urlscan.io logo urlscan.io
SecurityTrails logo

zbuh-zgfm.campaign-view.com Open in urlscan Pro
136.143.190.68  Public Scan

Go To Rescan Add Verdict Report
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969...
Submission: On September 22 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 36 HTTP transactions. The main IP is 136.143.190.68, located in United States and belongs to ZOHO-AS, US. The main domain is zbuh-zgfm.campaign-view.com.
TLS certificate: Issued by R3 on August 26th 2022. Valid for: 3 months.
This is the only time zbuh-zgfm.campaign-view.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    136.143.190.68 (United States)

ASN2639 (ZOHO-AS, US)
zbuh-zgfm.campaign-view.com
1    2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.net
4    204.141.32.123 (United States)

ASN2639 (ZOHO-AS, US)
img.zohostatic.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com
3    2a02:26f0:11a:4a6::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
5    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
2    2a03:2880:f007:1:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
web.facebook.com
1    151.101.192.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
Apex Domain
Subdomains		 Transfer
7 google.com
apis.google.com — Cisco Umbrella Rank: 98
accounts.google.com — Cisco Umbrella Rank: 77
130 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 714
syndication.twitter.com — Cisco Umbrella Rank: 995
150 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
web.facebook.com — Cisco Umbrella Rank: 263
16 KB
4 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2609
log.pinterest.com — Cisco Umbrella Rank: 3693
21 KB
4 zohostatic.com
img.zohostatic.com — Cisco Umbrella Rank: 53110
6 KB
4 campaign-view.com
zbuh-zgfm.campaign-view.com
59 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
141 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
88 KB
1 gstatic.com
ssl.gstatic.com
5 KB
1 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3166
160 KB
1 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 7726
114 KB
36 11
Domain Requested by
5 apis.google.com zbuh-zgfm.campaign-view.com
apis.google.com
accounts.google.com
4 platform.twitter.com zbuh-zgfm.campaign-view.com
platform.twitter.com
4 img.zohostatic.com zbuh-zgfm.campaign-view.com
4 zbuh-zgfm.campaign-view.com zbuh-zgfm.campaign-view.com
3 assets.pinterest.com zbuh-zgfm.campaign-view.com
assets.pinterest.com
2 static.xx.fbcdn.net www.facebook.com
2 web.facebook.com 1 redirects connect.facebook.net
2 www.facebook.com connect.facebook.net
2 accounts.google.com apis.google.com
zbuh-zgfm.campaign-view.com
2 syndication.twitter.com platform.twitter.com
2 connect.facebook.net zbuh-zgfm.campaign-view.com
connect.facebook.net
1 log.pinterest.com
1 ssl.gstatic.com accounts.google.com
1 platform.linkedin.com zbuh-zgfm.campaign-view.com
1 fast.wistia.net zbuh-zgfm.campaign-view.com
36 15

This site contains links to these domains. Also see Links.

Domain
zbuh-zgfm.maillist-manage.com
Subject Issuer Validity Valid
zctracker.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.zohostatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-22 -
2023-04-22		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-02 -
2022-09-30		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Frame ID: 1EEB3B91A02B7A8A83D78FC530DF45D6
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fzbuh-zgfm.campaign-view.com
Frame ID: 35178B0078346B0EAB8073A5C14DE240
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&origin=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&url=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D7&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 15A5D5AD1248650FE813E000DE9B3CF3
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: ECC20CAF380461DD840AA13887198C02
Requests: 5 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/like.php?action=like&app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b83353dfeabc8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&width=100
Frame ID: FF96FBF99FD631036CD98B0C8DB8ED2E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr
Frame ID: 2E02E75A5C71521BE66FD553BE406944
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.en.html
Frame ID: 6B83758E6D5436DB3BDA04B90D8F82A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CLOSING 2022/09/23

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

15
IPs

4
Countries

889 kB
Transfer

3155 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://web.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button HTTP 302
  • https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request viewinbrowser
zbuh-zgfm.campaign-view.com/ua/ 		80 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.68 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
d09246374e29621a482de05bb6e02fae465ac4c4a67905d462093f243820e954
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
private,no-cache,no-store,max-age=0,must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 22 Sep 2022 19:44:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
ZGS
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
vary
accept-encoding
jquery-1.11.0.min.js
zbuh-zgfm.campaign-view.com/js/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbuh-zgfm.campaign-view.com/js/jquery-1.11.0.min.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.68 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 10:51:48 GMT
Server
ZGS
ETag
W/"96381-1663671108000"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery-migrate-1.2.1.min.js
zbuh-zgfm.campaign-view.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbuh-zgfm.campaign-view.com/js/jquery-migrate-1.2.1.min.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.68 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Sep 2022 10:51:48 GMT
Server
ZGS
ETag
W/"7199-1663671108000"
vary
accept-encoding
Content-Type
application/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
E-v1.js
fast.wistia.net/assets/external/ 		625 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04c0ea3c1d3a82cf0979f96736a276ac64300156ddf03af469779cd5605d072a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 19:44:01 GMT
content-encoding
br
vary
Accept-Encoding
age
388
x-cache
HIT, HIT
content-length
116461
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra19134-FRA
access-control-allow-origin
*
x-browser-version
105
last-modified
Wed, 21 Sep 2022 18:41:26 GMT
x-timer
S1663875841.431108,VS0,VE0
etag
"632b5ad6-1c6ed"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 15
spacer.gif
img.zohostatic.com/campaigns/static2/images/ 		43 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.zohostatic.com/campaigns/static2/images/spacer.gif
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Last-Modified
Thu, 22 Sep 2022 13:01:48 GMT
Server
ZGS
ETag
"632c5cbc-2b"
Strict-Transport-Security
max-age=63072000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
43
Expires
Fri, 22 Sep 2023 19:44:01 GMT
viewinbrowserarw.png
img.zohostatic.com/campaigns/static2/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.zohostatic.com/campaigns/static2/images/viewinbrowserarw.png
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
489840a9accc2183e19556b65f433790fc5fe9fe8a15e56092967a848db28b94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Last-Modified
Thu, 22 Sep 2022 13:01:49 GMT
Server
ZGS
ETag
"632c5cbd-64a"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
1610
Expires
Fri, 22 Sep 2023 19:44:01 GMT
viewinbrowserarw.png
zbuh-zgfm.campaign-view.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbuh-zgfm.campaign-view.com/images/viewinbrowserarw.png
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.68 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
489840a9accc2183e19556b65f433790fc5fe9fe8a15e56092967a848db28b94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Last-Modified
Tue, 20 Sep 2022 10:52:04 GMT
Server
ZGS
ETag
W/"1610-1663671124000"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1610
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1214
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Methods
GET
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29220
x-amzn-internal-status
304
Last-Modified
Wed, 31 Aug 2022 20:41:50 GMT
Server
ECS (frb/67C2)
Etag
"f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age
3000
x-tw-cdn
VZ
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
db8c71b686fc0a6dfdcd80d4570933b4ce0bbf0a1394819bc873473aa4d2c548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-li-uuid
AAXpSKtKBMeWuLTaISYNCg==
date
Thu, 22 Sep 2022 19:44:01 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
server
Play
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
x-li-pop
prod-lva1-x
x-li-proto
http/1.1
content-length
163279
x-cdn
AKAM
x-li-fabric
prod-lva1
expires
Thu, 22 Sep 2022 20:00:04 GMT
pinit_fg_en_rect_gray_28.png
assets.pinterest.com/images/pidgets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_28.png
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:4a6::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
554898655b1a25273e51355c241ddf4612b7d92b7c7fc99ec9d15afca6fe4beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl
86400
x-cdn
akamai
etag
"68587135cb07ea273b1ac0456ecc4dae"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=48543
accept-ranges
bytes
content-length
1422
access-control-expose-headers
X-CDN
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 22 Sep 2022 19:44:01 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"77de80bac492065f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 19:44:01 GMT
zc_tmblrpost.jpg
img.zohostatic.com/campaigns/static2/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.zohostatic.com/campaigns/static2/images/zc_tmblrpost.jpg
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
videoclose.png
img.zohostatic.com/campaigns/static2/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.zohostatic.com/campaigns/static2/images/videoclose.png
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
4230d6dc8edebdd4ad8b85c009fe33f77e1b11a33d9176983eb283e2145a2232
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:01 GMT
Last-Modified
Thu, 22 Sep 2022 13:01:48 GMT
Server
ZGS
ETag
"632c5cbc-b97"
Strict-Transport-Security
max-age=63072000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
2967
Expires
Fri, 22 Sep 2023 19:44:01 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed55e0349c71b26423063a851e03866808e0c9d350895a53cd37b80d79a4a29d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
V7vXyEXKC5d6TI7DMJNMjw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
MSszR/yjXifSohAB04tNLt3ajke00pMV3Nl8TC1MmU2T1Ts6HmnWV0woDBKs87I4X+7G3ZghHMbhNQchA2g1bg==
x-fb-trip-id
2050670934
x-fb-content-md5
cf6d3b14612b54569179a62281833580
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 19:44:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e3405cc6e8e59c813b3938bf6ad8848b"
timing-allow-origin
*
expires
Thu, 22 Sep 2022 19:58:05 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:4a6::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=219
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 00:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51176
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 00:17:40 GMT
widget_iframe.c4bdc17e77719578b594d5555bee90db.html
platform.twitter.com/widgets/ Frame 3517 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fzbuh-zgfm.campaign-view.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1897244
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Sep 2022 19:44:02 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D3)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 00:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34614
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 00:26:16 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 15A5 		0
0
all.js
connect.facebook.net/en_US/ 		316 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=d838e2371b54626db376def63dbcecc1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9425abdde65c083f17d789f4f07683ce5b58efcafc62ed0f2d7e338b0cbe00c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Origin
https://zbuh-zgfm.campaign-view.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+gFJUcf4x1OQ0oHlgu2zIw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87244
x-fb-rlafr
0
x-fb-debug
cH5ZTE/Nv5d/+Y0R3QeNlXnFkzv94StWIYAcViihn5Pbcm0KPZRqX9KUgAimxbqVBFSZN3ZeM2oVKPFmY/n0HQ==
x-fb-content-md5
82a8812d8c54e866e241e7a997382d67
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 22 Sep 2022 19:44:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"913a483c9978363b86eee9798be7a95b"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Sep 2023 16:58:24 GMT
settings
syndication.twitter.com/ Frame 3517 		771 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=83bac941602f0006fae757505639d1e6be976eb9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fzbuh-zgfm.campaign-view.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
107
date
Thu, 22 Sep 2022 19:44:01 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 19:44:02 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
6bed4176e0555e2b6da3ff8bcc8d56757a6e9ed684b5a8fc98b068cf9d0f4cd6
content-length
327
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.9520776105756206
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:4a6::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=278
accept-ranges
bytes
content-length
18679
access-control-expose-headers
X-CDN
postmessageRelay
accounts.google.com/o/oauth2/ Frame ECC2 		566 B
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c036388f7fbf9de496d149e4b7b80e1e571a935f7b893d8c68893048693fd49
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SOGE3k1xHCis-1z-5GEJOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SOGE3k1xHCis-1z-5GEJOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Thu, 22 Sep 2022 19:44:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=207587552663715&input_token&origin=1&redirect_uri=https%3A%2F%2Fzbuh-zgfm.campaign-view.com%2Fua%2Fviewinbrowser%3Fod%3D3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e%26rd%3D1dd969b0ae806bc2%26sd%3D1dd969b0ae66d9f7%26n%3D11699e4c1c8a11b%26mrd%3D1dd969b0ae66d9e5%26m%3D1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d838e2371b54626db376def63dbcecc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
H7WifQ2d97q0QhQDdTQPWwh/RuT3MYrz3FMTztikrVhL5HI2PKtQE+h5MBVwQ0IsoKQ4D167y/lN0mUlMmOMvA==
fb-s
unknown
date
Thu, 22 Sep 2022 19:44:02 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://zbuh-zgfm.campaign-view.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
cspreport
accounts.google.com/o/ Frame ECC2 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: zbuh-zgfm.campaign-view.com
URL: https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fBQ5cHEMjhTMP5431fHnIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 19:44:02 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-fBQ5cHEMjhTMP5431fHnIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame ECC2 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 09:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 02:09:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 09:23:24 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame ECC2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5573
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 22 Sep 2022 19:44:02 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"7759e2b79382a50e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 19:44:02 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame ECC2 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 00:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19062
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 00:18:26 GMT
like.php
web.facebook.com/plugins/ Frame FF96 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.facebook.com/plugins/like.php?action=like&app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b83353dfeabc8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d838e2371b54626db376def63dbcecc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:1:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 19:44:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
VBIJ7G/c90gHUV+oRSQG27bardiPRtbOxH1AdBivBY08mrSQLsbFsUQW3bGd++M4TCiIrj9NZrpXQwqAc8puvg==
x-xss-protection
0
share_button.php
www.facebook.com/plugins/ Frame 2E02
Redirect Chain
  • https://web.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dz...
  • https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dz...
42 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d838e2371b54626db376def63dbcecc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a524f83b17e62bd5bb6daafd34ae702a011c40b30406140eb8810eaeafca0a6
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 19:44:02 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4BcErAIdrl5ol3uIzVc39hJSUZb6garnKb45ids0Z2MfBvBzFecfthKLEHIh5GcauKw3dNeFRZ/In0c8RkLh6A==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 19:44:02 GMT
location
https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr
strict-transport-security
max-age=15552000; preload
x-fb-debug
/7vBJP+UA6CLgpWrMcXTmwVQ2rNzhUw4L2KBXDirVV/E8//wVYfvnNMdAxqfS7KLTD2SZYEfY0deMYu0ip7uZA==
x-fb-zr-redirect
02|1663962242|
button.c6c95b9789db97ea1e9742d215fff751.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.c6c95b9789db97ea1e9742d215fff751.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 19:44:02 GMT
Content-Encoding
gzip
Age
1897251
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2361
x-tw-cdn
VZ
Last-Modified
Wed, 31 Aug 2022 20:40:49 GMT
Server
ECS (frb/67C2)
Etag
"3b5d132d3d3780b86a6d19d169faef45+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
tweet_button.c4bdc17e77719578b594d5555bee90db.en.html
platform.twitter.com/widgets/ Frame 6B83 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
20ceb1050e3c945eebcbd67299e4db42bb2d1bc34008d5e345823dc357874ff8

Request headers

Referer
https://zbuh-zgfm.campaign-view.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1897244
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13752
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Sep 2022 19:44:02 GMT
Etag
"6408b1570a7587a221e1976192be413c+gzip"
Last-Modified
Wed, 31 Aug 2022 20:40:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C2)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fzbuh-zgfm.campaign-view.com%2Fua%2Fviewinbrowser%3Fod%3D3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e%26rd%3D1dd969b0ae806bc2%26sd%3D1dd969b0ae66d9f7%26n%3D11699e4c1c8a11b%26mrd%3D1dd969b0ae66d9e5%26m%3D1%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1663875842460%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=83bac941602f0006fae757505639d1e6be976eb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
113
date
Thu, 22 Sep 2022 19:44:02 GMT
last-modified
Thu, 22 Sep 2022 19:44:02 GMT
server
tsa_o
vary
Origin
content-type
image/gif
cache-control
must-revalidate, max-age=600
x-connection-hash
6bed4176e0555e2b6da3ff8bcc8d56757a6e9ed684b5a8fc98b068cf9d0f4cd6
strict-transport-security
max-age=631138519
content-length
43
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 2E02 		272 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 19:44:02 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
272
x-fb-rlafr
0
x-fb-debug
AkmLQV9Spkyk0R130YNlmFcWqe2eJ/hTLo9dLlB6MnsujXd2ZaiLWMrXg+UgoRsxmNQELmPEtvBvcvHM5HywFA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 17 Sep 2023 03:10:11 GMT
u5g-1jSotZd.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/ Frame 2E02 		568 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/u5g-1jSotZd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=207587552663715&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cd258213322f8%26domain%3Dzbuh-zgfm.campaign-view.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fzbuh-zgfm.campaign-view.com%252Ff3899a71c1ec9fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D2&locale=en_US&sdk=joey&type=button&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc7d57736b5d9143125facfc894ff36b79131c9788a69aa290708dde79554428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 19:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V3eH0fb3dff6YPgBvu/HXQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
144099
x-fb-rlafr
0
x-fb-debug
OlaVwPvZQG+uZKuEiatF9jCuCjo2IkZF/ZHJEVkr+1anL+803JqThTfd0pdW7p7oTOlMoJRCHFmGPeSK5L3CXQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Sep 2023 12:06:34 GMT
/
log.pinterest.com/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=YXkunxwd_yve&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fzbuh-zgfm.campaign-view.com%2Fua%2Fviewinbrowser%3Fod%3D3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e%26rd%3D1dd969b0ae806bc2%26sd%3D1dd969b0ae66d9f7%26n%3D11699e4c1c8a11b%26mrd%3D1dd969b0ae66d9e5%26m%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zbuh-zgfm.campaign-view.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 19:44:03 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-cache-hits
0
content-length
0
x-served-by
cache-fra19164-FRA
pragma
no-cache
server
envoy
x-timer
S1663875843.164433,VS0,VE94
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
7350511112404822
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apis.google.com
URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&annotation=none&origin=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&url=https%3A%2F%2Fzc.vg%2FyDtCi%3Fm%3D7&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds string| mode number| timeZone string| tz function| likeAction function| FshareAction function| sendAction function| tweetAction function| shareAction function| pinAction function| gPlusAction function| tmShareAction function| openPin function| triggerTumblrShare function| printAction function| commentsAction function| Post function| overLayShowHide function| translateToLang function| streamVideo function| playVideo function| CharacterCount function| pad function| refreshPage function| fbAsyncInit object| __twttrll object| twttr object| __twttr object| __core-js_shared__ object| Sslac object| IN function| success object| gapi object| ___jsl function| googleCallBack function| getPageSize number| PIN_19257 object| FB object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __buffer object| PIN_1663875842113 string| value string| key object| PinUtils

4 Cookies

Domain/Path Name / Value
zbuh-zgfm.campaign-view.com/ Name: c72887300d
Value: 174376ee7ca88cdda40cbf11948df17e
zbuh-zgfm.campaign-view.com/ Name: ZCAMPAIGN_CSRF_TOKEN
Value: 41a24a6f-4c11-4279-93de-77b3530e5826
zbuh-zgfm.campaign-view.com/ Name: _zcsr_tmp
Value: 41a24a6f-4c11-4279-93de-77b3530e5826
zbuh-zgfm.campaign-view.com/ Name: JSESSIONID
Value: B8135AEB0DC007498D27BAAA9A078AF7

3 Console Messages

Source Level URL
Text
network error URL: https://img.zohostatic.com/campaigns/static2/images/zc_tmblrpost.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://apis.google.com/js/plusone.js(Line 62)
Message:
Mixed Content: The page at 'https://zbuh-zgfm.campaign-view.com/ua/viewinbrowser?od=3z96f14c18bf04e0b44089281c0c15b0722c663152e9ea98b76c3086ace6b1850e&rd=1dd969b0ae806bc2&sd=1dd969b0ae66d9f7&n=11699e4c1c8a11b&mrd=1dd969b0ae66d9e5&m=1' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1663875842023&_gfid=I0_1663875842023&parent=https%3A%2F%2Fzbuh-zgfm.campaign-view.com&pfname=&rpctoken=39745499'. This request has been blocked; the content must be served over HTTPS.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.pinterest.com
connect.facebook.net
fast.wistia.net
img.zohostatic.com
log.pinterest.com
platform.linkedin.com
platform.twitter.com
ssl.gstatic.com
static.xx.fbcdn.net
syndication.twitter.com
web.facebook.com
www.facebook.com
zbuh-zgfm.campaign-view.com
apis.google.com
104.244.42.72
136.143.190.68
151.101.192.84
204.141.32.123
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2003
2a00:1450:4001:82f::200d
2a00:1450:400d:806::200e
2a02:26f0:11a:4a6::1931
2a02:26f0:3500:16::215:149b
2a03:2880:f007:1:face:b00c:0:1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::622
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
04c0ea3c1d3a82cf0979f96736a276ac64300156ddf03af469779cd5605d072a
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20ceb1050e3c945eebcbd67299e4db42bb2d1bc34008d5e345823dc357874ff8
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4230d6dc8edebdd4ad8b85c009fe33f77e1b11a33d9176983eb283e2145a2232
489840a9accc2183e19556b65f433790fc5fe9fe8a15e56092967a848db28b94
4a524f83b17e62bd5bb6daafd34ae702a011c40b30406140eb8810eaeafca0a6
4c036388f7fbf9de496d149e4b7b80e1e571a935f7b893d8c68893048693fd49
554898655b1a25273e51355c241ddf4612b7d92b7c7fc99ec9d15afca6fe4beb
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
9425abdde65c083f17d789f4f07683ce5b58efcafc62ed0f2d7e338b0cbe00c5
98b3ff3a8543eaee1f9946fde06f31cd9bb98f9e57cd431e0234db57c221334e
a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bc7d57736b5d9143125facfc894ff36b79131c9788a69aa290708dde79554428
d09246374e29621a482de05bb6e02fae465ac4c4a67905d462093f243820e954
db8c71b686fc0a6dfdcd80d4570933b4ce0bbf0a1394819bc873473aa4d2c548
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed55e0349c71b26423063a851e03866808e0c9d350895a53cd37b80d79a4a29d