www.salopesromandes.ch Open in urlscan Pro
23.251.131.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://salopesromandes.ch/
Effective URL:
https://www.salopesromandes.ch/
Submission: On August 25 via api (August 25th 2024, 2:22:55 am UTC) from CH — Scanned from CH

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 23.251.131.133, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.salopesromandes.ch.
TLS certificate: Issued by R10 on August 19th 2024. Valid for: 3 months.

This is the only time www.salopesromandes.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	23.251.131.133 23.251.131.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.83.245.238 99.83.245.238	16509 (AMAZON-02) (AMAZON-02)
1	63.35.33.29 63.35.33.29	16509 (AMAZON-02) (AMAZON-02)
16	5

12 23.251.131.133 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.131.251.23.bc.googleusercontent.com

salopesromandes.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.salopesromandes.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwsalopesromandesch.wifi2.vm-zone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.245.238 (United States)

ASN16509 (AMAZON-02, US)
PTR: a100ee1ef157bc9f4.awsglobalaccelerator.com

analytics.flowly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.33.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-33-29.eu-west-1.compute.amazonaws.com

notify.dcbprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	salopesromandes.ch 1 redirects salopesromandes.ch www.salopesromandes.ch	72 KB
2	vm-zone.com wifi2.vm-zone.com Failed wwwsalopesromandesch.wifi2.vm-zone.com	97 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	36 KB
1	dcbprotect.com notify.dcbprotect.com — Cisco Umbrella Rank: 304005	289 B
1	flowly.com analytics.flowly.com	451 B
16	5

	Domain	Requested by
9	www.salopesromandes.ch	www.salopesromandes.ch
2	wwwsalopesromandesch.wifi2.vm-zone.com	www.salopesromandes.ch
2	cdnjs.cloudflare.com	www.salopesromandes.ch
1	notify.dcbprotect.com	www.salopesromandes.ch
1	analytics.flowly.com	www.salopesromandes.ch
1	salopesromandes.ch	1 redirects
0	wifi2.vm-zone.com Failed	www.salopesromandes.ch
16	7

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
*.salopesromandes.ch R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.flowly.com Amazon RSA 2048 M02	`2024-08-21` - `2025-09-18`	a year	crt.sh
*.wifi2.vm-zone.com R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.dcbprotect.com Amazon RSA 2048 M02	`2023-10-05` - `2024-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.salopesromandes.ch/
Frame ID: 52AB7B432D3C3B052C0567B7BB55E1DB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Salopes Romandes CH |

Page URL History Show full URLs

https://salopesromandes.ch/ HTTP 301
https://www.salopesromandes.ch/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

205 kB
Transfer

431 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.google.com/
Title: NEIN, Ich will raus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://salopesromandes.ch/ HTTP 301
https://www.salopesromandes.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.salopesromandes.ch/
Redirect Chain

https://salopesromandes.ch/
https://www.salopesromandes.ch/

120 KB
49 KB

1467ms
1428ms

Document
text/html

23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.salopesromandes.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.131.251.23.bc.googleusercontent.com

Software

openresty /

Resource Hash

71d81190fc1805df12d9245e35559bab60ad3555a206b4eb7b72252e6248cc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 02:22:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.salopesromandes.ch/wp-json/>; rel="https://api.w.org/"
pragma: no-cache
server: openresty
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 166
content-type: text/html
date: Sun, 25 Aug 2024 02:22:46 GMT
location: https://www.salopesromandes.ch/
server: openresty
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
www.salopesromandes.ch/wp-includes/css/dist/block-library/ 29 KB
5 KB 53ms
43ms Stylesheet
text/css 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 09:25:54 GMT
server: openresty
etag: W/"5d9ef922-726f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:47 GMT

GET
H2 200 normalize.css
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/ 9 KB
3 KB 57ms
48ms Stylesheet
text/css 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/normalize.css?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 85c760b3dfca99b02b2069e4eef42cb604d05785c77cc21840e5cad74a44cdf1

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Sep 2018 22:00:00 GMT
server: openresty
etag: W/"5ba2c6e0-236b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:47 GMT

GET
H2 200 stylesheet.css
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/font/ 452 B
442 B 63ms
54ms Stylesheet
text/css 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/font/stylesheet.css?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: a6d3ce73c1b4f7b1b63a02dc3f882606937ab8c7417a3d40b5346b89fe67fdb8

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:47 GMT
content-encoding: gzip
last-modified: Mon, 08 Oct 2018 22:00:00 GMT
server: openresty
etag: W/"5bbbd360-1c4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:47 GMT

GET
H2 200 main.css
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/ 50 KB
10 KB 68ms
58ms Stylesheet
text/css 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/main.css?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 446855d3e2f6aab38f40e17dc3e9892d5885a1e2fd3b0c35db1c9d8868bb8b7a

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:47 GMT
content-encoding: gzip
last-modified: Sun, 20 Oct 2019 22:00:00 GMT
server: openresty
etag: W/"5dacd8e0-c642"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:47 GMT

GET
H2 200 custom_1448.css
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/ 13 KB
1 KB 69ms
68ms Stylesheet
text/css 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/css/custom_1448.css?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 622615e09050d6974288f463ef5f3e5ca2fc7234239747a5ebf40af82f1cb02a

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:47 GMT
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 19:45:53 GMT
server: openresty
etag: W/"63a4b3f1-3201"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:47 GMT

GET
H3 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/ 15 KB
6 KB 65ms
27ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js?ver=2.0.0

Requested by

Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 195960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5536
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-3c36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97STDMIE5yYcZPIZnykjHh4Hk3belxkBWGM0HTZzbGQTbXA825yrxlZr6YZtoFVGczF0pFhX1ofnMfA4H0JyOL%2FomycYX0yWnlxvuaQ4LqXR5agcN2NzkDqQwbw0BCIwnOhYK7k4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b881dce1fad01f8-ZRH
expires: Fri, 15 Aug 2025 02:22:48 GMT

GET /
wifi2.vm-zone.com/ 0
0

GET
H2 200 /
analytics.flowly.com/ 43 B
451 B 294ms
74ms Image
image/gif 99.83.245.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.flowly.com/?frid=2cbb3964-c7eb-4d9b-9220-14ce57d92616&vasid=1045dd71-f06f-43df-bfb7-0f7ce77cc242&fcid=4b8c5b3a-766c-4bfa-b06e-8c3f4f2314d1
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.245.238 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a100ee1ef157bc9f4.awsglobalaccelerator.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.8.2/ 91 KB
30 KB 29ms
28ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.2/jquery.min.js?ver=2.0.0

Requested by

Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 990494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29804
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-16cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fDm7CDfaiFAV4ZCu5R71IXUWMtMV0QBJPaWzC19YeV7fGPIF9eFFsKPV0UO3ub6BVBbR8RolidblAU2YhO%2B77q3hupq9%2FNJrQ3ilfPZ9RdugyEYWA9QeeW82i93eOvCWXcjnpTR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b881dce6fbe01f8-ZRH
expires: Fri, 15 Aug 2025 02:22:48 GMT

GET
H2 200 plugins.js Show response
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/js/ 737 B
586 B 45ms
41ms Script
application/javascript 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/js/plugins.js?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 81625bd420a4072ae947d48f38e9df1aed876c9b663e3972812eb3e9ff1df878

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Sep 2018 22:00:00 GMT
server: openresty
etag: W/"5ba2c6e0-2e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:48 GMT

GET
H2 200 main.js Show response
www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/js/ 6 KB
2 KB 41ms
41ms Script
application/javascript 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-content/themes/swiss-paypay-2/js/main.js?ver=2.0.0
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: f49bd5d538671a339ad169da48fd8e710f7aa8c02d4e4cf6705ea2d32705cfdb

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Sep 2018 22:00:00 GMT
server: openresty
etag: W/"5ba2c6e0-1971"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:48 GMT

GET
H2 200 wp-embed.min.js Show response
www.salopesromandes.ch/wp-includes/js/ 1 KB
964 B 48ms
48ms Script
application/javascript 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salopesromandes.ch/wp-includes/js/wp-embed.min.js?ver=5.2.4
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 09:25:50 GMT
server: openresty
etag: W/"5d9ef91e-57b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
expires: Sun, 25 Aug 2024 03:22:48 GMT

GET
H2 200 Welsch_FSK_16@2x.jpg
wwwsalopesromandesch.wifi2.vm-zone.com/wp-content/uploads/sites/1448/2019/10/ 96 KB
97 KB 302ms
113ms Image
image/jpeg 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwsalopesromandesch.wifi2.vm-zone.com/wp-content/uploads/sites/1448/2019/10/Welsch_FSK_16@2x.jpg
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: 049631e292b83362ba1daee240fa6687d2c91159876e6fd8399e0d5e8b8850f7

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:49 GMT
last-modified: Thu, 31 Oct 2019 13:47:16 GMT
server: openresty
etag: "5dbae5e4-1811b"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 98587
expires: Mon, 26 Aug 2024 02:22:49 GMT

POST
H/1.1 200
OK A1094101036062339468840284628228868622288008040848 Show response
notify.dcbprotect.com/ 0
289 B 439ms
125ms XHR
text/html 63.35.33.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.dcbprotect.com/A1094101036062339468840284628228868622288008040848
Requested by: Host: www.salopesromandes.ch
URL: https://www.salopesromandes.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.33.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-33-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 02:22:49 GMT
content-encoding: gzip
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 latina_fav-1.png
wwwsalopesromandesch.wifi2.vm-zone.com/wp-content/uploads/sites/813/2016/03/ 332 B
524 B 87ms
39ms Other
image/png 23.251.131.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwsalopesromandesch.wifi2.vm-zone.com/wp-content/uploads/sites/813/2016/03/latina_fav-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.251.131.133 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 133.131.251.23.bc.googleusercontent.com
Software: openresty /
Resource Hash: bdb56af1b1df91d2d6c23ac045ca6dc990df460fd28a27e5563122370b5a7f85

Request headers

Referer: https://www.salopesromandes.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 02:22:49 GMT
last-modified: Thu, 17 Mar 2016 14:40:18 GMT
server: openresty
etag: "56eac1d2-14c"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 332
expires: Mon, 26 Aug 2024 02:22:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wifi2.vm-zone.com
URL: https://wifi2.vm-zone.com/?dm=be39290a105ec9e664b2b8338aab3861&action=load&blogid=1448&siteid=1&t=529684232&back=https%3A%2F%2Fwww.salopesromandes.ch%2F

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.salopesromandes.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: s99tr7rclvq73rit634ljp2ssc
			.flowly.com/	1970-01-21 08:38:32	Name: flids Value: %2FoSa9J1lXxsz7u2kbdXphg3YIM10mQ9LnfFSE3Z4lw5sbuvKtdqbQc921%2BPkxC6FsEwS%2BodX1yAPuFaxkWbFhQ%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.salopesromandes.ch/ Message: Mixed Content: The page at 'https://www.salopesromandes.ch/' was loaded over HTTPS, but requested an insecure element 'http://analytics.flowly.com/?frid=2cbb3964-c7eb-4d9b-9220-14ce57d92616&vasid=1045dd71-f06f-43df-bfb7-0f7ce77cc242&fcid=4b8c5b3a-766c-4bfa-b06e-8c3f4f2314d1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.salopesromandes.ch/(Line 82) Message: Mixed Content: The page at 'https://www.salopesromandes.ch/' was loaded over HTTPS, but requested an insecure element 'http://analytics.flowly.com/?frid=2cbb3964-c7eb-4d9b-9220-14ce57d92616&vasid=1045dd71-f06f-43df-bfb7-0f7ce77cc242&fcid=4b8c5b3a-766c-4bfa-b06e-8c3f4f2314d1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.flowly.com
cdnjs.cloudflare.com
notify.dcbprotect.com
salopesromandes.ch
wifi2.vm-zone.com
www.salopesromandes.ch
wwwsalopesromandesch.wifi2.vm-zone.com
wifi2.vm-zone.com
104.17.24.14
23.251.131.133
63.35.33.29
99.83.245.238
049631e292b83362ba1daee240fa6687d2c91159876e6fd8399e0d5e8b8850f7
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
446855d3e2f6aab38f40e17dc3e9892d5885a1e2fd3b0c35db1c9d8868bb8b7a
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
622615e09050d6974288f463ef5f3e5ca2fc7234239747a5ebf40af82f1cb02a
71d81190fc1805df12d9245e35559bab60ad3555a206b4eb7b72252e6248cc2d
81625bd420a4072ae947d48f38e9df1aed876c9b663e3972812eb3e9ff1df878
85c760b3dfca99b02b2069e4eef42cb604d05785c77cc21840e5cad74a44cdf1
a6d3ce73c1b4f7b1b63a02dc3f882606937ab8c7417a3d40b5346b89fe67fdb8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bdb56af1b1df91d2d6c23ac045ca6dc990df460fd28a27e5563122370b5a7f85
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f49bd5d538671a339ad169da48fd8e710f7aa8c02d4e4cf6705ea2d32705cfdb

www.salopesromandes.ch Open in urlscan Pro 23.251.131.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

5 IPs

4 Countries

205 kBTransfer

431 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

www.salopesromandes.ch Open in urlscan Pro
23.251.131.133 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

205 kB
Transfer

431 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions