urlscan.io logo urlscan.io
SecurityTrails logo

escapadre-film.ch Open in urlscan Pro
185.178.193.141  Public Scan

Go To Rescan Add Verdict Report
URL: https://escapadre-film.ch/
Submission: On December 07 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 24 domains to perform 59 HTTP transactions. The main IP is 185.178.193.141, located in Switzerland and belongs to HOSTTECH-AS, CH. The main domain is escapadre-film.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 24th 2023. Valid for: a year.
This is the only time escapadre-film.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    185.178.193.141 (Switzerland)

ASN207143 (HOSTTECH-AS, CH)
PTR: mx141.mail.hosttech.eu
escapadre-film.ch
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
4    172.64.140.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
video.helloeko.com
5    65.9.66.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-37.fra56.r.cloudfront.net
video.eko.com
3    216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net
fonts.googleapis.com
3    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net
fonts.gstatic.com
1    13.32.121.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-125.fra60.r.cloudfront.net
ekoapi.eko.com
1    13.32.27.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-109.fra56.r.cloudfront.net
d3425luerwqydx.cloudfront.net
1    104.19.167.65 (None, )

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
1    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f8.1e100.net
www.googletagmanager.com
4    34.238.68.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-68-150.compute-1.amazonaws.com
spea.eko.com
2    157.240.0.6 (None, )

ASN- ()
connect.facebook.net
1    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.google-analytics.com
2    2.21.20.144 (None, )

ASN- ()
snap.licdn.com
1    104.16.187.89 (None, )

ASN- ()
js.hs-scripts.com
1    104.17.89.154 (None, )

ASN- ()
js.hscollectedforms.net
1    104.17.231.163 (None, )

ASN- ()
js.hsadspixel.net
1    104.18.34.229 (None, )

ASN- ()
js.hs-banner.com
1    104.17.249.168 (None, )

ASN- ()
js.usemessages.com
1    18.66.112.8 (None, )

ASN- ()
d1w2zhnqcy4l8f.cloudfront.net
1    157.240.0.35 (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
13 escapadre-film.ch
escapadre-film.ch
3 MB
10 eko.com
video.eko.com — Cisco Umbrella Rank: 367006
ekoapi.eko.com — Cisco Umbrella Rank: 116388
spea.eko.com — Cisco Umbrella Rank: 101221
stage.eko.com Failed
834 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
530 KB
3 gstatic.com
fonts.gstatic.com
100 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 licdn.com
snap.licdn.com
13 KB
2 facebook.net
connect.facebook.net
91 KB
2 cloudfront.net
d3425luerwqydx.cloudfront.net
d1w2zhnqcy4l8f.cloudfront.net
55 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842
40 KB
1 facebook.com
www.facebook.com
185 B
1 usemessages.com
js.usemessages.com
24 KB
1 hs-banner.com
js.hs-banner.com
1 hsadspixel.net
js.hsadspixel.net
4 KB
1 hscollectedforms.net
js.hscollectedforms.net
forms.hscollectedforms.net Failed
25 KB
1 hs-scripts.com
js.hs-scripts.com
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
88 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2314
21 KB
1 helloeko.com
video.helloeko.com
388 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
24 KB
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 hubspot.com Failed
js.hubspot.com Failed
0 hs-analytics.net Failed
js.hs-analytics.net Failed
59 24
Domain Requested by
13 escapadre-film.ch escapadre-film.ch
5 video.eko.com escapadre-film.ch
video.eko.com
4 spea.eko.com d3425luerwqydx.cloudfront.net
4 use.fontawesome.com escapadre-film.ch
use.fontawesome.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com escapadre-film.ch
video.eko.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 connect.facebook.net escapadre-film.ch
connect.facebook.net
2 stackpath.bootstrapcdn.com escapadre-film.ch
1 www.facebook.com video.eko.com
1 d1w2zhnqcy4l8f.cloudfront.net video.eko.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com video.eko.com
1 res.cloudinary.com video.eko.com
1 d3425luerwqydx.cloudfront.net video.eko.com
1 ekoapi.eko.com video.eko.com
1 video.helloeko.com 1 redirects
1 cdnjs.cloudflare.com escapadre-film.ch
1 code.jquery.com escapadre-film.ch
0 forms.hscollectedforms.net Failed js.hscollectedforms.net
0 stage.eko.com Failed
0 px.ads.linkedin.com Failed video.eko.com
0 js.hubspot.com Failed js.hs-scripts.com
0 js.hs-analytics.net Failed js.hs-scripts.com
59 29

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
Subject Issuer Validity Valid
*.hosttech.eu
Sectigo RSA Domain Validation Secure Server CA		 2023-01-24 -
2024-01-24		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
eko.com
Amazon RSA 2048 M02		 2023-06-22 -
2024-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-06-21 -
2024-06-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eko.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-03-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-15 -
2023-12-14		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh

This page contains 3 frames:

Primary Page: https://escapadre-film.ch/
Frame ID: 1DAABC695B66C75676AD429D70A1CFF4
Requests: 25 HTTP requests in this frame

Frame: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Frame ID: E8E1206C91BA9C67F942F7B509222601
Requests: 31 HTTP requests in this frame

Frame: https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/embed.html?publisherID=WtXaz1&allowiphonehls=true&allowiphonecanvaseek=true&embedderversion=2.0.0&slug=V2ggmJ&loaderUrl=https%3A%2F%2Fvideo.eko.com%2Fresources%2Fjs%2Floaders%2F3.x%2Floader.min.gz.js&timeOrigin=1701939898168.4&embedapi=true&embedapiuid=1701939908029&autoload=false
Frame ID: 32CAC36D93583C4E8931AEA9EBF83C81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Escapadre Der Film

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

66 %
HTTPS

0 %
IPv6

24
Domains

29
Subdomains

24
IPs

3
Countries

5398 kB
Transfer

13338 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://video.helloeko.com/v/V2ggmJ/embed?publisherID=WtXaz1 HTTP 301
  • https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Request Chain 49
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1701939908008&url=https%3A%2F%2Fescapadre-film.ch%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1701939908008&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
escapadre-film.ch/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
c694c375ff9f1c850d5141a6d2061236bfd5111f8341f790795ddc4e7dc366b6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.ch/

Response headers

content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 09:04:57 GMT
etag
W/"5d22f24b-2c38"
last-modified
Mon, 08 Jul 2019 07:35:39 GMT
server
nginx
vary
Accept-Encoding
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
1078
cdn-cachedat
10/31/2023 18:59:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0a7dacf771f9716099bb75543203b2d7
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
831b9ab75ff70e69-MXP
cdn-requestpullsuccess
True
style.css
escapadre-film.ch/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://escapadre-film.ch/style.css
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
4ec6b1edd203517b5a58c91d676bbcc360ad9dcb9089c4d630b80ddf7f304330

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
content-encoding
br
last-modified
Tue, 11 Jun 2019 08:46:38 GMT
server
nginx
etag
W/"5cff6a6e-12aa"
vary
Accept-Encoding
content-type
text/css
fixed.css
escapadre-film.ch/css/ 		1 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://escapadre-film.ch/css/fixed.css
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
adae640b9342103f05eac5d5b87459733f3a68624ebe661d6722b14b40aca29b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2019 14:31:03 GMT
server
nginx
etag
W/"5cf923a7-543"
vary
Accept-Encoding
content-type
text/css
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uS47tAvqJ6tb4aeFBj1K9g%2BceYTnR55TbT0IxGyaNlYnLbZsV03TlPU%2FJdFdrLCXcmjp4iVjr2xEXdQgYmJxjmPCWfsjZQH8wcSUdzhVt6%2F8xGdRDeiqw6kTo%2BHphmpXmEwIjiIH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
831b9ab58fe0905b-FRA
alt-svc
h3=":443"; ma=86400
matthias.jpg
escapadre-film.ch/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/matthias.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
6c30ef0794f5cd5182db7fdcf7445137783f64b36c329bda5c168b3f185d74b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:14 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fa-d86c"
content-length
55404
content-type
image/jpeg
ben.jpg
escapadre-film.ch/img/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/ben.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
6c9c4829779d923a0c2c435d237e198d457a72fb37a858908b4dd90052bce636

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:14 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fa-1cf76"
content-length
118646
content-type
image/jpeg
selina.jpg
escapadre-film.ch/img/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/selina.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
c9482d303ab4f5517d3b55b0735cffe5b3efaf60c54f66763784eaf1fff77036

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:15 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fb-21cee"
content-length
138478
content-type
image/jpeg
franziska.jpg
escapadre-film.ch/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/franziska.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
239946972796f6e0cedf67d0cd51ccc5b7571f3ebff929fbdc05004d7228a66e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:14 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fa-689d"
content-length
26781
content-type
image/jpeg
maria.jpg
escapadre-film.ch/img/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/maria.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
ad64ce3fac522a03d36424572e5c2499f57f1b82aeb3c874f4aec37c95eca20e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:14 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fa-f3d4"
content-length
62420
content-type
image/jpeg
vale.jpg
escapadre-film.ch/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/vale.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
ab3a9b16e80af9c10cbf77d60a9b9e0f3fe8663384411052a4b08c0bcb12e356

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:15 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fb-14cf6"
content-length
85238
content-type
image/jpeg
alex.jpg
escapadre-film.ch/img/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/alex.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
e511a5d87a4fcb4e199e9cf626cede7078af1bf817649383d88a0050a26bac73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:10 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944f6-1d334"
content-length
119604
content-type
image/jpeg
ladina.jpg
escapadre-film.ch/img/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/ladina.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
d347640145ef4c8da16cb4c922e2092b69b2404d4cace02c7ea076a659fca8cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:14 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fa-116ec"
content-length
71404
content-type
image/jpeg
nadja.jpg
escapadre-film.ch/img/ 		598 KB
599 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/nadja.jpg
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
7bce4e5467d06e37cef16d8e64b33057488439cb07a0c08d4925db3382cfe0e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:58 GMT
last-modified
Thu, 06 Jun 2019 16:53:15 GMT
server
nginx
accept-ranges
bytes
etag
"5cf944fb-957bc"
content-length
612284
content-type
image/jpeg
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7137695
x-cache
HIT, HIT
content-length
24038
x-served-by
cache-lga21982-LGA, cache-ams21066-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701939900.989092,VS0,VE0
etag
W/"28feccc0-1111d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5553, 103024
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
610863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6646
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMwy8yCJP3DWBqxmycC%2B6L31EKz6i9jN4%2FqMOF0ZMQiN5JdEhNN5JVqoYY8Nq8KGFsYAskJ8WDVTP9GxzRi85J%2FNiMzUvhyVtPSH3XbYkFkyGL39tQOhu6G4YZyg0MX0g23hI0Ps"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
831b9ab84f79bb29-MXP
expires
Tue, 26 Nov 2024 09:05:00 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
1079
cdn-cachedat
08/21/2023 18:50:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4022c332c6719665b9dca2df8a2637d4
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
831b9ab75ff90e69-MXP
cdn-requestpullsuccess
True
all.js
use.fontawesome.com/releases/v5.5.0/js/ 		1 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/js/all.js
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:04:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2007319
etag
W/"02dc00e986773a2294d5ce33ef02e442"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RquvKy%2Bqe78pSXv%2B%2B9LB1S3ZebN%2Bj1OrGYwXyiqmHkGet6z%2FWb6tAUBXnphAxv4385zI0uTiPgRzgbTsbUK1Qw14U%2FYoPo%2By6UF2KX7NNuRLxjNSNcr7u65EtrV7e2mdFuKNaOpp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31556926
cf-ray
831b9ab6b9dc0bed-AMS
alt-svc
h3=":443"; ma=86400
embed
video.eko.com/v/V2ggmJ/ Frame E8E1
Redirect Chain
  • https://video.helloeko.com/v/V2ggmJ/embed?publisherID=WtXaz1
  • https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
43 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
380bcdfd13ce82feefe075df20412be145b7dea9404eae2c637fd477f2e44f81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://escapadre-film.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.ch/

Response headers

cache-control
max-age=60, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 09:05:01 GMT
etag
"9f3500b5e71d2a70007db2387a6ae9f6-gzip"
strict-transport-security
max-age=15768000
vary
accept-encoding
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-id
EKDhwvG9xjtViHNbmni_IIOSr_vFKt605DKfWr8LpF4T34ChuHrYsw==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
application/json
date
Thu, 07 Dec 2023 09:04:59 GMT
location
//video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
x-amz-apigw-id
PkKdUEhcoAMET_w=
x-amz-cf-id
4tHCjrBKSzG8n5HZm3A70ps1rhLqZpoHraa1fXEqJs951_1tgXv-Ug==
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
9dc16489-f9c7-4a01-a57c-b45b5a26c5db
x-amzn-trace-id
Root=1-65718abb-5dd7dcdb183e51826c947746;Sampled=0;lineage=59ba2e58:0
x-cache
Miss from cloudfront
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&display=swap
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f10.1e100.net
Software
ESF /
Resource Hash
96707832de5ebdb44bce971713e8be40cbdbc48ca26ae5c62402a8aebf5ef5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 09:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 08:48:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 09:05:00 GMT
css
fonts.googleapis.com/ 		431 B
403 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Special+Elite&display=swap
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f10.1e100.net
Software
ESF /
Resource Hash
83b00e4058d2bec6e8ea4cf02d74ef321b3acb4a5bb086981454eff3daa9f91f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 09:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 09:05:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 09:05:00 GMT
header.png
escapadre-film.ch/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escapadre-film.ch/img/header.png
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS
mx141.mail.hosttech.eu
Software
nginx /
Resource Hash
b1cbd60bd5e43ee3c41f9471e830c35d25a0c4dfb94637bc38c514b453294e24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:01 GMT
last-modified
Thu, 06 Jun 2019 15:28:57 GMT
server
nginx
accept-ranges
bytes
etag
"5cf93139-2320e0"
content-length
2302176
content-type
image/png
XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
fonts.gstatic.com/s/specialelite/v18/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/specialelite/v18/XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Special+Elite&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:57:54 GMT
x-content-type-options
nosniff
age
587229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53296
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:00:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 13:57:54 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:01 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64b3e814a66c2719b15abf8f7998bd73"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQOfobZKRPQq1sOo9WQ4uqiF0KaC6CLUVByNEmCmorr4RYlTUoomMimBeL2Ii590FmBNJeDH1kPXqr85Uoj9MQGbOwMzBCg5FVSl43hg%2Fs2cOPUSj7YQgHO%2Bp2sKi05a00govl4Q"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
831b9abdef2e905b-FRA
alt-svc
h3=":443"; ma=86400
content-length
74328
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:38 GMT
x-content-type-options
nosniff
age
299785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14964
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Dec 2024 21:48:38 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

Referer
https://www.google.ch/
Origin
https://escapadre-film.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:01 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9f4ce3dc689981a1b87faab0f5484f9e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51FTQeBSnkeix766em%2FcbR2kDXtAiAlRoJ2M6AJxPYb0PkYBT0whrxR5DZJQDEXcycYmBNYW7ibhbrw3Jo7ciiDdxSdB3F4Fh8LJ%2FX9AEGEO0bfC7V91psJtdJWt47hRwuYUjVp8"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
831b9abdef31905b-FRA
alt-svc
h3=":443"; ma=86400
content-length
74656
layout.css
video.eko.com/resources/js/ Frame E8E1 		115 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.eko.com/resources/js/layout.css
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
ac39dbbc6fea51af024f551d25e59d6e0dde308ebcddc3255e34e0eb2d65b622
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 05:53:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
11468
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 02 Apr 2023 11:44:26 GMT
etag
"36dfc9a8b75266a27697ab755602499c0dfd9358-gzip"
x-download-options
noopen
vary
origin,accept-encoding
content-type
text/css; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=60, must-revalidate
accept-ranges
bytes
x-amz-cf-id
H3l5n5ZVxoMDlJe43TNcex-kmIbFJ__ZP2xVceyl-7TpEDz06cOL8w==
player-env
ekoapi.eko.com/scripts/ Frame E8E1 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekoapi.eko.com/scripts/player-env
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-125.fra60.r.cloudfront.net
Software
/
Resource Hash
5e94c930320d8f3a753355dee09821dc9ceb06c70ecffbcbb9165a95109434c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:04 GMT
content-encoding
gzip
control-allow-headers
newrelic
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
origin,accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
x-amz-cf-id
xyolnqG38we4hdLPug0s8cnkojJG6f2hIom91uwaAcWZn9EuVYelmA==
EkoAnalytics.min.gz.js
d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/ Frame E8E1 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41a9c1ee46cb7d8f0ea867083081981239155fb489dfc72d92819bfaf122827f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
aO0MhZ.az_l_LBeRvq_6kSIVYo9gNLdZ
content-encoding
gzip
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
date
Thu, 07 Dec 2023 08:10:51 GMT
x-amz-cf-pop
FRA56-C2
age
3284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24383
last-modified
Sun, 26 Nov 2023 17:27:09 GMT
server
AmazonS3
etag
"10a1d00d8f31a907cf1f24ca9d3968da"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
-dc4EChxQeWH-d7gG3y1a6AkHLUAQC9HDrFqP41XrQS0NST7Qsq7wg==
projectPage.css
video.eko.com/resources/js/ Frame E8E1 		141 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.eko.com/resources/js/projectPage.css
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
8adbb96f9df2e816bd1616b8081b4b192688b3693ab4303b83dc5b6d4606db40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 05:53:55 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
11468
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 02 Apr 2023 11:44:26 GMT
etag
"a3b3f2f8b930f3ea0a65029c43499c6f91dc6b42-gzip"
x-download-options
noopen
vary
origin,accept-encoding
content-type
text/css; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=60, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ohIgxJ-9rs4IOAnJEoZ2qt2dWrTKRdmADzgdavmEJNsY_iKfoNrCEQ==
bcbfe256ad0c2563fa90ebc2f143329b.jpg
res.cloudinary.com/dlkxfitke/image/upload/w_1920,f_auto,q_auto/fl_lossy/remote_efu/upload/ Frame E8E1 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dlkxfitke/image/upload/w_1920,f_auto,q_auto/fl_lossy/remote_efu/upload/bcbfe256ad0c2563fa90ebc2f143329b.jpg
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.167.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a51e9855e2be02c13649280e38f715f57d1a20cc0490509521d384b08edf98a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:05 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="bcbfe256ad0c2563fa90ebc2f143329b.webp"
server-timing
cld-cloudflare;dur=224;start=2023-12-07T09:05:04.772Z;desc=miss,rtt;dur=362;cloudinary;dur=97;start=2023-12-07T09:05:04.847Z
content-length
20586
last-modified
Tue, 17 Dec 2019 10:41:45 GMT
server
cloudflare
etag
"30396795816c0ff62d705f6dc0ca609c"
vary
Accept,User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
831b9ad4cb5bbad0-MXP
timing-allow-origin
*
projectEmbed.min.js
video.eko.com/resources/js/ Frame E8E1 		3 MB
666 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.eko.com/resources/js/projectEmbed.min.js
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
e364873210587eac297c8ec3f5173c3a7f1c3ed8a8075e924ff63b17672256ad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:57:03 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
22080
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 02 Apr 2023 11:44:26 GMT
etag
"19364e61b870d50f26e2cf87bfa3ceabfd2885ec-gzip"
x-download-options
noopen
vary
origin,accept-encoding
content-type
application/javascript; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=60, must-revalidate
accept-ranges
bytes
x-amz-cf-id
7kCzWFirSyAlQbZjVBHAaSx38-Ws90fh0VNdEaZMZ3_Rwx5L7y4C1w==
eko.min.js
video.eko.com/resources/js/ Frame E8E1 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://video.eko.com/resources/js/eko.min.js
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-37.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 02:57:03 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
22083
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 02 Apr 2023 11:44:26 GMT
etag
"0ae856d56b09ffeec489b3c2c0e2eb2b1caf93ca-gzip"
x-download-options
noopen
vary
origin,accept-encoding
content-type
application/javascript; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=60, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Gl3a5zeL9YPlqBd3EM9KqVeDuRyjueIsxZTRPXub3yJ2pQRACNvgCA==
gtm.js
www.googletagmanager.com/ Frame E8E1 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f76e3fa2e487b2d5a50c682b29f584df70447ffedcef0d82ba88363de0cbff78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90084
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 09:05:06 GMT
css
fonts.googleapis.com/ Frame E8E1 		7 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700
Requested by
Host: video.eko.com
URL: https://video.eko.com/resources/js/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f10.1e100.net
Software
ESF /
Resource Hash
bb8cd39f5152bc131c823290b863adaa981d536a2cba55631f0aee266f084a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 09:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 07:55:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 09:05:04 GMT
tatabbue
spea.eko.com/com.ziggy/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spea.eko.com/com.ziggy/tatabbue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.68.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-68-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.eko.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://video.eko.com
access-control-max-age
600
content-length
0
date
Thu, 07 Dec 2023 09:05:06 GMT
server
nginx
tatabbue
spea.eko.com/com.ziggy/ Frame E8E1 		2 B
330 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://spea.eko.com/com.ziggy/tatabbue
Requested by
Host: d3425luerwqydx.cloudfront.net
URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.68.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-68-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.google.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://video.eko.com
date
Thu, 07 Dec 2023 09:05:07 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
fbevents.js
connect.facebook.net/en_US/ Frame E8E1 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 09:05:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
TEuOzkVGvRFOkIft2tYC2Tt2jAD7mCrjgNDgVWBRNJfcR4NRDwQE0j6T/e2dk0nFl5s7uVXL2v068VRV4j5gEg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame E8E1 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 07:22:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6154
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Dec 2023 09:22:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame E8E1 		1 KB
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.144 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Dec 2023 13:47:16 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=77619
accept-ranges
bytes
content-length
596
21788053.js
js.hs-scripts.com/ Frame E8E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21788053.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.187.89 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5d54599f177cb76b19777d8efac3a37ea69750a5dac95b7ece1b6abb29d4f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3a68942f-523f-4fb4-bec2-fa8966e42925
x-envoy-upstream-service-time
16
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3a68942f-523f-4fb4-bec2-fa8966e42925
last-modified
Wed, 06 Dec 2023 18:31:51 GMT
server
cloudflare
x-trace
2B1DA7A1E027DE4F3DA1CF1D5E2D660AFE22104590000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.google.ch
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6ffdd984b9-pwmqs
cf-ray
831b9ae6ceb5bac9-MXP
expires
Thu, 07 Dec 2023 09:06:07 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame E8E1 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.144 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Dec 2023 13:47:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=77521
accept-ranges
bytes
content-length
12150
948032275246615
connect.facebook.net/signals/config/ Frame E8E1 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/948032275246615?v=2.9.138&r=stable&domain=escapadre-film.ch
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1632dd3fb828777103d83a72b46d03e1b42c0e2daf18bdc890cfcb63affadc4e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 09:05:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
tpnVj3cG8A52eNqo5+4H3C+/YgO2Ab/ESlOepx5m+4kpyPBfs5PxeEhcBgXweQIghQIdBEv4JOA39+DafBNzlw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collectedforms.js
js.hscollectedforms.net/ Frame E8E1 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.89.154 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.google.ch/
Origin
https://video.eko.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:09 GMT
x-amz-version-id
qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via
1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
61e63403-d07e-4e4b-969c-f65aa4c9ec03
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=831b9af2ba114c3c-MXP
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
61e63403-d07e-4e4b-969c-f65aa4c9ec03
last-modified
Mon, 04 Dec 2023 12:10:50 UTC
server
cloudflare
etag
W/"109b7665e389a0b17fbf732bf7a02089"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-b78fbd96d-pf5qh
cf-ray
831b9af2ba114c3c-MXP
x-amz-cf-id
qARuQvTDcBNIc4lxsS70C_YdZpdGLreJB-xYhK9nVW5PKiJVwixicg==
x-hs-target-asset
collected-forms-embed-js/static-1.444/bundles/project.js
fb.js
js.hsadspixel.net/ Frame E8E1 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.231.163 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:09 GMT
x-amz-version-id
XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
461
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=831b8fae899e4c5c-MXP
x-cache
Hit from cloudfront
x-hubspot-correlation-id
4bb39064-daab-4f0e-9de4-c6638dd473b6
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4bb39064-daab-4f0e-9de4-c6638dd473b6
last-modified
Mon, 04 Dec 2023 14:19:28 UTC
server
cloudflare
etag
W/"ed930579444c6c7c0292363361667508"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-b78fbd96d-zp5qw
cf-ray
831b9af2bfd90f6e-MXP
x-amz-cf-id
1m_Duyk-AtVwD7a-drVtLMtoAtkLZkWqsyZ7tScmuEqCTIm4Pgf_xA==
x-hs-target-asset
adsscriptloaderstatic/static-1.501/bundles/pixels-release.js
banner.js
js.hs-banner.com/v2/21788053/ Frame E8E1 		36 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21788053/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.229 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:09 GMT
x-amz-version-id
b0Lw6T8Uh.MjsD8xnltMVxARB7DEZADi
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
C7RK7RJVDPY35V60
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
5a433fb0-129c-4410-8708-4b8d6a79e48e
x-envoy-upstream-service-time
29
x-amz-id-2
+km0X7eR5c542YLKp8Q2ga816Kb8JG+fo028w8ZCvSHmjdyZkrQ5Gdsx7cfaps/7UH07kRCb12g=
x-evy-trace-listener
listener_https
x-request-id
5a433fb0-129c-4410-8708-4b8d6a79e48e
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 22 Nov 2023 10:11:13 GMT
server
cloudflare
etag
W/"b3050c81d5f8e083445208de70ba916a"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://video.eko.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-s9pg8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
831b9af2c9c624be-ZRH
expires
Thu, 07 Dec 2023 09:10:09 GMT
conversations-embed.js
js.usemessages.com/ Frame E8E1 		83 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.249.168 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
94f2705cc44b9c6436a39f4a519b08bcce6becb51d1d25b23577cf8fff13324c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:05:09 GMT
x-amz-version-id
eS7NREcbFlELB3qb5EOAt1JwqsCTC.XA
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
37
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14871/bundles/project.js&cfRay=831b9a0a2e7dbb25-MXP
x-cache
Hit from cloudfront
x-hubspot-correlation-id
93380e6f-6e91-42aa-b74f-5f2a026e4258
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
93380e6f-6e91-42aa-b74f-5f2a026e4258
last-modified
Tue, 05 Dec 2023 16:18:40 UTC
server
cloudflare
etag
W/"c713f3c62a97a31e7d4329cbb845e8e8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-b78fbd96d-5qxdk
cf-ray
831b9af2ba124c3c-MXP
x-amz-cf-id
58FHQPCeanCOLwP10Elg01E5SOE-HMJpvrc8oX3iesoLqrV_LmaQDA==
x-hs-target-asset
conversations-embed/static-1.14871/bundles/project.js
21788053.js
js.hs-analytics.net/analytics/1701939900000/ Frame E8E1 		0
0
web-interactives-embed.js
js.hubspot.com/ Frame E8E1 		0
0
e20aadd0-ea41-4058-9ffa-c051eb5e6c1c
https://video.eko.com/ Frame E8E1 		1 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://video.eko.com/e20aadd0-ea41-4058-9ffa-c051eb5e6c1c
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
1
Content-Type
text/javascript
collect
px.ads.linkedin.com/ Frame E8E1
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1701939908008&url=https%3A%2F%2Fescapadre-film.ch%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1701939908008&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true
0
0
tatabbue
spea.eko.com/com.ziggy/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spea.eko.com/com.ziggy/tatabbue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.68.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-68-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.eko.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://video.eko.com
access-control-max-age
600
content-length
0
date
Thu, 07 Dec 2023 09:05:08 GMT
server
nginx
with-half-lines.json
video.eko.com/resources/animations/ Frame E8E1 		0
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame E8E1 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.ch/
Origin
https://video.eko.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:18:49 GMT
x-content-type-options
nosniff
age
438379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 07:18:49 GMT
30E833_2_0.woff2
d1w2zhnqcy4l8f.cloudfront.net/content/helloeko/fonts/Stolzl/ Frame E8E1 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1w2zhnqcy4l8f.cloudfront.net/content/helloeko/fonts/Stolzl/30E833_2_0.woff2
Requested by
Host: video.eko.com
URL: https://video.eko.com/resources/js/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.8 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
110e47f94362b21610e4ad0773100a22d95470e53d6f49cfc4bb565a84687a5e

Request headers

Referer
https://www.google.ch/
Origin
https://video.eko.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 11:44:03 GMT
x-amz-version-id
Tn_RkhZgpqaQ2bO_DaqGVhO51cy1Z2l.
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6384066
x-cache
Hit from cloudfront
content-length
30685
last-modified
Wed, 09 Jan 2019 13:53:06 GMT
server
AmazonS3
etag
"a040460dac0d6923b7f8ea448d7a861e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JFEcb7p3W-E5v6_puHripEQV1D6lcwVefcuGnHSBZh5Z68d6TF25hw==
tatabbue
spea.eko.com/com.ziggy/ Frame E8E1 		2 B
330 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://spea.eko.com/com.ziggy/tatabbue
Requested by
Host: d3425luerwqydx.cloudfront.net
URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.68.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-68-150.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.google.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://video.eko.com
date
Thu, 07 Dec 2023 09:05:08 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
embed.html
stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/ Frame 32CA 		0
0
/
www.facebook.com/tr/ Frame E8E1 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=948032275246615&ev=PageView&dl=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&rl=https%3A%2F%2Fescapadre-film.ch%2F&if=true&ts=1701939908188&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&cs_est=true&ler=other&it=1701939907860&coo=false&rqm=GET
Requested by
Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Dec 2023 09:05:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
json
forms.hscollectedforms.net/collected-forms/v1/config/ Frame E8E1 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hs-analytics.net
URL
https://js.hs-analytics.net/analytics/1701939900000/21788053.js
Domain
js.hubspot.com
URL
https://js.hubspot.com/web-interactives-embed.js
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1701939908008&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true
Domain
video.eko.com
URL
https://video.eko.com/resources/animations/with-half-lines.json
Domain
stage.eko.com
URL
https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/embed.html?publisherID=WtXaz1&allowiphonehls=true&allowiphonecanvaseek=true&embedderversion=2.0.0&slug=V2ggmJ&loaderUrl=https%3A%2F%2Fvideo.eko.com%2Fresources%2Fjs%2Floaders%2F3.x%2Floader.min.gz.js&timeOrigin=1701939898168.4&embedapi=true&embedapiuid=1701939908029&autoload=false
Domain
forms.hscollectedforms.net
URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21788053&utk=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

2 Cookies

Domain/Path Name / Value
.eko.com/ Name: _sp_ses.3d9b
Value: *
.eko.com/ Name: _sp_id.3d9b
Value: 53945835-9a29-400e-942a-aa5cbae30463.1701939906.1.1701939908..5c40b77e-3f9d-49c5-9283-8637a95ec5be..f41f75a5-c6c5-4242-831d-eaf0935a8349.1701939905965.2

1 Console Messages

Source Level URL
Text
other warning URL: webpack:///./sites/helloeko.com/lib/client-side/embedder/interludeEmbedder.js?(Line 147)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d1w2zhnqcy4l8f.cloudfront.net
d3425luerwqydx.cloudfront.net
ekoapi.eko.com
escapadre-film.ch
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
px.ads.linkedin.com
res.cloudinary.com
snap.licdn.com
spea.eko.com
stackpath.bootstrapcdn.com
stage.eko.com
use.fontawesome.com
video.eko.com
video.helloeko.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hubspot.com
px.ads.linkedin.com
stage.eko.com
video.eko.com
104.16.187.89
104.17.231.163
104.17.24.14
104.17.249.168
104.17.89.154
104.18.10.207
104.18.34.229
104.19.167.65
13.32.121.125
13.32.27.109
143.204.98.69
151.101.130.137
157.240.0.35
157.240.0.6
172.217.18.99
172.217.23.110
172.64.140.13
18.66.112.8
185.178.193.141
2.21.20.144
216.58.206.40
216.58.212.138
34.238.68.150
65.9.66.37
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
110e47f94362b21610e4ad0773100a22d95470e53d6f49cfc4bb565a84687a5e
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
1632dd3fb828777103d83a72b46d03e1b42c0e2daf18bdc890cfcb63affadc4e
16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17
239946972796f6e0cedf67d0cd51ccc5b7571f3ebff929fbdc05004d7228a66e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
380bcdfd13ce82feefe075df20412be145b7dea9404eae2c637fd477f2e44f81
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
41a9c1ee46cb7d8f0ea867083081981239155fb489dfc72d92819bfaf122827f
4ec6b1edd203517b5a58c91d676bbcc360ad9dcb9089c4d630b80ddf7f304330
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5a51e9855e2be02c13649280e38f715f57d1a20cc0490509521d384b08edf98a
5e94c930320d8f3a753355dee09821dc9ceb06c70ecffbcbb9165a95109434c4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6c30ef0794f5cd5182db7fdcf7445137783f64b36c329bda5c168b3f185d74b5
6c9c4829779d923a0c2c435d237e198d457a72fb37a858908b4dd90052bce636
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
7bce4e5467d06e37cef16d8e64b33057488439cb07a0c08d4925db3382cfe0e8
83b00e4058d2bec6e8ea4cf02d74ef321b3acb4a5bb086981454eff3daa9f91f
8adbb96f9df2e816bd1616b8081b4b192688b3693ab4303b83dc5b6d4606db40
8b5d54599f177cb76b19777d8efac3a37ea69750a5dac95b7ece1b6abb29d4f1
94f2705cc44b9c6436a39f4a519b08bcce6becb51d1d25b23577cf8fff13324c
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
96707832de5ebdb44bce971713e8be40cbdbc48ca26ae5c62402a8aebf5ef5ce
ab3a9b16e80af9c10cbf77d60a9b9e0f3fe8663384411052a4b08c0bcb12e356
ac39dbbc6fea51af024f551d25e59d6e0dde308ebcddc3255e34e0eb2d65b622
ad64ce3fac522a03d36424572e5c2499f57f1b82aeb3c874f4aec37c95eca20e
adae640b9342103f05eac5d5b87459733f3a68624ebe661d6722b14b40aca29b
b1cbd60bd5e43ee3c41f9471e830c35d25a0c4dfb94637bc38c514b453294e24
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb8cd39f5152bc131c823290b863adaa981d536a2cba55631f0aee266f084a0a
c694c375ff9f1c850d5141a6d2061236bfd5111f8341f790795ddc4e7dc366b6
c9482d303ab4f5517d3b55b0735cffe5b3efaf60c54f66763784eaf1fff77036
d347640145ef4c8da16cb4c922e2092b69b2404d4cace02c7ea076a659fca8cd
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf
e364873210587eac297c8ec3f5173c3a7f1c3ed8a8075e924ff63b17672256ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e511a5d87a4fcb4e199e9cf626cede7078af1bf817649383d88a0050a26bac73
f76e3fa2e487b2d5a50c682b29f584df70447ffedcef0d82ba88363de0cbff78