URL: https://jm-contactless.ch/
Submission: On August 04 via automatic, source certstream-suspicious — Scanned from CH

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 103.169.142.0, located in Australia and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is jm-contactless.ch.
TLS certificate: Issued by WR1 on August 4th 2024. Valid for: 3 months.
This is the only time jm-contactless.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 103.169.142.0 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:249... 16509 (AMAZON-02)
1 172.217.16.206 15169 (GOOGLE)
24 5
Apex Domain
Subdomains
Transfer
18 jm-contactless.ch
jm-contactless.ch
2 MB
2 iframe.ly
cdn.iframe.ly — Cisco Umbrella Rank: 44530
2 canva.com
www.canva.com — Cisco Umbrella Rank: 4719
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
24 4
Domain Requested by
18 jm-contactless.ch jm-contactless.ch
2 cdn.iframe.ly jm-contactless.ch
2 www.canva.com jm-contactless.ch
2 www.youtube.com jm-contactless.ch
24 4
Subject Issuer Validity Valid
jm-contactless.ch
WR1
2024-08-04 -
2024-11-02
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
canva.com
WE1
2024-07-16 -
2024-10-14
3 months crt.sh
*.iframe.ly
Amazon RSA 2048 M03
2023-10-23 -
2024-11-21
a year crt.sh

This page contains 7 frames:

Primary Page: https://jm-contactless.ch/
Frame ID: AA389E992EB711F15FF56D5B03A2E627
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/R5Kv58Z9zIQ
Frame ID: 91218A6B26C6FD54417E7B0B79516F19
Requests: 1 HTTP requests in this frame

Frame: https://www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/view?embed;meta
Frame ID: 29ED6CA33E683E34AC0B8C27E31957EE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DS5J8kriWyIk&key=462812a26b593f2dbfbfcbb14f6d699a
Frame ID: A1AB881DDA7C491B215F75262EB3533A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/R5Kv58Z9zIQ
Frame ID: A0A75406E3EE11FB36A9FF6B716B1CB2
Requests: 1 HTTP requests in this frame

Frame: https://www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/view?embed;meta
Frame ID: 63B2EEA45730450D804337903658AAA7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DS5J8kriWyIk&key=462812a26b593f2dbfbfcbb14f6d699a
Frame ID: 3C75FB82F97990C97C1779897DB46376
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

JM Contactless

Page Statistics

24
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

2148 kB
Transfer

2640 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
jm-contactless.ch/
591 KB
99 KB
Document
General
Full URL
https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58aeebb44c2a3cf3d092e56ab00ebe351633d758a252813cb2acc1b44e374ec4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.canva.com canva.com; report-uri https://csp.canva.com/_cspreport?app=websites; base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'nonce-69362a37-c4da-416e-af44-6b42e514774b' https://www.google.com/recaptcha/api.js;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8adfcf25aade03b8-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self' *.canva.com canva.com; report-uri https://csp.canva.com/_cspreport?app=websites; base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'nonce-69362a37-c4da-416e-af44-6b42e514774b' https://www.google.com/recaptcha/api.js;
content-type
text/html
date
Sun, 04 Aug 2024 16:08:58 GMT
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
x-frame-options
SAMEORIGIN
x-robots-tag
all
x-xss-protection
1; mode=block
R5Kv58Z9zIQ
www.youtube.com/embed/ Frame 9121
0
0
Document
General
Full URL
https://www.youtube.com/embed/R5Kv58Z9zIQ
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 16:08:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
view
www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/ Frame 29ED
0
0
Document
General
Full URL
https://www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/view?embed;meta
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6770 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-A1dhsJp3tFFVJCas8sMitQ'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8adfcf288ef85c3d&app=embed&policyHash=0a3e43d2
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8adfcf288ef85c3d-AMS
content-encoding
br
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-A1dhsJp3tFFVJCas8sMitQ'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8adfcf288ef85c3d&app=embed&policyHash=0a3e43d2
content-type
text/html;charset=utf-8
date
Sun, 04 Aug 2024 16:08:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP=Canva does not have a P3P Policy.
pragma
No-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQmDaiHP2BDMgD32BYMsFOj3yr1g2s0lQteVgkAcv36OmxkHekkeU5mvXA6kJCbRMG2aSqlPttmbtVjblYIaibtixFqykv3%2FQbDZH2zQZq7vvlPsUYuVL1%2BTJLNKd8%2F7nclmyqYpKw30ze0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
8adfcf288ef85c3d
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
282be150c7ab4c6262dd95866c612023.woff
jm-contactless.ch/fonts/
18 KB
18 KB
Font
General
Full URL
https://jm-contactless.ch/fonts/282be150c7ab4c6262dd95866c612023.woff
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8702749cc9974d2e722e653ea0c8d8a34ed4eca4579fe7a256f0c80ba130ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Origin
https://jm-contactless.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
18120
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf282e2c03b8-FRA
7d5531777160e802b0c27b9c37f6645c.woff
jm-contactless.ch/fonts/
74 KB
74 KB
Font
General
Full URL
https://jm-contactless.ch/fonts/7d5531777160e802b0c27b9c37f6645c.woff
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2e0ec74d9eb8e2709b5105e7678140b6a5099347e668ea50eec2e5a33311fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Origin
https://jm-contactless.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
75580
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf282e2d03b8-FRA
58b393ddd1cfd8653a34e37082411b9d.woff2
jm-contactless.ch/fonts/
74 KB
74 KB
Font
General
Full URL
https://jm-contactless.ch/fonts/58b393ddd1cfd8653a34e37082411b9d.woff2
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae5509810ccd53896ac9b980a81c272a0e1fc9a215a61f3ece1a1888f36513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Origin
https://jm-contactless.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
75324
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf282e2f03b8-FRA
254a21cb559da08565d4a9c0c0b84a36.woff2
jm-contactless.ch/fonts/
73 KB
74 KB
Font
General
Full URL
https://jm-contactless.ch/fonts/254a21cb559da08565d4a9c0c0b84a36.woff2
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
285ecf6da82432cb4c41cf06cc87693a14e19e6f981a20303d4b948525f7efc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Origin
https://jm-contactless.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
75176
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf282e3003b8-FRA
fba2e7a7e9b0876a1a16f7d80310d82c.jpg
jm-contactless.ch/images/
2 MB
2 MB
Image
General
Full URL
https://jm-contactless.ch/images/fba2e7a7e9b0876a1a16f7d80310d82c.jpg
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a021c6ad850f0430bb2c7a8e94d87d4101a902231707d5f43ff92b138dd8d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
1741264
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2003b8-FRA
2bd68b3eb83d54b6fbe8778be9812a1b.png
jm-contactless.ch/images/
44 KB
44 KB
Image
General
Full URL
https://jm-contactless.ch/images/2bd68b3eb83d54b6fbe8778be9812a1b.png
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c11bc4787862e2ee73ca0b3226316dbf2640ee0602e9b47dfdcc241e84c79d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
44626
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2303b8-FRA
60dbb1d80a8cc591a9999cd308b6607a.svg
jm-contactless.ch/images/
2 KB
1 KB
Image
General
Full URL
https://jm-contactless.ch/images/60dbb1d80a8cc591a9999cd308b6607a.svg
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f92cea049e852f5779c9aff820bdd9dbcf7306cc4926048a0bc0ebe0ff2f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2403b8-FRA
fa3bd8b043ec0b599f6626ebebd0120f.svg
jm-contactless.ch/images/
1 KB
698 B
Image
General
Full URL
https://jm-contactless.ch/images/fa3bd8b043ec0b599f6626ebebd0120f.svg
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb40e48f1f4e467624bb22f1845ca3adf022897512aeafcfe1132dfaf852d634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2503b8-FRA
28d81807aad00fb57f79c3dc180ce3e6.svg
jm-contactless.ch/images/
561 B
438 B
Image
General
Full URL
https://jm-contactless.ch/images/28d81807aad00fb57f79c3dc180ce3e6.svg
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e3f2d81ac070d70aec6490fcc78558a44f0d84fa66007f4823a6d43d3d5a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2803b8-FRA
e31235338f3470245261efeb461f982d.png
jm-contactless.ch/images/
6 KB
6 KB
Image
General
Full URL
https://jm-contactless.ch/images/e31235338f3470245261efeb461f982d.png
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e381355d5b52e9eb87dffac1748a7ccf64b1b683d68fb8aa7283cb697e46ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
6539
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf281e2903b8-FRA
8846b46acb33b3cdf431ba10639a2599.png
jm-contactless.ch/images/
12 KB
12 KB
Image
General
Full URL
https://jm-contactless.ch/images/8846b46acb33b3cdf431ba10639a2599.png
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec366685e90250add36cc339c6063d777888f1e55ff4c22cffde50588abb080b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
12213
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf284e5503b8-FRA
73768b042ad10ab1e2e12d89cdbc51ac.svg
jm-contactless.ch/images/
1 KB
759 B
Image
General
Full URL
https://jm-contactless.ch/images/73768b042ad10ab1e2e12d89cdbc51ac.svg
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9103329c07925b768e93c4de35a7c1cc63ffbd3675dae34a1fbf876825c14e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf284e5b03b8-FRA
iframe
cdn.iframe.ly/api/ Frame A1AB
0
0
Document
General
Full URL
https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DS5J8kriWyIk&key=462812a26b593f2dbfbfcbb14f6d699a
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:a600:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / iframe.ly
Resource Hash

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 16:08:59 GMT
etag
W/"619282b7f4a060433370d7de1e924770"
expires
Sun, 04 Aug 2024 17:08:59 GMT
server
nginx
vary
Accept-Encoding
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-id
A7uPCN311YM0PhzDlwZnFc-zVdttUpC0OU9IBSZbAzA23RsKdBRd8g==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-powered-by
iframe.ly
939898b427480d700449229ff00dbb8a6f9f77442b532f697866e6914ab8843a.js
jm-contactless.ch/js/
221 B
211 B
Script
General
Full URL
https://jm-contactless.ch/js/939898b427480d700449229ff00dbb8a6f9f77442b532f697866e6914ab8843a.js
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
939898b427480d700449229ff00dbb8a6f9f77442b532f697866e6914ab8843a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf284e5c03b8-FRA
b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6.js
jm-contactless.ch/js/
2 KB
963 B
Script
General
Full URL
https://jm-contactless.ch/js/b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6.js
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf284e5f03b8-FRA
388fb330498371d4935abbff11d34d4c30842ca3c4a128cdd290d29db98acb41.js
jm-contactless.ch/js/
2 KB
982 B
Script
General
Full URL
https://jm-contactless.ch/js/388fb330498371d4935abbff11d34d4c30842ca3c4a128cdd290d29db98acb41.js
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
388fb330498371d4935abbff11d34d4c30842ca3c4a128cdd290d29db98acb41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf284e6203b8-FRA
e85752416d9f97b365a127939329148f.png
jm-contactless.ch/images/
38 KB
38 KB
Image
General
Full URL
https://jm-contactless.ch/images/e85752416d9f97b365a127939329148f.png
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bda87379cb9d6a2d9aaa4da7a39588bdcc05100290456a4d80df8d325464db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:08:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
39027
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf29ce958f3d-FRA
R5Kv58Z9zIQ
www.youtube.com/embed/ Frame A0A7
0
0
Document
General
Full URL
https://www.youtube.com/embed/R5Kv58Z9zIQ
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/js/b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Aug 2024 16:08:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
view
www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/ Frame 63B2
0
0
Document
General
Full URL
https://www.canva.com/design/DAGGzF3njho/iz8ngKp5kEMB4620YBh9PA/view?embed;meta
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/js/b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6770 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-xAtCe1AbLtcjoJ+/6Bm9zw'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8adfcf2a288f5c3d&app=embed&policyHash=f57d2c1a
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8adfcf2a288f5c3d-AMS
content-encoding
br
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-xAtCe1AbLtcjoJ+/6Bm9zw'; report-uri https://csp.canva.com/_cspreport?source=web2&requestId=8adfcf2a288f5c3d&app=embed&policyHash=f57d2c1a
content-type
text/html;charset=utf-8
date
Sun, 04 Aug 2024 16:08:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP=Canva does not have a P3P Policy.
pragma
No-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FeQ5etGNKAscG9oP1RGo%2FyfJqy0sbA9l46zkAEaoeNYggl1VT4cFEcr2UkvEsjlOm8INV74WGvK%2F9jMmyeD0v9bOxIrETQKFyq4KYXFBZCx6Mos4yEy1auD1Goq%2BRyp3ljTTHf1iyVHhQg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
8adfcf2a288f5c3d
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
iframe
cdn.iframe.ly/api/ Frame 3C75
0
0
Document
General
Full URL
https://cdn.iframe.ly/api/iframe?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DS5J8kriWyIk&key=462812a26b593f2dbfbfcbb14f6d699a
Requested by
Host: jm-contactless.ch
URL: https://jm-contactless.ch/js/b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:a600:e:e47a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / iframe.ly
Resource Hash

Request headers

Referer
https://jm-contactless.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 16:08:59 GMT
etag
W/"619282b7f4a060433370d7de1e924770"
expires
Sun, 04 Aug 2024 17:08:59 GMT
server
nginx
vary
Accept-Encoding
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-id
A7uPCN311YM0PhzDlwZnFc-zVdttUpC0OU9IBSZbAzA23RsKdBRd8g==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-powered-by
iframe.ly
9ec4407f63a908bbc0702c19d9c402b5.png
jm-contactless.ch/
977 B
1 KB
Other
General
Full URL
https://jm-contactless.ch/9ec4407f63a908bbc0702c19d9c402b5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.169.142.0 , Australia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b5d12482fb4243597294cee289bf070bf5fa1fd230f0a2515e6aea95691cc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jm-contactless.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 16:09:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-deployment-id
4e9905078f84a26d4bd25110d32e07f2b32df0fa1eb3ca3e94f86dcbb077c333
alt-svc
h3=":443"; ma=86400
content-length
977
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800, immutable
x-robots-tag
none
cf-ray
8adfcf35dd938f3d-FRA

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| canva_scriptExecutor object| canva_debounceResize

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: W_7MqdYsGHo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: zK81h8RlLVk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDSBIEGgAgVQ%3D%3D
.canva.com/ Name: __cf_bm
Value: rTK5l55a0CvxDxb6OD_yY9h7Ic_NDPbJUFyMg7ktZyQ-1722787739-1.0.1.1-l51Qydyold0XRRXLLNgBPjBNUu5xxP58jt1r.rKpvX5OPL3VGbLcbdpuUWrPdyDqY5JUy3.IW69ZQta34isGTQ
.canva.com/ Name: _cfuvid
Value: mCnJ_P_S6QJ5wY89YTGY86w0IxZzRL.OaT98.o.rkqw-1722787739466-0.0.1.1-604800000
www.canva.com/ Name: ASI
Value: 01J4F2DEAP2Z2HN9D64P3Z07H5
.canva.com/ Name: cf_clearance
Value: WZcQE4yUCgtJHRyM1DRWvze3VgUDe3FkAoOo5rspMyQ-1722787740-1.0.1.1-oARj85q16_xQt3lft2uRm9t22auupz944ZW_2UwiJ2CzcwLneR0_e0lAcFiYLNUXHgHn56ghtHS3IjRgpcspfA

2 Console Messages

Source Level URL
Text
other warning URL: https://jm-contactless.ch/
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://jm-contactless.ch/
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.canva.com canva.com; report-uri https://csp.canva.com/_cspreport?app=websites; base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'nonce-69362a37-c4da-416e-af44-6b42e514774b' https://www.google.com/recaptcha/api.js;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.iframe.ly
jm-contactless.ch
www.canva.com
www.youtube.com
103.169.142.0
172.217.16.206
2600:9000:2490:a600:e:e47a:54c0:93a1
2606:4700::6810:6770
2a00:1450:4001:806::200e
285ecf6da82432cb4c41cf06cc87693a14e19e6f981a20303d4b948525f7efc3
2c11bc4787862e2ee73ca0b3226316dbf2640ee0602e9b47dfdcc241e84c79d3
388fb330498371d4935abbff11d34d4c30842ca3c4a128cdd290d29db98acb41
4e2e0ec74d9eb8e2709b5105e7678140b6a5099347e668ea50eec2e5a33311fd
58aeebb44c2a3cf3d092e56ab00ebe351633d758a252813cb2acc1b44e374ec4
59b5d12482fb4243597294cee289bf070bf5fa1fd230f0a2515e6aea95691cc4
68bda87379cb9d6a2d9aaa4da7a39588bdcc05100290456a4d80df8d325464db
82f92cea049e852f5779c9aff820bdd9dbcf7306cc4926048a0bc0ebe0ff2f4b
8702749cc9974d2e722e653ea0c8d8a34ed4eca4579fe7a256f0c80ba130ff8f
939898b427480d700449229ff00dbb8a6f9f77442b532f697866e6914ab8843a
b1e381355d5b52e9eb87dffac1748a7ccf64b1b683d68fb8aa7283cb697e46ed
b7d91262d3324ab0ad9ba844ac9c886c544fe3a4602d1979c31da4a1e2c1cea6
bb40e48f1f4e467624bb22f1845ca3adf022897512aeafcfe1132dfaf852d634
bfae5509810ccd53896ac9b980a81c272a0e1fc9a215a61f3ece1a1888f36513
d7e3f2d81ac070d70aec6490fcc78558a44f0d84fa66007f4823a6d43d3d5a63
eb9103329c07925b768e93c4de35a7c1cc63ffbd3675dae34a1fbf876825c14e
ec366685e90250add36cc339c6063d777888f1e55ff4c22cffde50588abb080b
f4a021c6ad850f0430bb2c7a8e94d87d4101a902231707d5f43ff92b138dd8d6