herald.ch Open in urlscan Pro
217.26.52.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://herald.ch/
Submission: On November 17 via api (November 17th 2023, 10:10:52 am UTC) from CH — Scanned from CH

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 217.26.52.28, located in Switzerland and belongs to HOSTPOINT-AS, CH. The main domain is herald.ch.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.

This is the only time herald.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	217.26.52.28 217.26.52.28	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
1 2	141.98.226.39 141.98.226.39	209571 (UBIMET) (UBIMET)
12	2

11 217.26.52.28 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl49.web.hostpoint.ch

herald.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.98.226.39 (Austria) 1 redirects

ASN209571 (UBIMET, AT)

ch.wetter.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wetter.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	herald.ch herald.ch	70 KB
2	wetter.tv 1 redirects ch.wetter.tv wetter.tv	113 B
12	2

	Domain	Requested by
11	herald.ch	herald.ch
1	wetter.tv	herald.ch
1	ch.wetter.tv	1 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
herald.ch R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://herald.ch/
Frame ID: 8700BA6AD89F74F1470B515864DFDDBF
Requests: 1 HTTP requests in this frame

Frame: https://herald.ch/header.htm
Frame ID: D8561F229ABD517F1544CC49E5CF95C1
Requests: 1 HTTP requests in this frame

Frame: https://herald.ch/menu.htm
Frame ID: D3D135FAEEEAEB26233E12AC260E6809
Requests: 3 HTTP requests in this frame

Frame: https://herald.ch/body.htm
Frame ID: 3B542071A111B2F8AA97FB96E981DEB9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WWW.HERALD.CH

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

70 kB
Transfer

79 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png HTTP 301
https://wetter.tv/de-CH/vl

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response herald.ch/	2 KB 1 KB	596ms 27ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `6c2ea4e523a5a78fb781a45ea2c58d32d5d1d0143492f378e18c414b5abb647f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes content-encoding gzip content-length 952 content-type text/html date Fri, 17 Nov 2023 10:10:43 GMT etag "883-4cd9ea1b01383-gzip" last-modified Sat, 03 Nov 2012 22:18:28 GMT server Apache vary Accept-Encoding
GET H2	200	header.htm Show response herald.ch/ Frame D856	717 B 472 B	43ms 43ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/header.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `9832bf09faf9007e3c208688b28d55fd035b7b21acd75c0b94dad865aac9341f` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes content-encoding gzip content-length 396 content-type text/html date Fri, 17 Nov 2023 10:10:43 GMT etag "2cd-44cf90d076a00-gzip" last-modified Sun, 11 May 2008 19:00:56 GMT server Apache vary Accept-Encoding
GET H2	200	menu.htm Show response herald.ch/ Frame D3D1	2 KB 817 B	53ms 52ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/menu.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `1dbbc5ff32da9b5c59202ce1b4ea8a09ce8dac8a1a7eec609e883db5c69fe335` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes content-encoding gzip content-length 740 content-type text/html date Fri, 17 Nov 2023 10:10:43 GMT etag "94f-44cf92f2eb340-gzip" last-modified Sun, 11 May 2008 19:10:29 GMT server Apache vary Accept-Encoding
GET H2	200	body.htm Show response herald.ch/ Frame 3B54	10 KB 3 KB	50ms 49ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/body.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `5998e455a2bc87cb2c8aa637b01b813ff7fdaf2ca927e6a6faab00c88b7727cc` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes content-encoding gzip content-length 3188 content-type text/html date Fri, 17 Nov 2023 10:10:43 GMT etag "26ca-4cd9ea1d19618-gzip" last-modified Sat, 03 Nov 2012 22:18:30 GMT server Apache vary Accept-Encoding
GET H2	200	icon_new.gif herald.ch/Images/ Frame 3B54	119 B 173 B	70ms 69ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/icon_new.gif Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:43 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "77-44cf739312dc0" content-length 119 content-type image/gif
GET H2	200	Herald.jpg herald.ch/Images/ Frame 3B54	36 KB 36 KB	44ms 43ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/Herald.jpg Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `5f99c8c38ea3f4d389ad06c07be857a447101e8245f2919f85b1d0db9f1f8659` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:43 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "9090-44cf739312dc0" content-length 37008 content-type image/jpeg
GET H2	200	vl wetter.tv/de-CH/ Frame 3B54 Redirect Chain https://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png https://wetter.tv/de-CH/vl	0 0	78ms 70ms	Image text/html	141.98.226.39 UBIMET
General Check archive.org Show headers Download Go to Show image Full URL https://wetter.tv/de-CH/vl Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Server 141.98.226.39 , Austria, ASN209571 (UBIMET, AT), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Redirect headers location https://wetter.tv/de-CH/vl date Fri, 17 Nov 2023 10:10:44 GMT strict-transport-security max-age=31536000 server nginx content-length 162 content-type text/html
GET H2	200	logn.jpg herald.ch/Images/ Frame 3B54	2 KB 2 KB	27ms 26ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/logn.jpg Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `c12825c633f40f72d66acd03b8822509ea81b86b276b9d75c39d2004378c3bf9` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:44 GMT last-modified Sun, 11 May 2008 16:50:08 GMT server Apache accept-ranges bytes etag "9ac-44cf739407000" content-length 2476 content-type image/jpeg
GET H2	200	posters.gif herald.ch/Images/ Frame 3B54	10 KB 10 KB	31ms 31ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/posters.gif Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `eb5e33ae383f6a9bfbdb3092864cd91ba0ffee109abcdddeeed01beb6c31bd0e` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:44 GMT last-modified Sun, 11 May 2008 16:50:09 GMT server Apache accept-ranges bytes etag "2695-44cf7394fb240" content-length 9877 content-type image/gif
GET H2	200	icon_new.gif herald.ch/Images/ Frame D3D1	119 B 165 B	54ms 54ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/icon_new.gif Requested by Host: herald.ch URL: https://herald.ch/menu.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:43 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "77-44cf739312dc0" content-length 119 content-type image/gif
GET H2	404	Count.cgi herald.ch/cgi-sys/ Frame D3D1	196 B 196 B	36ms 36ms	Image text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat Requested by Host: herald.ch URL: https://herald.ch/menu.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:43 GMT server Apache content-length 196 content-type text/html; charset=iso-8859-1
GET H2	200	Filmcamera.jpg herald.ch/Filme/ Frame 3B54	15 KB 15 KB	40ms 40ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Filme/Filmcamera.jpg Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `b7bcb223bf4d9eb92bb557c3c633da6f3b94dc737b8b79f815101b86aa4d2d68` Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 10:10:44 GMT last-modified Sun, 11 May 2008 16:47:51 GMT server Apache accept-ranges bytes etag "3c48-44cf73115fbc0" content-length 15432 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://herald.ch/body.htm Message: Mixed Content: The page at 'https://herald.ch/body.htm' was loaded over HTTPS, but requested an insecure element 'http://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://herald.ch/menu.htm Message: Mixed Content: The page at 'https://herald.ch/menu.htm' was loaded over HTTPS, but requested an insecure element 'http://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://herald.ch/menu.htm(Line 37) Message: Mixed Content: The page at 'https://herald.ch/menu.htm' was loaded over HTTPS, but requested an insecure element 'http://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://herald.ch/body.htm Message: Mixed Content: The page at 'https://herald.ch/body.htm' was loaded over HTTPS, but requested an insecure element 'http://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ch.wetter.tv
herald.ch
wetter.tv
141.98.226.39
217.26.52.28
1dbbc5ff32da9b5c59202ce1b4ea8a09ce8dac8a1a7eec609e883db5c69fe335
5998e455a2bc87cb2c8aa637b01b813ff7fdaf2ca927e6a6faab00c88b7727cc
5f99c8c38ea3f4d389ad06c07be857a447101e8245f2919f85b1d0db9f1f8659
6c2ea4e523a5a78fb781a45ea2c58d32d5d1d0143492f378e18c414b5abb647f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9832bf09faf9007e3c208688b28d55fd035b7b21acd75c0b94dad865aac9341f
b7bcb223bf4d9eb92bb557c3c633da6f3b94dc737b8b79f815101b86aa4d2d68
c12825c633f40f72d66acd03b8822509ea81b86b276b9d75c39d2004378c3bf9
d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5e33ae383f6a9bfbdb3092864cd91ba0ffee109abcdddeeed01beb6c31bd0e

herald.ch Open in urlscan Pro 217.26.52.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

70 kBTransfer

79 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

herald.ch Open in urlscan Pro
217.26.52.28 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

70 kB
Transfer

79 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions