images/
Redirect Chain
  • https://birthofanewearthblog.com/favicon.ico
  • https://birthofanewearthblog.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB
Other
General
Full URL
https://birthofanewearthblog.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
142.11.243.43 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-825027.hostwindsdns.com
Software
nginx/1.25.5 /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://birthofanewearthblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 17:28:56 GMT
last-modified
Thu, 21 May 2020 09:10:12 GMT
server
nginx/1.25.5
accept-ranges
bytes
etag
"5ec64574-1017"
content-length
4119
content-type
image/png

Redirect headers

location
https://birthofanewearthblog.com/wp-includes/images/w-logo-blue-white-bg.png
date
Wed, 15 May 2024 17:28:55 GMT
server
nginx/1.25.5
link
<https://birthofanewearthblog.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by
WordPress
content-type
text/html; charset=UTF-8
odm29OGXODUgj3QXzv9JKIWS66-8v2U9z8MSFjIS
hi.hellobar.com/v/oOCxEKVYMAaeg1Np-4WBuCbVQHKJ6c/
0
0

1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2
fonts.gstatic.com/s/juliussansone/v18/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/juliussansone/v18/1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One:400,400i|Josefin+Sans:400,400i|Roboto:400,400i|Oswald:400,400i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://birthofanewearthblog.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 22:14:08 GMT
x-content-type-options
nosniff
age
155691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16028
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:12:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 22:14:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/watch?_=1&v=3Kt1-GBPcpU&feature=youtu.be
Domain
hi.hellobar.com
URL
https://hi.hellobar.com/v/oOCxEKVYMAaeg1Np-4WBuCbVQHKJ6c/odm29OGXODUgj3QXzv9JKIWS66-8v2U9z8MSFjIS?f=i&t=1715794140&s=a81155ad52249710a704ae5d4142babd9743bad7c3748ddaaa1f562efe3220ef7f54e38d4807d0292e0083e3a85d91c520556a137757485f8e84debafbe7cc97

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings undefined| $ function| jQuery object| elp_data object| wpspagevisit string| templateUrl string| post_id function| bootstrap object| hellobarSiteSettings object| script function| Hellobar object| hellobar boolean| _hellobar_adblocker__not_detected object| WP_Statistics_Tracker_Object object| wp object| mejsL10n object| twemoji object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: spqijBLy8JE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: O0w1q6a5Pbo
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgCw%3D%3D

4 Console Messages

Source Level URL
Text
network error URL: https://birthofanewearthblog.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://birthofanewearthblog.com/wp-content/plugins/srs-simple-hits-counter/js/srs_simple_hits_counter_js.js?ver=5.6.13
Message:
Failed to load resource: the server responded with a status of 429 ()
other warning URL: https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js(Line 265)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://birthofanewearthblog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.hellobar.com
birthofanewearthblog.com
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
my.hellobar.com
pro.ip-api.com
www.youtube.com
hi.hellobar.com
www.youtube.com
142.11.243.43
142.250.185.131
216.58.206.42
2600:9000:2156:9200:1b:45dc:7080:93a1
2606:4700:10::6816:f17
2606:4700:10::ac43:2be9
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:830::200e
51.77.64.70
028d2679c451d3b8f7a01d9212fae6cb3549702462d5511d362b41e7ab7ba76e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3
03ebe30c6e273e4b846c5bfeb9a3dc7fa7dbf7445fd0b9fbf7d7c31894715eb8
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
165bcd5e0f6010fc49e615be91fd2faec02811d21a3839e201e97fb2f44ebd77
199785b1e59c9a2646d5d2eb3103ec5b2bfc5297524c7be096821bb192aa18a9
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
4694f7200bca7003f42864dc28f990e671efd1b3903fa27c41dd805865ec3314
4e7d502f3b3986ff3360391418a1062d96b466d78562fab9d0e9d4f02c8ed938
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63739f14addd092219c014d52f79624a3a8a1811eceb107bd7f023182f6ab0c8
662b66555a3569f3b78f4c36c40cf411497a0ac4333bf80705a438d6aa81eed6
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
85048b01040af20744a560d9d92ef2b50b733d74c4203a1586f374cca014f2bc
964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d
9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b
9ef69e36e187b422fc2d1c037132162b6e2381da3fbadd698802c5548e372e00
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb27e798787afb227e67cc887e4da0bde0f955a92e304c9f90e49eb0272685df
d198dc51747e9a82a2e310c398d5da4ebeaab7df73464d636663c9a0aa9cf265
d3b169b67074d21d7c3b903a323578636328289918e6ea837b1891c5456d9996
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f6ed8d1f4c943b8e7a20412280af3e7e4ca4041d53dddf6520fda9ccbb79e8b4
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40