levelup.birchwoodcredit.com Open in urlscan Pro
3.248.8.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://levelup.birchwoodcredit.com/
Submission: On March 31 via automatic, source certstream-suspicious (March 31st 2022, 3:59:33 pm UTC) — Scanned from DE

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 43 HTTP transactions. The main IP is 3.248.8.137, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is levelup.birchwoodcredit.com.
TLS certificate: Issued by R3 on March 31st 2022. Valid for: 3 months.

This is the only time levelup.birchwoodcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.248.8.137 3.248.8.137	16509 (AMAZON-02) (AMAZON-02)
25	2600:9000:205... 2600:9000:2057:7800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.86.1.196 99.86.1.196	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
43	9

1 3.248.8.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-8-137.eu-west-1.compute.amazonaws.com

levelup.birchwoodcredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2057:7800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.1.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-196.fra6.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	website-files.com assets.website-files.com — Cisco Umbrella Rank: 13399	340 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	694 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	22 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 346	1 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net	32 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	birchwoodcredit.com levelup.birchwoodcredit.com	4 KB
43	7

	Domain	Requested by
25	assets.website-files.com	levelup.birchwoodcredit.com assets.website-files.com
8	www.youtube.com	levelup.birchwoodcredit.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	d3e54v103j8qbb.cloudfront.net	levelup.birchwoodcredit.com assets.website-files.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	levelup.birchwoodcredit.com
43	8

This site contains links to these domains. Also see Links.

Domain
www.birchwoodcredit.com
birchwoodcredit.com

Subject Issuer	Validity	Valid
levelup.birchwoodcredit.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://levelup.birchwoodcredit.com/
Frame ID: C9F67673F5E5FA543C1E580C1154E95B
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
Frame ID: 75E0415A4D1C51AA2063D064DB55B3B4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Birchwood Credit Level Up Campaign | You Buy, You Win!

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1109 kB
Transfer

3297 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.birchwoodcredit.com/

Search URL Search Domain Scan URL

URL: https://birchwoodcredit.com/application

Search URL Search Domain Scan URL

URL: https://www.birchwoodcredit.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.birchwoodcredit.com/contact-us/
Title: Questions? Get In Touch

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
levelup.birchwoodcredit.com/ 12 KB
4 KB 216ms
131ms Document
text/html 3.248.8.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.248.8.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-8-137.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 8f5aac6be807cd329351a3d264044ba986b0dfe2c4999a6dc547650a7224951c

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 4234
content-type: text/html
date: Thu, 31 Mar 2022 15:59:27 GMT
fastly-original-body-size: 4234
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-cluster-name: eu-west-1-prod-eks-15
x-served-by: cache-iad-kiad7000038-IAD, cache-dub4321-DUB
x-timer: S1648742368.733278,VS0,VE88

GET
H2 200 bci-level-up.webflow.e9f909138.css
assets.website-files.com/6238cc5930d53836dfd655ea/css/ 58 KB
12 KB 463ms
405ms Stylesheet
text/css 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f22b945085a518fbe9e87a3bac4c1ba8bba5bbdf4c011163634291e633a84218

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 15:56:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "8484c3f38c031fcc5668547a3be4e416"
x-cache: Miss from cloudfront
x-amz-version-id: TE8CyFYcPj37csx0B.wZSQhCHWMUrJP1
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/css
content-length: 12255
x-amz-cf-id: HFjZWW2wYPlR834DJTftuNTusp4r00hrJnwspf6bCesZd6bB49oVOg==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 442ms
400ms Script
application/javascript 99.86.1.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6238cc5930d53836dfd655ea
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-196.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://levelup.birchwoodcredit.com/
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: eH1AQkMx_-aQlak7WXNVPF7Ax8VVbH-Bp7_Sqr8Bm38VqDAfMG2wwQ==
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)

GET
H2 200 webflow.3d287c856.js Show response
assets.website-files.com/6238cc5930d53836dfd655ea/js/ 170 KB
55 KB 573ms
515ms Script
text/javascript 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/js/webflow.3d287c856.js
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 686ab3e259695acfda63528bd51fe356de375bf70ba2ca9521904e3b8e7342ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 15:56:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "2d8297c87b4dd57d0a7a404f50afd1e0"
x-cache: Miss from cloudfront
x-amz-version-id: vO35vsTXypG04qVs262hsYJHDSsSbtGm
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
content-length: 55463
x-amz-cf-id: JSes-nHzRr6Isi8bG5J_Au9jGH7AdvekClZwLkqwgAtqWWjUsR2x5A==

GET
H2 200 M8KmqaJvgpE Show response
www.youtube.com/embed/ Frame 75E0 54 KB
25 KB 138ms
67ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Requested by

Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f9dae65a723e7ceb855da94635b7897362000714f3bc4e4f4b11d672df281b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 31 Mar 2022 15:59:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 youtube-placeholder.2b05e7d68d.svg
d3e54v103j8qbb.cloudfront.net/static/ 1 KB
1003 B 50ms
16ms Image
image/svg+xml 99.86.1.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3e54v103j8qbb.cloudfront.net/static/youtube-placeholder.2b05e7d68d.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-196.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57a95589363c285e57f425f20f8533af5c8e505dcd7102399805e36919f6714f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 21:21:22 GMT
content-encoding: gzip
last-modified: Fri, 28 Sep 2018 22:50:23 GMT
server: AmazonS3
age: 67115
etag: W/"2b05e7d68db45fbb529749f58a6ec233"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ihTatjjhgBsQt8-jbnG2gOaCo5Nuoa1XqJOre7vZeIs5P4FHlAhChQ==

GET
H2 200 623ca048cfb74ed5b4ae4437_Group%20156.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 1 KB
1 KB 441ms
441ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/623ca048cfb74ed5b4ae4437_Group%20156.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e8f8472dd162675af495733a0381ee8c246b73a3daf483171e5d360a8362b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:46:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"7c5cf1a90fa2e1928fdce1f6848a4abc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: AzgUjHqSXBnTa6aTIwxCjoRKFYQEl1FB
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: KmkNuBlxMZVUutXb6ViUNaExIA6jipHIOqOOwWnIAGbqkVjWHeK7FA==

GET
H2 200 623ca7c587d51da602f698af_work-tile-background.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 688 B
1 KB 429ms
429ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/623ca7c587d51da602f698af_work-tile-background.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c152822a0f8a01e55788bda22d20758a67aca00c30f90064ed8f0966c3a3712a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 17:17:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "c568825047eaa7d07e373e0cdf4e0da9"
x-cache: Miss from cloudfront
x-amz-version-id: 0N8kyqtG4lo.5rB1wHOYXqXeAaT8rhSB
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/svg+xml
content-length: 688
x-amz-cf-id: 9wlyPtGOcyGGxHKQF1kIyJZYY-Xv5SqOMlzyY3c6Etv5dS-Z42aVBg==

GET
H2 200 6238ebbc2f6c346f9f5ba050_Visby-CF-Bold.otf
assets.website-files.com/6238cc5930d53836dfd655ea/ 44 KB
45 KB 218ms
183ms Font
application/x-font-otf 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ebbc2f6c346f9f5ba050_Visby-CF-Bold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce9a35849acf6e041663dc5f2f007e20838996bd2565c26fe887a73017cb8c81

Request headers

Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 45332
last-modified: Mon, 21 Mar 2022 21:18:53 GMT
server: AmazonS3
etag: "77bb5c1bd663fb3d4d1963eb6e9a04df"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: zj4SNSEWP00zK779ldQr2pZzRbaPKsRM
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: q933lB9JXwn3YMy2asMk6ib6ZedKRZhIbhEfhJ9X5efCROMPDE0pTQ==

GET
H2 200 6238ebbcfecf4d75e2587f71_Visby-CF-Demi-Bold.otf
assets.website-files.com/6238cc5930d53836dfd655ea/ 43 KB
44 KB 433ms
398ms Font
application/x-font-otf 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ebbcfecf4d75e2587f71_Visby-CF-Demi-Bold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7ed5e16581681c6ebdfeaa198adff8f0515a22cc296b02bc9656fb35a26bdcc

Request headers

Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 44048
last-modified: Mon, 21 Mar 2022 21:18:53 GMT
server: AmazonS3
etag: "b96e5c304e959aa25075c5d67e6c22fd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 7ZMPHL8l2SwpmakK7L3fxSvINdeD1Cco
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: UcV9Poltd4YNYzamnF7v_CWrz9xVXL72XQRDMQ-tnJyWCshY6i2hwQ==

GET
H2 200 6238ebbc943aa15baebfa69e_Visby-CF-Light.otf
assets.website-files.com/6238cc5930d53836dfd655ea/ 43 KB
44 KB 191ms
157ms Font
application/x-font-otf 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ebbc943aa15baebfa69e_Visby-CF-Light.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1143d45895d5d524185cbe46bce3ec4083f14396d948ec78d93859395065a43b

Request headers

Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 44012
last-modified: Mon, 21 Mar 2022 21:18:54 GMT
server: AmazonS3
etag: "b1f69b44e9b52dcf5325f11f5e5f66af"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: D_KPtrSuJvjNs80yeuo8s9aENaqk1NKL
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: VkuXaim9FLe1qjIL3GiNGQXyL29djCo8m4ICMljtTcG1xzEgBA5SPQ==

GET
H2 200 6238ebbd053216f2164082c7_Visby-CF-Extra-Bold.otf
assets.website-files.com/6238cc5930d53836dfd655ea/ 44 KB
45 KB 461ms
427ms Font
application/x-font-otf 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ebbd053216f2164082c7_Visby-CF-Extra-Bold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9479def0037bb60aebe62a47c30f63ca04c6ac9ce4a3ad611afd3cd8f57bd21

Request headers

Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 45504
last-modified: Mon, 21 Mar 2022 21:18:54 GMT
server: AmazonS3
etag: "e5eb0304ce011d4f8a959e3c4b207972"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: DZNUChW6tXQPP5eaEHZ6tXI2gj7LllWM
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: URgY68jIAIYLJdirArDe3sIfyHqdsvukbLbdZaOPsOAKjfsbAHIn8w==

GET
H2 200 6238ebbdb9fa3e6a97907e12_Visby-CF.otf
assets.website-files.com/6238cc5930d53836dfd655ea/ 43 KB
43 KB 469ms
434ms Font
application/x-font-otf 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ebbdb9fa3e6a97907e12_Visby-CF.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1e50759d38974087d0007548b334821b5ae5ff0f09a445edff970028088cfcd

Request headers

Referer: https://assets.website-files.com/6238cc5930d53836dfd655ea/css/bci-level-up.webflow.e9f909138.css
Origin: https://levelup.birchwoodcredit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:29 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 43812
last-modified: Mon, 21 Mar 2022 21:18:54 GMT
server: AmazonS3
etag: "a1c4881bc866bc363f9c4953e609a09a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: WR.Cl2WPzfITOqoflNko48tYtg79sFJ0
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: HMTRtnIqgQSlAUwkY5N89EaMTg_-uS4PQCv6nXkToVbc53AmcVZ2fg==

GET
H2 200 6238ccbe76303217eee6aa0e_6112f259cad05e7db2b5bd31_Birchwood-Credit_Logo_Knockout_RGB%20(1)%201.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 10 KB
5 KB 434ms
433ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238ccbe76303217eee6aa0e_6112f259cad05e7db2b5bd31_Birchwood-Credit_Logo_Knockout_RGB%20(1)%201.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619d65aefdf9ec6988a5cd751907634dc7253bd68c558b302d7a45ba0854bb91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 19:06:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"0707ae6b8d096bdf83b135c95ab844bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: CIaVcIlHm6.ISaNrJ9C2XzxHj8MoD1.u
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: jRlwaoEOQMe3JvNYSoVDe9mqc-NWVYaV3EIhpiOQXgI-63EOP-Swhg==

GET
H2 200 6245bd0b00389ae4e238e4ac_BCI642_Level-Up_Lockup.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 11 KB
4 KB 404ms
402ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6245bd0b00389ae4e238e4ac_BCI642_Level-Up_Lockup.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a243cacb49b919a984b18347ecd30142c68b6161dd8cd4feeabfae418412243a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 14:39:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"ecd8d2840c72e44d3847f091d7a88a79"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 6VY_roygd.ezN2FSbDHwCrSjC2LjNM13
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: 9BOu7PZSNMUsLXABO0YejDSo6aQQnXxf209vlG1fKXOQgkbVPrZa2w==

GET
H2 200 624324d6921ad33675c2409d_Blue%20guy%20in%20car%20CK_blue%20car%20.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 14 KB
4 KB 433ms
430ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/624324d6921ad33675c2409d_Blue%20guy%20in%20car%20CK_blue%20car%20.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a60726a6c72894a8fd58df89e116bacd443d72476795e4473403ab54e4db557f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 15:25:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"8eeb1fa98931536b146292358026cd38"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: aIKXXTzCfTf9.MrZL9Ig9w7eF9VGqeeA
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: DRv7A4GEoYIEXI8-gfLCdBKUlOQQ1AbSILCiS_rmS7tl8Fqq1SZwqA==

GET
H2 200 6245b93a23cc174df1aa035d_Extra%20things_button%20green.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 2 KB
1 KB 158ms
155ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6245b93a23cc174df1aa035d_Extra%20things_button%20green.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 924dfc3ce3210e85e5959816e4499debf04dbbe275afb2e3da10e3b1a18d95bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 14:22:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"e6b1461ddbe085c06257975834eebbcc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: KnDT9X4yQS9Y8NGGnd_qkmTOe4s2k0.F
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: FV32xxgGuqYhCIqfuvASbwwS-bfNseI_W4cc70qxDdPaDtLG0GaUWQ==

GET
H2 200 6245b949f144057a6f860e02_Extra%20things_button%20green%20w%20shadow.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 2 KB
1 KB 125ms
122ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6245b949f144057a6f860e02_Extra%20things_button%20green%20w%20shadow.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e27f1c079331e246f21e6c4853791ccb6b296c793fc23cf9301f353421de7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 14:23:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"a84fe169697b8c573b1fd9953bcd2708"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: ZhR3ZaYZBY_vv.dwUkxd__L1ICXUmVD9
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: q4nCEbmSdss4CPfek2RKphJRRh70HH0hBWIOKo5JGxFEZVKxcEnsmw==

GET
H2 200 6238d8874ca57c3238a5367c_Cash%20prize%20entry.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 2 KB
1 KB 441ms
438ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238d8874ca57c3238a5367c_Cash%20prize%20entry.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed5ae8078f7c27976809b778c143bd0180fb60db53383acd91a2530c0fb6e46b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 19:56:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"d4fa0792234d38d21c5586d8d38e8152"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: LyZV8_F4nIqsPJiOtnxcroS3BTDma24D
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: s9ZYm-h_qEcOsb2wTszM_11ySBgbygIZOsFBX73PnwzWXs0tj0vcxA==

GET
H2 200 6238e526cfae02b8e80b44e0_Cash%20prizes.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 39 KB
14 KB 469ms
466ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238e526cfae02b8e80b44e0_Cash%20prizes.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cd7968b58b1eb3ec0f2a59f07be5676f7ea8e43d0a09d4ead84b52c6a326dd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 20:50:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"eb23323959a37e0c90b7740ba3bbaab6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: WapEr3jkm3O_vtudqxhNZANuTBmaiOqd
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: rVUUcl1a2mQFqZFRObd5WX_xHdp2aQn4aGifkG9rRz11qCqXfqSXlA==

GET
H2 200 6238e54de77ea2704a825228_Dining%20gift%20cards.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 6 KB
2 KB 435ms
433ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6238e54de77ea2704a825228_Dining%20gift%20cards.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 491175c2be972b3b5a6a58b7232b835c9728212adf93ac5d6058a9de758fd64c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 20:51:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"b65dad7d773ee7f65b401c97ad5a1687"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: pLsqEUr3Mhl4HsnrKNYGY82Nohi63Px2
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: 3DvUmH_o2oEcgVINsuakn6AdMgQ-R_S1QpQESUZ5UB-YT1CjFwZZpw==

GET
H2 200 62432dbd2851030ba5d48609_Extra%20things_football.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 4 KB
2 KB 437ms
435ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432dbd2851030ba5d48609_Extra%20things_football.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4e00b877c5e63756df72f3b1b90571a4bcea4d6669dd8b57af9f31b25bb92d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 16:03:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"562ceabcec8d4108582df5312a3f80e1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: KIkOKKCC7Phauc2JaLrV6S6GBTnL_759
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: mswvQ35ig_guPAk5pqhhO_maNDo-XccQe8YaqIwj49G1BFY3g3WreA==

GET
H2 200 62432dd8480c388f1366aba1_Extra%20things_tent.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 5 KB
2 KB 438ms
436ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432dd8480c388f1366aba1_Extra%20things_tent.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24df613d6de0a82ea3198b2a11cdfd72785de47a1d58cf9201deae3321c59922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 16:03:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"f67b33089df0ee429d32f12d368c5e79"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: mj_HgwqVxgXWj2_rEIObrLjAxjSy8QXQ
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: 93o1-sgPg_F3wCIpaT0rxhgiNNCtarGceTgTIoIjJF2gYII_bmBtAg==

GET
H2 200 6245b95ad4ad254e22607b32_Extra%20things_orange%20green.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 2 KB
1 KB 438ms
436ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6245b95ad4ad254e22607b32_Extra%20things_orange%20green.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40bbc45dee15644c49d9b822f5bb856cee09b1f33523589151b9adf2486c4134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 14:23:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"4e92845e3fa5630889a27ba2c1b0d1a9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: FWB9aMUDjAcbfgYTfJJDF1Wja0JKUKdT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: sZIYbsQENdxvZVEzzufDmfZ9T6ktdUH3Cs3B-jjVRYBb9riTmfTIaA==

GET
H2 200 6245b96700389a24b738d534_Extra%20things_orange%20green%20w%20shadow.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 2 KB
1 KB 445ms
443ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/6245b96700389a24b738d534_Extra%20things_orange%20green%20w%20shadow.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 902119c96c08f2f6f0d55b56990f75d6eb77726ff6ca840844f82f03bd30eef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 14:23:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"c6e574b47a35f2f3ec9e551d482b901b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: NNYU.KpSP2KYryAOZNJN_Re1XCncXsPa
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: vJRP-CWRf9wMlxuvFoYarK5ZZIW89noWWKtDLv6aIr9_8Gr0GVQDuA==

GET
H2 200 62432ac4833edd2f73a4eb40_Extra%20things_customer-pinkshirt.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 4 KB
2 KB 464ms
462ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432ac4833edd2f73a4eb40_Extra%20things_customer-pinkshirt.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5979c665cd9d561c52b9b041503d4132f1b1d5ab7361e5b0f7573f60828e20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 15:50:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"6c7a43894bf74a620bdb659be4fa2b30"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: xFSwiJpMT1LwnzBT5N2mw1_F.3RZyvZ7
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: eKk1R7MGxDocdTOFw_gijJmJvdWHEjeMnm5nqKlj4fM4X0FnH9fLog==

GET
H2 200 62432a565493b21e80890bc2_Extra%20things_BCI-Josh.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 10 KB
3 KB 442ms
441ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432a565493b21e80890bc2_Extra%20things_BCI-Josh.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de950fc41c9270195936a0f22ea453165522faa1cce047d352c902554f1a99b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 15:48:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"ba0c8f4794fab988dc5b2927646cd06d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: T1I1rsQtOwGIEYwdYaUKnQ1NkP8Sz3v0
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: Fu6nq8z3__abGK3PUumJgdKMIxbxBYZvcovRh9bjv0kyD-6Riglm_Q==

GET
H2 200 62432a3fdd5f55bf8972cda5_Extra%20things_BCI-Chels.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 11 KB
4 KB 407ms
406ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432a3fdd5f55bf8972cda5_Extra%20things_BCI-Chels.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1247aca444e4d1cb932ecc75f5df7ac7653dd56aca1ccaf450aad01c7314e73e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 15:48:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"8a901d2848b48308f0124ffb6dfca669"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: dEbS4rYEl9PdepjBaYEdQz574pWKSs.w
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: 9xU9jUMuvuNimpUI7Tq19Ja3yt17LqW9cDP1_r8h9ghzL1IsXgHrCA==

GET
H2 200 62432a4add5f55219672cdcd_Extra%20things_BCI-Kreg.svg
assets.website-files.com/6238cc5930d53836dfd655ea/ 10 KB
3 KB 169ms
168ms Image
image/svg+xml 2600:9000:2057:7800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/6238cc5930d53836dfd655ea/62432a4add5f55219672cdcd_Extra%20things_BCI-Kreg.svg
Requested by: Host: levelup.birchwoodcredit.com
URL: https://levelup.birchwoodcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ebe65ba91b5fb7f87a10114e8f3f862bfd003753084fb41ce13cb917ce8c163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelup.birchwoodcredit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 31 Mar 2022 15:59:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 15:48:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"c5b3af17ed3c6c19e2be393fbd7594ca"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: B4w7rxBU3Bzu6A4rlPnCjQpZVyGG6jjd
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: cvkDRT-qloBE3hAswaE_LsQ86ddq4HEg-7g29IG9sKhV5Oaap1Pkbw==

GET
H2 200 www-player.css
www.youtube.com/s/player/1d26561d/ Frame 75E0 345 KB
47 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1d26561d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:52:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47394
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 00:29:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Mar 2023 15:52:32 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1d26561d/www-embed-player.vflset/ Frame 75E0 279 KB
86 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756421cc354ab978e42282704f697a85672375564dafe44aa8bfee804f0b044c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88081
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 00:29:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Mar 2023 15:52:58 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame 75E0 2 MB
525 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

906fe4e561f73b867384c6112552d84cfa411aac913b2a14c80e58da7bd5287e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537359
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 00:29:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Mar 2023 15:53:07 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1d26561d/fetch-polyfill.vflset/ Frame 75E0 9 KB
3 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1d26561d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 00:29:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Mar 2023 15:52:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 75E0 15 KB
16 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 189683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 75E0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

51ms
26ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b22e6bd5d95a2d5975ea69b74753d0623058b3c034c8bc19c14aed2a6716fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 31 Mar 2022 15:59:28 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 75E0 29 B
588 B 57ms
16ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:44:42 GMT
x-content-type-options: nosniff
age: 886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Mar 2022 15:59:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
25ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 31 Mar 2022 15:59:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 75E0 45 KB
22 KB 60ms
33ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbe56810fde1b09db3ace596af6ef0f8565c262bdda896e03639403b1146c4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 31 Mar 2022 15:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22390
x-xss-protection: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 75E0 0
19 B 27ms
26ms Ping
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=u0ViOvx3lQPZYIzY&el=embedded&ns=yt&fexp=23748147%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24134697%2C24135310%2C24158011%2C24169726%2C24174605%2C24180015%2C24181307&cl=438113574&seq=1&event=streamingstats&docid=M8KmqaJvgpE&cbr=Chrome&cbrver=100.0.4896.60&c=WEB_EMBEDDED_PLAYER&cver=1.20220329.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 15:59:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame 75E0 27 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707195cfa915801604801e3c06d2a7cbb158405244e951440cb4a134ea8e3cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 15:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8138
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 00:29:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Mar 2023 15:56:57 GMT

GET
DATA 200
OK truncated
/ Frame 75E0 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f134627eb3f3bfc8c2cfa31b31d159f4a34d983f1c10fdf44137029bd79063f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 75E0 98 B
142 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a19a0b00ea3ea0cc92ce36d5700e3213b61b0bdf6285fd54ff461db6c4d941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 31 Mar 2022 15:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 26ms
25ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 31 Mar 2022 15:59:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 75E0 28 B
54 B 32ms
32ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/M8KmqaJvgpE?rel=0&controls=1&autoplay=0&mute=0&start=0
X-YouTube-Client-Version: 1.20220329.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtMcGFaLTJ1TkVDVSjgn5eSBg%3D%3D
X-YouTube-Ad-Signals: dt=1648742368580&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C784%2C550&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 31 Mar 2022 15:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 31 Mar 2022 15:59:30 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: hVG5vBThaS4
			.youtube.com/	1970-01-20 06:18:14	Name: VISITOR_INFO1_LIVE Value: LpaZ-2uNECU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.website-files.com
d3e54v103j8qbb.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
levelup.birchwoodcredit.com
static.doubleclick.net
www.youtube.com
2600:9000:2057:7800:11:3b84:d200:93a1
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:830::200e
3.248.8.137
99.86.1.196
1143d45895d5d524185cbe46bce3ec4083f14396d948ec78d93859395065a43b
1247aca444e4d1cb932ecc75f5df7ac7653dd56aca1ccaf450aad01c7314e73e
1f9dae65a723e7ceb855da94635b7897362000714f3bc4e4f4b11d672df281b2
24df613d6de0a82ea3198b2a11cdfd72785de47a1d58cf9201deae3321c59922
31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40bbc45dee15644c49d9b822f5bb856cee09b1f33523589151b9adf2486c4134
491175c2be972b3b5a6a58b7232b835c9728212adf93ac5d6058a9de758fd64c
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b22e6bd5d95a2d5975ea69b74753d0623058b3c034c8bc19c14aed2a6716fa5
57a95589363c285e57f425f20f8533af5c8e505dcd7102399805e36919f6714f
5cd7968b58b1eb3ec0f2a59f07be5676f7ea8e43d0a09d4ead84b52c6a326dd2
619d65aefdf9ec6988a5cd751907634dc7253bd68c558b302d7a45ba0854bb91
61a19a0b00ea3ea0cc92ce36d5700e3213b61b0bdf6285fd54ff461db6c4d941
686ab3e259695acfda63528bd51fe356de375bf70ba2ca9521904e3b8e7342ca
6ebe65ba91b5fb7f87a10114e8f3f862bfd003753084fb41ce13cb917ce8c163
707195cfa915801604801e3c06d2a7cbb158405244e951440cb4a134ea8e3cb9
756421cc354ab978e42282704f697a85672375564dafe44aa8bfee804f0b044c
8f5aac6be807cd329351a3d264044ba986b0dfe2c4999a6dc547650a7224951c
902119c96c08f2f6f0d55b56990f75d6eb77726ff6ca840844f82f03bd30eef8
906fe4e561f73b867384c6112552d84cfa411aac913b2a14c80e58da7bd5287e
924dfc3ce3210e85e5959816e4499debf04dbbe275afb2e3da10e3b1a18d95bd
99e8f8472dd162675af495733a0381ee8c246b73a3daf483171e5d360a8362b8
a243cacb49b919a984b18347ecd30142c68b6161dd8cd4feeabfae418412243a
a4e00b877c5e63756df72f3b1b90571a4bcea4d6669dd8b57af9f31b25bb92d9
a60726a6c72894a8fd58df89e116bacd443d72476795e4473403ab54e4db557f
b1e50759d38974087d0007548b334821b5ae5ff0f09a445edff970028088cfcd
bd5979c665cd9d561c52b9b041503d4132f1b1d5ab7361e5b0f7573f60828e20
c152822a0f8a01e55788bda22d20758a67aca00c30f90064ed8f0966c3a3712a
c7ed5e16581681c6ebdfeaa198adff8f0515a22cc296b02bc9656fb35a26bdcc
c9479def0037bb60aebe62a47c30f63ca04c6ac9ce4a3ad611afd3cd8f57bd21
ce9a35849acf6e041663dc5f2f007e20838996bd2565c26fe887a73017cb8c81
d6e27f1c079331e246f21e6c4853791ccb6b296c793fc23cf9301f353421de7a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbe56810fde1b09db3ace596af6ef0f8565c262bdda896e03639403b1146c4bf
de950fc41c9270195936a0f22ea453165522faa1cce047d352c902554f1a99b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5ae8078f7c27976809b778c143bd0180fb60db53383acd91a2530c0fb6e46b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f134627eb3f3bfc8c2cfa31b31d159f4a34d983f1c10fdf44137029bd79063f9
f22b945085a518fbe9e87a3bac4c1ba8bba5bbdf4c011163634291e633a84218
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

levelup.birchwoodcredit.com Open in urlscan Pro 3.248.8.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

1109 kBTransfer

3297 kBSize

2 Cookies

4 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

levelup.birchwoodcredit.com Open in urlscan Pro
3.248.8.137 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1109 kB
Transfer

3297 kB
Size

2
Cookies

43 HTTP transactions
1 data transactions