Submitted URL: https://campaign.buchmann.ch/t/t-e-piijhyd-cwuudj-r
Effective URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Submission: On July 09 via api from CH

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 54.183.0.47, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is campaign.buchmann.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 29th 2020. Valid for: 3 months.
This is the only time campaign.buchmann.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 54.183.0.47 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.94.47 16509 (AMAZON-02)
2 143.204.94.72 16509 (AMAZON-02)
3 77.59.239.180 6830 (LIBERTYGL...)
1 143.204.94.87 16509 (AMAZON-02)
2 143.204.94.128 16509 (AMAZON-02)
1 143.204.94.82 16509 (AMAZON-02)
2 143.204.94.23 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
19 12
Domain Requested by
3 www.buchmann.ch campaign.buchmann.ch
2 fonts.gstatic.com campaign.buchmann.ch
2 connect.facebook.net campaign.buchmann.ch
connect.facebook.net
2 js.createsend1.com campaign.buchmann.ch
2 campaign.buchmann.ch 1 redirects
1 i10.createsend1.com campaign.buchmann.ch
1 i9.createsend1.com campaign.buchmann.ch
1 i2.createsend1.com campaign.buchmann.ch
1 i1.createsend1.com campaign.buchmann.ch
1 i8.createsend1.com campaign.buchmann.ch
1 i6.createsend1.com campaign.buchmann.ch
1 css.createsend1.com campaign.buchmann.ch
1 fonts.googleapis.com campaign.buchmann.ch
0 blank Failed
19 14

This site contains no links.

Subject Issuer Validity Valid
campaign.buchmann.ch
Let's Encrypt Authority X3
2020-06-29 -
2020-09-27
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.createsend1.com
DigiCert SHA2 Secure Server CA
2020-06-17 -
2022-08-05
2 years crt.sh
www.buchmann.ch
Go Daddy Secure Certificate Authority - G2
2020-01-07 -
2022-03-01
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Frame ID: 59D314F6DA78C6BCD1150E3F75A7D70D
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://campaign.buchmann.ch/t/t-e-piijhyd-cwuudj-r HTTP 302
    https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

19
Requests

95 %
HTTPS

27 %
IPv6

6
Domains

14
Subdomains

12
IPs

4
Countries

341 kB
Transfer

553 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://campaign.buchmann.ch/t/t-e-piijhyd-cwuudj-r HTTP 302
    https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 856ABE65D8A848C12540EF23F30FEDED
campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/
Redirect Chain
  • https://campaign.buchmann.ch/t/t-e-piijhyd-cwuudj-r
  • https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
13 KB
4 KB
Document
General
Full URL
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.183.0.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-0-47.us-west-1.compute.amazonaws.com
Software
csw /
Resource Hash
bd43604c12f32bd077d8984f7a805c5fa3d72ed48a69914a4b3460db3244e623
Security Headers
Name Value
Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
campaign.buchmann.ch
:scheme
https
:path
/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
csw
vary
Accept-Encoding
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
content-security-policy
script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
date
Thu, 09 Jul 2020 09:45:37 GMT
x-xss-protection
1;mode=block
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
referrer-policy
no-referrer-when-downgrade

Redirect headers

status
302
server
csw
cache-control
private
content-type
text/html; charset=utf-8
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
date
Thu, 09 Jul 2020 09:45:36 GMT
location
/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
x-xss-protection
1;mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer-when-downgrade
content-length
197
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400italic,700italic
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a43df0e1f774872a9adf87747c284c406f8b6b5c78a84a03a88a55d545bc2ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jul 2020 09:43:04 GMT
server
ESF
date
Thu, 09 Jul 2020 09:45:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Jul 2020 09:45:37 GMT
social.min.css
css.createsend1.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://css.createsend1.com/css/social.min.css?h=2EF897D720191204125554
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
4dabfc3b869b33309240233fc6225ca01f22d1a37ef5c76516a25b3a7509b41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 01:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18863353
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Dec 2019 11:41:56 GMT
server
csw
x-frame-options
SAMEORIGIN
etag
"0da21aacea9d51:0"
vary
Accept-Encoding
content-type
text/css
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Eb3uJOFwEve1FoJ5uC3Xi6ujO-FOdLB21haPJq5lbmfh3giRRGkWXw==
header_bde.png
i6.createsend1.com/ti/t/58/01D/91B/220754/60e/
50 KB
50 KB
Image
General
Full URL
https://i6.createsend1.com/ti/t/58/01D/91B/220754/60e/header_bde.png
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
7865fd1b23e9368c9041863d48fad6264f278ea94ae7797bde34c38180cbe31a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
50894
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Jul 2019 12:11:29 GMT
server
csw
etag
"8e97edec1842d51:0"
content-type
image/png
cache-control
public,max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
H12OFhurG-rRH5i8Fe_YoJNzNvSmlNF5Y_4bWXw-l3TWthb7Qbe32w==
prod_285340_1593759649.jpg
www.buchmann.ch/newsletter/files/213/
13 KB
13 KB
Image
General
Full URL
https://www.buchmann.ch/newsletter/files/213/prod_285340_1593759649.jpg
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.59.239.180 Belp, Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
3ac67b322910d98d607ed746a18c52c680e91dcf7348fb8f4ea4f1a02aaaf124

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 09:45:37 GMT
Last-Modified
Fri, 03 Jul 2020 07:00:49 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2672102-3331-5a98415bc6a40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
13105
prod_284500_1593759649.jpg
www.buchmann.ch/newsletter/files/213/
12 KB
13 KB
Image
General
Full URL
https://www.buchmann.ch/newsletter/files/213/prod_284500_1593759649.jpg
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.59.239.180 Belp, Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
b16ea608d7aca70cdd110b4f13883c45f339bb795284330fb80689927432bde8

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 09:45:37 GMT
Last-Modified
Fri, 03 Jul 2020 07:00:50 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2672103-316d-5a98415cbac80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
12653
prod_285336_1593759650.jpg
www.buchmann.ch/newsletter/files/213/
9 KB
9 KB
Image
General
Full URL
https://www.buchmann.ch/newsletter/files/213/prod_285336_1593759650.jpg
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.59.239.180 Belp, Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software
Apache/2.2.22 (Debian) /
Resource Hash
599e3ee1af9a73c24df1f061ef75f2e225110a9d0b8ffdada71077bef436c68f

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 09 Jul 2020 09:45:37 GMT
Last-Modified
Fri, 03 Jul 2020 07:00:50 GMT
Server
Apache/2.2.22 (Debian)
ETag
"2672104-22ea-5a98415cbac80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
8938
spacer.gif
i8.createsend1.com/ti/t/58/01D/91B/220754/60e/
43 B
497 B
Image
General
Full URL
https://i8.createsend1.com/ti/t/58/01D/91B/220754/60e/spacer.gif
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
43
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Jul 2019 12:11:28 GMT
server
csw
etag
"ee7050ec1842d51:0"
content-type
image/gif
cache-control
public,max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
iUa3UJeelQ71df81zQ9zRbP5cE4xzj_nhP3Wm3BDvMTyKy61DNR6Zw==
desinfektion-9900000000079e3c.090705.jpg
i1.createsend1.com/ei/t/E2/D37/F9D/csimport/
75 KB
75 KB
Image
General
Full URL
https://i1.createsend1.com/ei/t/E2/D37/F9D/csimport/desinfektion-9900000000079e3c.090705.jpg
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
59fa91e697d624d0126320240027921fefff2a47a402a8135609b6bae1e0db6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
76472
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
server
csw
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
XMkwxuXxCl2viAtqjL_6I2vtEnI5aN0aMHW14YR3Xi-BFnxe7hq4nw==
schutzmasken-9900000000079e3c.090736.jpg
i2.createsend1.com/ei/t/E2/D37/F9D/csimport/
53 KB
53 KB
Image
General
Full URL
https://i2.createsend1.com/ei/t/E2/D37/F9D/csimport/schutzmasken-9900000000079e3c.090736.jpg
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
32568cb5a0df966e75cac1b23c70f8ba6b32b44763a0557bf3da5f61c2e6ec97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
53804
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
server
csw
content-type
image/jpeg
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
uW-4EaiviJOf4uZtBk8J35az46kNOJO7JEyROsPuHf8snCvQosSHGg==
twitter.gif
i9.createsend1.com/ti/t/58/01D/91B/220754/60e/
650 B
1 KB
Image
General
Full URL
https://i9.createsend1.com/ti/t/58/01D/91B/220754/60e/twitter.gif
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
1bbc8b2a7119d86a86175d214f9930de67312c5c2ce92d8ce3d1e112beaf4a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
650
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Jul 2019 12:11:28 GMT
server
csw
etag
"608a56ec1842d51:0"
content-type
image/gif
cache-control
public,max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
EK4zh9Tla4DkGOj_F-QF8yCmRpl9Uw5_jrvJ3J8zuC1jZL0t9pMGlw==
facebook.gif
i10.createsend1.com/ti/t/58/01D/91B/220754/60e/
612 B
1 KB
Image
General
Full URL
https://i10.createsend1.com/ti/t/58/01D/91B/220754/60e/facebook.gif
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
54e7b8589b98530140c3e8c6f502b68ec317edd6c3450281bc2e15180fe575b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 08:58:07 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2850
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
612
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Jul 2019 12:11:28 GMT
server
csw
etag
"a226e7eb1842d51:0"
content-type
image/gif
cache-control
public,max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Jhd5kM_WNTpjKPeEmamS9QODiI2_rNxabWRtRO_fFHaRvg0BKBqKpA==
jquery-1.7.2.min.js
js.createsend1.com/js/
93 KB
33 KB
Script
General
Full URL
https://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A465920191204125554
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 01:56:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18863354
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Dec 2019 11:36:06 GMT
server
csw
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nTG8DIt-q9wDdJKDrNfqc9aDux9iHnp18mPk0iORFridLPpvGSEgvw==
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c57a99e8ce4758041dfa7b9e65f7cde1181ff02a2f75ae66963e209912d6bd48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Eq5LSjSdRqzDRW5S2nYawQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
etag
"25d2a9109d1e8b030a3551cd7ec8b44e"
x-fb-debug
o+9TsmwwkP8WqVCt/b3kkSDqRTOtgTCvMXdEQ/zZ973zvmbGVJrDQoex2ErpqwuEzOLTbvTJuVY5Ad0BLsvQsw==
x-fb-trip-id
664085054
x-fb-content-md5
8a49d8ca82c46e97da5f898a1d8e6125
x-frame-options
DENY
date
Thu, 09 Jul 2020 09:45:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Jul 2020 09:46:09 GMT
track.min.js
js.createsend1.com/js/
6 KB
3 KB
Script
General
Full URL
https://js.createsend1.com/js/track.min.js?h=8B8A122620191204125554
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
csw /
Resource Hash
89e3824c669a8cb35b3716255fc14bbec60841e0c73e7453f6cbd3c99bc0be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 01:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18863354
x-cache
Hit from cloudfront
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
x-xss-protection
1;mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Dec 2019 11:42:54 GMT
server
csw
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
p4vEbOvUzXWdXhgq-qv9brs1agc3odzUNd6koB5sowGvgllw_ofXDg==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,400italic,700italic
Origin
https://campaign.buchmann.ch

Response headers

date
Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2293441
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:41:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: campaign.buchmann.ch
URL: https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,400italic,700italic
Origin
https://campaign.buchmann.ch

Response headers

date
Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2488830
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:25:07 GMT
all.js
connect.facebook.net/en_US/
191 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=87519cdad787b85dc2dcf8b028aec658&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b69c9a078307a7f98c96c2f4aaf1bef697d7693501da272e175bace3cd337197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://campaign.buchmann.ch/t/ViewEmail/t/18613F675A1DF8B72540EF23F30FEDED/856ABE65D8A848C12540EF23F30FEDED
Origin
https://campaign.buchmann.ch

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
z3PScPJmFAg89EmI1WrQ6w==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
58606
etag
"b26f758f0c730e0feea20f926821d25b"
x-fb-debug
ZPU5yqN6Tynm0Hy2qZfGFSsCVUO+qnDIj3tZFojrypj0iEMftZDAZM72Nnndz79/TeLnhEdq562JQwuM95YSaw==
x-fb-trip-id
664085054
x-fb-content-md5
bbcec83f19bfadf3ce7ce50caf3c2036
x-frame-options
DENY
date
Thu, 09 Jul 2020 09:45:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 09 Jul 2021 08:31:43 GMT
blank
/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blank
URL
about:blank

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| FB object| CS object| jQuery172011803246556135338

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blank
campaign.buchmann.ch
connect.facebook.net
css.createsend1.com
fonts.googleapis.com
fonts.gstatic.com
i1.createsend1.com
i10.createsend1.com
i2.createsend1.com
i6.createsend1.com
i8.createsend1.com
i9.createsend1.com
js.createsend1.com
www.buchmann.ch
blank
143.204.94.128
143.204.94.23
143.204.94.47
143.204.94.72
143.204.94.82
143.204.94.87
2a00:1450:4001:801::200a
2a00:1450:4001:816::2003
2a03:2880:f01c:8012:face:b00c:0:3
54.183.0.47
77.59.239.180
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1bbc8b2a7119d86a86175d214f9930de67312c5c2ce92d8ce3d1e112beaf4a80
32568cb5a0df966e75cac1b23c70f8ba6b32b44763a0557bf3da5f61c2e6ec97
3ac67b322910d98d607ed746a18c52c680e91dcf7348fb8f4ea4f1a02aaaf124
4dabfc3b869b33309240233fc6225ca01f22d1a37ef5c76516a25b3a7509b41a
54e7b8589b98530140c3e8c6f502b68ec317edd6c3450281bc2e15180fe575b3
599e3ee1af9a73c24df1f061ef75f2e225110a9d0b8ffdada71077bef436c68f
59fa91e697d624d0126320240027921fefff2a47a402a8135609b6bae1e0db6d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7865fd1b23e9368c9041863d48fad6264f278ea94ae7797bde34c38180cbe31a
89e3824c669a8cb35b3716255fc14bbec60841e0c73e7453f6cbd3c99bc0be2a
a43df0e1f774872a9adf87747c284c406f8b6b5c78a84a03a88a55d545bc2ff6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16ea608d7aca70cdd110b4f13883c45f339bb795284330fb80689927432bde8
b69c9a078307a7f98c96c2f4aaf1bef697d7693501da272e175bace3cd337197
bd43604c12f32bd077d8984f7a805c5fa3d72ed48a69914a4b3460db3244e623
c57a99e8ce4758041dfa7b9e65f7cde1181ff02a2f75ae66963e209912d6bd48
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220