herald.ch Open in urlscan Pro
217.26.52.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herald.ch/
Effective URL:
https://herald.ch/
Submission: On November 30 via api (November 30th 2022, 6:25:10 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 217.26.52.28, located in Switzerland and belongs to HOSTPOINT-AS, CH. The main domain is herald.ch.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time herald.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	217.26.52.28 217.26.52.28	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
1 2	141.98.226.39 141.98.226.39	209571 (UBIMET) (UBIMET)
12	2

12 217.26.52.28 (Switzerland) 1 redirects

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl49.web.hostpoint.ch

herald.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.98.226.39 (Austria) 1 redirects

ASN209571 (UBIMET, AT)

ch.wetter.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wetter.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	herald.ch 1 redirects herald.ch	70 KB
2	wetter.tv 1 redirects ch.wetter.tv wetter.tv	126 B
12	2

	Domain	Requested by
12	herald.ch	1 redirects herald.ch
1	wetter.tv	herald.ch
1	ch.wetter.tv	1 redirects
12	3

This site contains no links.

Subject Issuer	Validity	Valid
herald.ch R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://herald.ch/
Frame ID: 2B33630FBF104ECB7E86A3E20F928837
Requests: 1 HTTP requests in this frame

Frame: https://herald.ch/header.htm
Frame ID: 153DA330826439412883D3A1D7D2AF4A
Requests: 1 HTTP requests in this frame

Frame: https://herald.ch/menu.htm
Frame ID: 160962697F85BCA65F55E5E8ACBCA23B
Requests: 3 HTTP requests in this frame

Frame: https://herald.ch/body.htm
Frame ID: E809ECB8E6A4994A499093BAD1DB8593
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WWW.HERALD.CH

Page URL History Show full URLs

http://herald.ch/ HTTP 301
https://herald.ch/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

70 kB
Transfer

79 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herald.ch/ HTTP 301
https://herald.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png HTTP 301
https://wetter.tv/de-CH/vl

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response herald.ch/ Redirect Chain http://herald.ch/ https://herald.ch/	2 KB 1 KB	156ms 22ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `6c2ea4e523a5a78fb781a45ea2c58d32d5d1d0143492f378e18c414b5abb647f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 952 content-type text/html date Wed, 30 Nov 2022 18:25:05 GMT etag "883-4cd9ea1b01383-gzip" last-modified Sat, 03 Nov 2012 22:18:28 GMT server Apache vary Accept-Encoding Redirect headers Connection Keep-Alive Content-Length 226 Content-Type text/html; charset=iso-8859-1 Date Wed, 30 Nov 2022 18:25:05 GMT Keep-Alive timeout=5, max=100 Location https://herald.ch/ Server Apache
GET H2	200	header.htm Show response herald.ch/ Frame 153D	717 B 472 B	23ms 22ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/header.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `9832bf09faf9007e3c208688b28d55fd035b7b21acd75c0b94dad865aac9341f` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 396 content-type text/html date Wed, 30 Nov 2022 18:25:05 GMT etag "2cd-44cf90d076a00-gzip" last-modified Sun, 11 May 2008 19:00:56 GMT server Apache vary Accept-Encoding
GET H2	200	menu.htm Show response herald.ch/ Frame 1609	2 KB 817 B	20ms 19ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/menu.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `1dbbc5ff32da9b5c59202ce1b4ea8a09ce8dac8a1a7eec609e883db5c69fe335` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 740 content-type text/html date Wed, 30 Nov 2022 18:25:05 GMT etag "94f-44cf92f2eb340-gzip" last-modified Sun, 11 May 2008 19:10:29 GMT server Apache vary Accept-Encoding
GET H2	200	body.htm Show response herald.ch/ Frame E809	10 KB 3 KB	21ms 20ms	Document text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Full URL https://herald.ch/body.htm Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `5998e455a2bc87cb2c8aa637b01b813ff7fdaf2ca927e6a6faab00c88b7727cc` Request headers Referer https://herald.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 3188 content-type text/html date Wed, 30 Nov 2022 18:25:05 GMT etag "26ca-4cd9ea1d19618-gzip" last-modified Sat, 03 Nov 2012 22:18:30 GMT server Apache vary Accept-Encoding
GET H2	200	icon_new.gif herald.ch/Images/ Frame 1609	119 B 196 B	21ms 20ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/icon_new.gif Requested by Host: herald.ch URL: https://herald.ch/menu.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/menu.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "77-44cf739312dc0" content-length 119 content-type image/gif
GET H2	404	Count.cgi herald.ch/cgi-sys/ Frame 1609	196 B 196 B	21ms 21ms	Image text/html	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat Requested by Host: herald.ch URL: https://herald.ch/menu.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/menu.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT server Apache content-length 196 content-type text/html; charset=iso-8859-1
GET H2	200	icon_new.gif herald.ch/Images/ Frame E809	119 B 165 B	27ms 26ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/icon_new.gif Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/body.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "77-44cf739312dc0" content-length 119 content-type image/gif
GET H2	200	Herald.jpg herald.ch/Images/ Frame E809	36 KB 36 KB	26ms 25ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/Herald.jpg Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `5f99c8c38ea3f4d389ad06c07be857a447101e8245f2919f85b1d0db9f1f8659` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/body.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:50:07 GMT server Apache accept-ranges bytes etag "9090-44cf739312dc0" content-length 37008 content-type image/jpeg
GET H2	200	vl wetter.tv/de-CH/ Frame E809 Redirect Chain https://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png https://wetter.tv/de-CH/vl	0 0	54ms 53ms	Image text/html	141.98.226.39 UBIMET
General Check archive.org Show headers Download Go to Show image Full URL https://wetter.tv/de-CH/vl Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Server 141.98.226.39 , Austria, ASN209571 (UBIMET, AT), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Redirect headers location https://wetter.tv/de-CH/vl date Wed, 30 Nov 2022 18:25:05 GMT strict-transport-security max-age=31536000 server nginx/1.18.0 (Ubuntu) content-length 178 content-type text/html
GET H2	200	logn.jpg herald.ch/Images/ Frame E809	2 KB 2 KB	28ms 28ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/logn.jpg Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `c12825c633f40f72d66acd03b8822509ea81b86b276b9d75c39d2004378c3bf9` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/body.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:50:08 GMT server Apache accept-ranges bytes etag "9ac-44cf739407000" content-length 2476 content-type image/jpeg
GET H2	200	posters.gif herald.ch/Images/ Frame E809	10 KB 10 KB	25ms 25ms	Image image/gif	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Images/posters.gif Requested by Host: herald.ch URL: https://herald.ch/body.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `eb5e33ae383f6a9bfbdb3092864cd91ba0ffee109abcdddeeed01beb6c31bd0e` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/body.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:50:09 GMT server Apache accept-ranges bytes etag "2695-44cf7394fb240" content-length 9877 content-type image/gif
GET H2	200	Filmcamera.jpg herald.ch/Filme/ Frame E809	15 KB 15 KB	20ms 20ms	Image image/jpeg	217.26.52.28 HOSTPOINT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://herald.ch/Filme/Filmcamera.jpg Requested by Host: herald.ch URL: https://herald.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.26.52.28 , Switzerland, ASN29097 (HOSTPOINT-AS, CH), Reverse DNS sl49.web.hostpoint.ch Software Apache / Resource Hash `b7bcb223bf4d9eb92bb557c3c633da6f3b94dc737b8b79f815101b86aa4d2d68` Request headers accept-language de-DE,de;q=0.9 Referer https://herald.ch/body.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:25:05 GMT last-modified Sun, 11 May 2008 16:47:51 GMT server Apache accept-ranges bytes etag "3c48-44cf73115fbc0" content-length 15432 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://herald.ch/menu.htm Message: Mixed Content: The page at 'https://herald.ch/menu.htm' was loaded over HTTPS, but requested an insecure element 'http://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://herald.ch/body.htm Message: Mixed Content: The page at 'https://herald.ch/body.htm' was loaded over HTTPS, but requested an insecure element 'http://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://herald.ch/menu.htm(Line 37) Message: Mixed Content: The page at 'https://herald.ch/menu.htm' was loaded over HTTPS, but requested an insecure element 'http://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://herald.ch/body.htm(Line 150) Message: Mixed Content: The page at 'https://herald.ch/body.htm' was loaded over HTTPS, but requested an insecure element 'http://ch.wetter.tv/de/widget/8044_zuerich_gemeinde_125x192.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://herald.ch/cgi-sys/Count.cgi?counter=heraldc.dat Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ch.wetter.tv
herald.ch
wetter.tv
141.98.226.39
217.26.52.28
1dbbc5ff32da9b5c59202ce1b4ea8a09ce8dac8a1a7eec609e883db5c69fe335
5998e455a2bc87cb2c8aa637b01b813ff7fdaf2ca927e6a6faab00c88b7727cc
5f99c8c38ea3f4d389ad06c07be857a447101e8245f2919f85b1d0db9f1f8659
6c2ea4e523a5a78fb781a45ea2c58d32d5d1d0143492f378e18c414b5abb647f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
9832bf09faf9007e3c208688b28d55fd035b7b21acd75c0b94dad865aac9341f
b7bcb223bf4d9eb92bb557c3c633da6f3b94dc737b8b79f815101b86aa4d2d68
c12825c633f40f72d66acd03b8822509ea81b86b276b9d75c39d2004378c3bf9
d69765154c0ae12f44f9f4f6a06649bea6a0c00c89aae82940f7aed6b349e050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5e33ae383f6a9bfbdb3092864cd91ba0ffee109abcdddeeed01beb6c31bd0e

herald.ch Open in urlscan Pro 217.26.52.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

70 kBTransfer

79 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

herald.ch Open in urlscan Pro
217.26.52.28 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

70 kB
Transfer

79 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions