zso-ls.netgroupphone.ch Open in urlscan Pro
217.11.44.14  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.videocall.lisue.ch/ Page URL
2. https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ www.videocall.lisue.ch/	404 B 486 B	84ms 20ms	Document text/html	199.47.150.35 VIVANET-AS
General Check archive.org Show headers Download Go to Full URL https://www.videocall.lisue.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.47.150.35 Glattbrugg, Switzerland, ASN204631 (VIVANET-AS, CH), Reverse DNS hosting.tecnolution.ch Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 278 content-type text/html date Mon, 15 Jul 2024 17:13:05 GMT etag "194-61a351387ef01-gzip" last-modified Thu, 06 Jun 2024 09:12:03 GMT server nginx vary Accept-Encoding,User-Agent x-accel-version 0.01
GET H2	200	Primary Request aff2a93ca9f2fc56b220646c86fdabe6cce27533 Show response zso-ls.netgroupphone.ch/meet/	2 KB 4 KB	216ms 25ms	Document text/html	217.11.44.14 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.11.44.14 Lausanne, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH), Reverse DNS 14.44.11.217.static.wline.lns.sme.cust.swisscom.ch Software nginx / Resource Hash a885d747823cabe4bcc2b77a9a15972c642701dfe1f70ea23594614d8f5aab02 Security Headers Name Value Content-Security-Policy default-src 'self' *.3cx.net blob:; style-src 'self' 'unsafe-inline' *.3cx.net; script-src 'self' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg=' 'sha256-TGsXLQfLHsGDeoIWI4FGqqAubh+PQLIAnKLU//FZ46k=' 'unsafe-eval' *.3cx.net youtube.com www.youtube.com; worker-src blob:; frame-src 'self' *.3cx.net www.youtube.com tcxwmrc:; connect-src *; img-src 'self' *.3cx.net img.youtube.com *.ytimg.com data:; Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers Referer https://www.videocall.lisue.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-length 2247 content-security-policy default-src 'self' *.3cx.net blob:; style-src 'self' 'unsafe-inline' *.3cx.net; script-src 'self' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg=' 'sha256-TGsXLQfLHsGDeoIWI4FGqqAubh+PQLIAnKLU//FZ46k=' 'unsafe-eval' *.3cx.net youtube.com www.youtube.com; worker-src blob:; frame-src 'self' *.3cx.net www.youtube.com tcxwmrc:; connect-src *; img-src 'self' *.3cx.net img.youtube.com *.ytimg.com data:; content-type text/html date Mon, 15 Jul 2024 17:13:06 GMT expires 0 pragma no-cache server nginx strict-transport-security max-age=15768000 x-content-type-options nosniff x-frame-options SAMEORIGIN x-webmeeting-data eyJtZWV0aW5nIjp7Im9yZ2FuaXplciI6eyJuYW1lIjoiWl9DYWxsY2VudGVyIERyZWkifSwiaXNvcmdhbml6ZXIiOmZhbHNlLCJrZXkiOiJhZmYyYTkzY2E5ZjJmYzU2YjIyMDY0NmM4NmZkYWJlNmNjZTI3NTMzXzcyMzY2NTY5OCIsInBhc3N3b3JkIjpmYWxzZSwicXVpY2ttZWV0aW5nIjpmYWxzZSwiYXV0b2xvZ2luIjpmYWxzZSwieW91cm5hbWUiOiJHdWVzdCIsImVtYWlsIjoiZ3Vlc3RAYWZmMmE5M2NhOWYyZmM1NmIyMjA2NDZjODZmZGFiZTZjY2UyNzUzM183MjM2NjU2OTgub3BlbiIsInN1YmplY3QiOiJMSVNVRSAtIFN0JiMyMjg7bmRpZ2UgVmlkZW9rb25mZXJlbnogZiYjMjUyO3IgRWlucyYjMjI4O3R6ZSIsImRhdGUiOiIwMS8wMS8yMDMwIDEwOjI4OjM5IFVUQyIsImhpZGVwYXJ0aWNpcGFudHMiOmZhbHNlLCJhcHB1cmwiOiJ0Y3h3bTovL3pzby1scy5uZXRncm91cHBob25lLmNoOjUwMDEvbWVldC9hZmYyYTkzY2E5ZjJmYzU2YjIyMDY0NmM4NmZkYWJlNmNjZTI3NTMzIiwiY2xpZW50dXJsIjoiaHR0cHM6Ly96c28tbHMubmV0Z3JvdXBwaG9uZS5jaDo1MDAxL21lZXQvYWZmMmE5M2NhOWYyZmM1NmIyMjA2NDZjODZmZGFiZTZjY2UyNzUzMyIsImNvbmZlcmVuY2VwaW4iOiI2MDE4NTg4IiwiY29uZmVyZW5jZW51bWJlciI6bnVsbCwicmVzdHJpY3RlZCI6ZmFsc2UsIm9wZW5saW5rIjoiaHR0cHM6Ly96c28tbHMubmV0Z3JvdXBwaG9uZS5jaDo1MDAxL21lZXQvYWZmMmE5M2NhOWYyZmM1NmIyMjA2NDZjODZmZGFiZTZjY2UyNzUzMyJ9LCJsYW5ndWFnZSI6ImRlIiwiZXJyb3IiOiIiLCJsb2dzZXZlcml0eSI6MSwibWV0aG9kIjoib3BlbiIsIm1heHVwbG9hZHNpemUiOjY3MTA4ODY0LCJhcHBzdG9yZSI6Imh0dHBzOi8vaXR1bmVzLmFwcGxlLmNvbS9hcHAvM2N4LXdlYm1lZXRpbmcvaWQxMDM5NzU2OTU5IiwicGxheXN0b3JlIjoiaHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb20vc3RvcmUvYXBwcy9kZXRhaWxzP2lkPW9yZy50Y3gud2VibWVldGluZyIsInZlcnNpb24iOiIxOC4wLjkuMzEifQ== x-xss-protection 1;mode=block
GET H2	404	favicon.ico www.videocall.lisue.ch/	315 B 356 B	19ms 19ms	Other text/html	199.47.150.35 VIVANET-AS
General Check archive.org Show headers Download Go to Full URL https://www.videocall.lisue.ch/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.47.150.35 Glattbrugg, Switzerland, ASN204631 (VIVANET-AS, CH), Reverse DNS hosting.tecnolution.ch Software nginx / Resource Hash Request headers Referer https://www.videocall.lisue.ch/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	200	global.css wmr-cdn.3cx.net/client/20.0.1.36144/	794 B 885 B	148ms 49ms	Stylesheet text/css	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/global.css Requested by Host: zso-ls.netgroupphone.ch URL: https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75ff3db6001425676241a1f644964f81c6c06055cc626336ee557a6d662cd54a Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 361845 x-guploader-uploadid ACJd0Nr-L_kHZURjv1bOoNx73nu6W_okehNViqkhoalt1vR8Qag-Igb42sQGjbZK3_y5aSvw7Q x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:11 GMT server cloudflare etag W/"670c8188ec2443a45be0ab6d2f65fdf4" vary Accept-Encoding x-goog-generation 1720694411302546 content-type text/css access-control-allow-origin * x-goog-hash crc32c=MeF+Qg==, md5=ZwyBiOwkQ6Rb4KttL2X99A== cache-control public, max-age=14400 x-goog-stored-content-length 794 cf-ray 8a3b6196c9bf289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	wmclient.js Show response wmr-cdn.3cx.net/client/20.0.1.36144/	3 MB 705 KB	152ms 53ms	Script text/javascript	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Requested by Host: zso-ls.netgroupphone.ch URL: https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eb39bf7455d8a0c09a172caa68bc7a4973fa3bc43b79be2c717e1020793fae6 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 361844 x-guploader-uploadid ACJd0NrOmvmIsm_mEdgGF7fqyYH7qOwnVF_4ES3Cgsa7R7527Og1WqFI1D1L7AVCDfo-HDJGxMHHX1oxvA x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:11 GMT server cloudflare etag W/"a4052ef61d91eec8d1fb0531e2e6f97b" vary Accept-Encoding x-goog-generation 1720694411643149 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=8Q7NRA==, md5=pAUu9h2R7sjR+wUx4ub5ew== cache-control public, max-age=14400 x-goog-stored-content-length 2673600 cf-ray 8a3b6196c9c0289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	bundle_component_main.js Show response wmr-cdn.3cx.net/client/20.0.1.36144/	5 KB 3 KB	64ms 63ms	Script text/javascript	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/bundle_component_main.js Requested by Host: zso-ls.netgroupphone.ch URL: https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 737e594d7956567519c5df1af33e297dc0c8b31575dc314c3a8bc3ee7297b597 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 361844 x-guploader-uploadid ACJd0NpifqCzR367EPXOBQejyF9B7SYuKjOIo1PiV8DYN-mMKZORovyOy7X33XHLOLfHvNURX_oRBDQukA x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag W/"3ad846d2def23efefe12ed3532f2be50" vary Accept-Encoding x-goog-generation 1720694410682474 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=fzJrIQ==, md5=OthG0t7yPv7+Eu01MvK+UA== cache-control public, max-age=14400 x-goog-stored-content-length 5388 cf-ray 8a3b61971a09289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	pdf.min.js Show response wmr-cdn.3cx.net/client/20.0.1.36144/lib/pdfjs/	329 KB 92 KB	155ms 84ms	Script text/javascript	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/lib/pdfjs/pdf.min.js Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3caae2cf1fe9d6e25588d0d239d02454422778ed5897314981496a4656eab82 Request headers Referer Origin https://zso-ls.netgroupphone.ch:5001 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 16795 x-guploader-uploadid ACJd0NqB-CpdSu3fj-woqwNv2XbJrLBBdD_n3haFgOPrD6B3BZ8O5WIWlnPoECweOUdZseBcwsE x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:12 GMT server cloudflare etag W/"b0c2fafe3ed6d59faaa084a221f14772" vary Accept-Encoding x-goog-hash crc32c=0RD3jQ==, md5=sML6/j7W1Z+qoISiIfFHcg== x-goog-generation 1720694412157543 access-control-allow-origin * content-type text/javascript cache-control public, max-age=14400 x-goog-stored-content-length 336617 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cf-ray 8a3b619919d7a00b-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	latest.woff wmr-cdn.3cx.net/client/20.0.1.36144/fonts/segoe/	75 KB 75 KB	114ms 51ms	Font font/woff	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/fonts/segoe/latest.woff Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/global.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f125bede9adba98877d5898242fbf16eec919446b6f566b9cddd9cfdd0c96c5f Request headers Referer https://wmr-cdn.3cx.net/client/20.0.1.36144/global.css Origin https://zso-ls.netgroupphone.ch:5001 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT cf-cache-status HIT age 16795 x-guploader-uploadid ACJd0Nr7Rh71onWbwyFZ_4ybH7Ax7d_CHPJSwmSYBbaqAXcgYd76yv2BopcymFDUUb9zrKlBgss x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 76509 last-modified Thu, 11 Jul 2024 10:40:12 GMT server cloudflare etag "2d3b490f355582b20fbe490bb18511a3" vary Accept-Encoding x-goog-hash crc32c=9/L6bg==, md5=LTtJDzVVgrIPvkkLsYURow== x-goog-generation 1720694412348066 content-type font/woff access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 x-goog-stored-content-length 76509 accept-ranges bytes cf-ray 8a3b619919d5a00b-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	favicon.ico wmr-cdn.3cx.net/	4 KB 1 KB	55ms 54ms	Other image/x-icon	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b7152bce4fd1c1ee8370726887d55e5477ac9216142af1af3d129bfdfe39439 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 56644 x-guploader-uploadid ACJd0NrBxKjSCJ3E5MeQyLJNW0OxirToRma2VJ12vvEXS-pE3xj0yXQjHLlVWFjcostovVlLQ-Z1UE1KnA x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 06 Apr 2021 08:40:01 GMT server cloudflare etag W/"5e0a5951f1067713c6a0e05d848815d4" vary Accept-Encoding x-goog-hash crc32c=Lo+mHA==, md5=XgpZUfEGdxPGoOBdhIgV1A== x-goog-generation 1617698401117770 access-control-allow-origin * content-type image/x-icon cache-control public, max-age=14400 x-goog-stored-content-length 4286 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cf-ray 8a3b6199cc14289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	flow.min.js Show response wmr-cdn.3cx.net/client/20.0.1.36144/lib/flowjs/	15 KB 5 KB	48ms 47ms	Script text/javascript	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/lib/flowjs/flow.min.js Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41a6fb68aa7bdd0dbe2fd0df109bae167aeced248ae0a762d8eccd8c36bce75e Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 361844 x-guploader-uploadid ACJd0Nq2kh53QxyzezPbfvdN9af7LyOasp4XIJVEKOBiGzAqztH41eCw1NJ4z-pJL72xA3BCH5w x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:12 GMT server cloudflare etag W/"aa396748af62d46133356ea54edaf77b" vary Accept-Encoding x-goog-generation 1720694412102699 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=sECx+g==, md5=qjlnSK9i1GEzNW6lTtr3ew== cache-control public, max-age=14400 x-goog-stored-content-length 15333 cf-ray 8a3b619a0c40289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	spark-md5.min.js Show response wmr-cdn.3cx.net/client/20.0.1.36144/lib/spark-md5/	10 KB 3 KB	51ms 50ms	Script text/javascript	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/lib/spark-md5/spark-md5.min.js Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d80e84c820cc5587a0ba3c8a20652099ea3fa7fc43944e812e56d449c1d9f1c9 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:06 GMT content-encoding gzip cf-cache-status HIT age 361844 x-guploader-uploadid ACJd0NqSqsGhEao0OcGID-F_0eftfNHn8p2WKbyy__orYJhAujgTSs9qOd6EZfbpg4NkgcIUdJA x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:12 GMT server cloudflare etag W/"86e75ba615bbdd2ec44f0f15d3ca2e85" vary Accept-Encoding x-goog-generation 1720694412145339 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=zPH/RQ==, md5=hudbphW73S7ETw8V08ouhQ== cache-control public, max-age=14400 x-goog-stored-content-length 10166 cf-ray 8a3b619a5c77289d-AMS expires Mon, 15 Jul 2024 21:13:06 GMT
GET H2	200	translations.json Show response wmr-cdn.3cx.net/client/20.0.1.36144/lib/	485 KB 72 KB	55ms 54ms	Fetch application/json	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/lib/translations.json Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b70129e1a9c543f0142ee9599a94c8aa2e1912d190476be712d8a651106c192f Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:07 GMT content-encoding gzip cf-cache-status HIT age 16795 x-guploader-uploadid ACJd0NqieoXY06vsskZMMQGMFmdbYmuWUkMR5AkQONYgZD6bSJ6IZuB471Te4RHUNX8-FqCNpSw x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Thu, 11 Jul 2024 10:40:11 GMT server cloudflare etag W/"858a55be3c9422699a4ba58af8261a87" vary Accept-Encoding x-goog-hash crc32c=+pdqvw==, md5=hYpVvjyUImmaS6WK+CYahw== x-goog-generation 1720694411026991 access-control-allow-origin * content-type application/json cache-control public, max-age=14400 x-goog-stored-content-length 496233 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cf-ray 8a3b619abc82a00b-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	200	version.txt Show response wmr-cdn.3cx.net/client/20.0.1.36144/	13 B 266 B	42ms 42ms	Fetch text/plain	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/version.txt Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cdf880cbe66134dacd3d3035c6cb3f8dd0c82bbdd3799d0fbbcdec98b18bc19 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 16795 x-guploader-uploadid ACJd0NrcO9aN69mTZFKcCSrt-okNl7Si5SAzzzTrSXGaJbj-znIMICGGqClPkg0q0lxygrKVlQs8c9B2nw x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity content-length 13 last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag "5fe2f5f328625fd54e30e1f1eaf61a6d" vary Accept-Encoding x-goog-hash crc32c=UdIytg==, md5=X+L18yhiX9VOMOHx6vYabQ== x-goog-generation 1720694410578380 content-type text/plain access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=14400 x-goog-stored-content-length 13 accept-ranges bytes cf-ray 8a3b619b3d13a00b-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	206	join.mp3 wmr-cdn.3cx.net/client/20.0.1.36144/sounds/	66 KB 67 KB	42ms 40ms	Media audio/mpeg	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/sounds/join.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93815950775c8e4563a0bbd0395060e59a3d1bc511b94f59cb7e0519fc75de01 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 361845 x-guploader-uploadid ACJd0Nr0kbb3q52w33We5JPTZjA9U4bNHFuNhcgaqaLV7rDmu2-cMguN5QT76wOQHa_t1N05QY1ktLw2jw x-goog-storage-class STANDARD Content-Range bytes 0-67859/67860 x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 67860 last-modified Thu, 11 Jul 2024 10:40:11 GMT server cloudflare etag "cf76a21db0095c01a3f97340f9da2f79" vary Accept-Encoding x-goog-generation 1720694410974461 content-type audio/mpeg access-control-allow-origin * x-goog-hash crc32c=+tDZzQ==, md5=z3aiHbAJXAGj+XNA+doveQ== cache-control public, max-age=14400 x-goog-stored-content-length 67860 cf-ray 8a3b619b5d1b289d-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	206	quit.mp3 wmr-cdn.3cx.net/client/20.0.1.36144/sounds/	66 KB 67 KB	55ms 53ms	Media audio/mpeg	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/sounds/quit.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95e4127e94ac1d88a29872fde0102fc459e67ac640f6f72003eae568d68a8f01 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 361845 x-guploader-uploadid ACJd0Nr6dmpTVB6J2FHbK3mKyCqmjQvkaBXMKEpm1Rh_upfAH_-RutROuQKcNz-GpBGGtnyssl8 x-goog-storage-class STANDARD Content-Range bytes 0-67859/67860 x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 67860 last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag "2df15f125690e89c3a71264b467ae91a" vary Accept-Encoding x-goog-generation 1720694410774404 content-type audio/mpeg access-control-allow-origin * x-goog-hash crc32c=iAHhkQ==, md5=LfFfElaQ6Jw6cSZLRnrpGg== cache-control public, max-age=14400 x-goog-stored-content-length 67860 cf-ray 8a3b619b5d1c289d-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	206	chat.mp3 wmr-cdn.3cx.net/client/20.0.1.36144/sounds/	13 KB 14 KB	51ms 49ms	Media audio/mpeg	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/sounds/chat.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dce5541816f6c71111324a39b1be417ae2acb7dc439c97ab2751b6ebd38492d Request headers Referer https://zso-ls.netgroupphone.ch:5001/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 361845 x-guploader-uploadid ACJd0Nq9_dz32cu9yvEj_hTuMFXHnOCvWNblfUwPMJvCQ0nRAzZaCXRT4msp4SsQAqYaoPvHAcB-D6_Xow x-goog-storage-class STANDARD Content-Range bytes 0-13760/13761 x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 13761 last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag "dbe4f3571461c9812d9ee02738ab8c60" vary Accept-Encoding x-goog-generation 1720694410786694 content-type audio/mpeg access-control-allow-origin * x-goog-hash crc32c=ZZQM6g==, md5=2+TzVxRhyYEtnuAnOKuMYA== cache-control public, max-age=14400 x-goog-stored-content-length 13761 cf-ray 8a3b619b5d1e289d-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	206	notification.mp3 wmr-cdn.3cx.net/client/20.0.1.36144/sounds/	33 KB 33 KB	52ms 50ms	Media audio/mpeg	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/sounds/notification.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 763a7332dfadc97ca0cc49271b4a75f6f379e1521845dcbf2529ed7a45b072f6 Request headers Referer https://zso-ls.netgroupphone.ch:5001/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 361844 x-guploader-uploadid ACJd0Nry53UxM9Ws-6Rm0jwSxoZkADKEGbYUSbeUTTx--kNmrBWMWQGUmTlK57r96aD9BYJSw_zbqNRUFQ x-goog-storage-class STANDARD Content-Range bytes 0-33879/33880 x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 33880 last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag "bc5d69a367c969b34859e69b62646a87" vary Accept-Encoding x-goog-generation 1720694410674582 content-type audio/mpeg access-control-allow-origin * x-goog-hash crc32c=7NM1Eg==, md5=vF1po2fJabNIWeabYmRqhw== cache-control public, max-age=14400 x-goog-stored-content-length 33880 cf-ray 8a3b619b5d1f289d-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
GET H2	206	mute.mp3 wmr-cdn.3cx.net/client/20.0.1.36144/sounds/	3 KB 3 KB	48ms 46ms	Media audio/mpeg	2606:4700:4400::ac40:9a17 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wmr-cdn.3cx.net/client/20.0.1.36144/sounds/mute.mp3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a17 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef9188169f04351e67fbb154d6e439c49111bba93efddfe7186c3592a8110eca Request headers Referer https://zso-ls.netgroupphone.ch:5001/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 15 Jul 2024 17:13:07 GMT cf-cache-status HIT age 361845 x-guploader-uploadid ACJd0Nqo7wTM06sLiLYbfn47BNRLhhFZirI6IGEpEn7lWwuGA9EhjGzMwvO8TWucOCm0gAoGp80XeoJrmA x-goog-storage-class STANDARD Content-Range bytes 0-3335/3336 x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 3336 last-modified Thu, 11 Jul 2024 10:40:10 GMT server cloudflare etag "2cd30657f8b70e6ffe065d979f214fcc" vary Accept-Encoding x-goog-generation 1720694410779384 content-type audio/mpeg access-control-allow-origin * x-goog-hash crc32c=sbFXKA==, md5=LNMGV/i3Dm/+Bl2XnyFPzA== cache-control public, max-age=14400 x-goog-stored-content-length 3336 cf-ray 8a3b619b5d20289d-AMS expires Mon, 15 Jul 2024 21:13:07 GMT
POST H2	401	token Show response zso-ls.netgroupphone.ch/connect/	0 47 B	23ms 23ms	Fetch	217.11.44.14 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://zso-ls.netgroupphone.ch:5001/connect/token Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.11.44.14 Lausanne, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH), Reverse DNS 14.44.11.217.static.wline.lns.sme.cust.swisscom.ch Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundarysp4mRV1cMAAacsxa Response headers date Mon, 15 Jul 2024 17:13:07 GMT content-length 0 server nginx
POST H2	404	token Show response zso-ls.netgroupphone.ch/webmeeting/	0 43 B	22ms 21ms	Fetch	217.11.44.14 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://zso-ls.netgroupphone.ch:5001/webmeeting/token Requested by Host: wmr-cdn.3cx.net URL: https://wmr-cdn.3cx.net/client/20.0.1.36144/wmclient.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.11.44.14 Lausanne, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH), Reverse DNS 14.44.11.217.static.wline.lns.sme.cust.swisscom.ch Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://zso-ls.netgroupphone.ch:5001/meet/aff2a93ca9f2fc56b220646c86fdabe6cce27533 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryfQW0NQmYafNuMoVH Response headers date Mon, 15 Jul 2024 17:13:07 GMT content-length 0 server nginx

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __svelte object| fabric object| app string| wmbase_uri object| pdfjsLibPromise object| pdfjsLib function| Flow function| SparkMD5

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.videocall.lisue.ch/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://zso-ls.netgroupphone.ch:5001/connect/token Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://zso-ls.netgroupphone.ch:5001/webmeeting/token Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wmr-cdn.3cx.net
www.videocall.lisue.ch
zso-ls.netgroupphone.ch
199.47.150.35
217.11.44.14
2606:4700:4400::ac40:9a17
0b7152bce4fd1c1ee8370726887d55e5477ac9216142af1af3d129bfdfe39439
2eb39bf7455d8a0c09a172caa68bc7a4973fa3bc43b79be2c717e1020793fae6
3cdf880cbe66134dacd3d3035c6cb3f8dd0c82bbdd3799d0fbbcdec98b18bc19
41a6fb68aa7bdd0dbe2fd0df109bae167aeced248ae0a762d8eccd8c36bce75e
4dce5541816f6c71111324a39b1be417ae2acb7dc439c97ab2751b6ebd38492d
737e594d7956567519c5df1af33e297dc0c8b31575dc314c3a8bc3ee7297b597
75ff3db6001425676241a1f644964f81c6c06055cc626336ee557a6d662cd54a
763a7332dfadc97ca0cc49271b4a75f6f379e1521845dcbf2529ed7a45b072f6
93815950775c8e4563a0bbd0395060e59a3d1bc511b94f59cb7e0519fc75de01
95e4127e94ac1d88a29872fde0102fc459e67ac640f6f72003eae568d68a8f01
a885d747823cabe4bcc2b77a9a15972c642701dfe1f70ea23594614d8f5aab02
b70129e1a9c543f0142ee9599a94c8aa2e1912d190476be712d8a651106c192f
c3caae2cf1fe9d6e25588d0d239d02454422778ed5897314981496a4656eab82
d80e84c820cc5587a0ba3c8a20652099ea3fa7fc43944e812e56d449c1d9f1c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9188169f04351e67fbb154d6e439c49111bba93efddfe7186c3592a8110eca
f125bede9adba98877d5898242fbf16eec919446b6f566b9cddd9cfdd0c96c5f