escapadre-film.ch Open in urlscan Pro
185.178.193.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://escapadre-film.ch/
Submission: On October 09 via api (October 9th 2023, 3:34:03 am UTC) from CH — Scanned from CH

Summary HTTP 97 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 30 domains to perform 97 HTTP transactions. The main IP is 185.178.193.141, located in Switzerland and belongs to HOSTTECH-AS, CH. The main domain is escapadre-film.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 24th 2023. Valid for: a year.

This is the only time escapadre-film.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	185.178.193.141 185.178.193.141	207143 (HOSTTECH-AS) (HOSTTECH-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.173.233.110 18.173.233.110	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:224... 2600:9000:224a:6800:19:ae7e:3e40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	2600:9000:224... 2600:9000:224a:400:15:caa1:5dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.121 18.66.248.121	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:9ab::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	18.235.251.161 18.235.251.161	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:2800:17:19ad:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.20 65.9.66.20	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:f7a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:20e... 2600:9000:20eb:b000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:6400:17:19ad:9fc0:93a1	() ()
97	36

13 185.178.193.141 (Switzerland)

ASN207143 (HOSTTECH-AS, CH)
PTR: mx141.mail.hosttech.eu

escapadre-film.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-110.dus51.r.cloudfront.net

video.helloeko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:224a:6800:19:ae7e:3e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.eko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:224a:400:15:caa1:5dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ekoapi.eko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-121.dus51.r.cloudfront.net

d3425luerwqydx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9ab::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.235.251.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-251-161.compute-1.amazonaws.com

spea.eko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:2800:17:19ad:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1w2zhnqcy4l8f.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-20.fra56.r.cloudfront.net

stage.eko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5a9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:b000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6400:17:19ad:9fc0:93a1 (None, )

ASN- ()

storage.eko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	eko.com video.eko.com ekoapi.eko.com — Cisco Umbrella Rank: 311050 spea.eko.com — Cisco Umbrella Rank: 274257 stage.eko.com — Cisco Umbrella Rank: 500128 storage.eko.com	2 MB
13	escapadre-film.ch escapadre-film.ch	3 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 www.linkedin.com — Cisco Umbrella Rank: 708 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	5 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 7018 api.hubspot.com — Cisco Umbrella Rank: 5258 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6556 track.hubspot.com — Cisco Umbrella Rank: 2658	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	311 KB
4	cloudfront.net d3425luerwqydx.cloudfront.net d1w2zhnqcy4l8f.cloudfront.net	210 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	530 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	123 KB
3	gstatic.com fonts.gstatic.com	100 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	239 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230	790 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5355 forms.hscollectedforms.net — Cisco Umbrella Rank: 5470	26 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	9 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3030	40 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 24974	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	2 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 7501	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3870	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2519	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3531	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5287	22 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2742	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2866	21 KB
1	helloeko.com 1 redirects video.helloeko.com	388 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	24 KB
97	30

	Domain	Requested by
13	escapadre-film.ch	escapadre-film.ch
10	video.eko.com	escapadre-film.ch video.eko.com stage.eko.com ekoapi.eko.com
7	ekoapi.eko.com	video.eko.com ekoapi.eko.com
7	fonts.googleapis.com	escapadre-film.ch video.eko.com client
4	spea.eko.com	d3425luerwqydx.cloudfront.net
4	www.googletagmanager.com	video.eko.com js.hsadspixel.net www.googletagmanager.com ekoapi.eko.com
4	use.fontawesome.com	escapadre-film.ch use.fontawesome.com
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	escapadre-film.ch connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	video.eko.com
2	api.hubspot.com	js.usemessages.com
2	cdn.linkedin.oribi.io	snap.licdn.com
2	stage.eko.com	video.eko.com
2	d1w2zhnqcy4l8f.cloudfront.net	video.eko.com ekoapi.eko.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	d3425luerwqydx.cloudfront.net	video.eko.com
2	stackpath.bootstrapcdn.com	escapadre-film.ch
1	storage.eko.com
1	track.hubspot.com	escapadre-film.ch
1	www.google.ch	video.eko.com
1	www.google.com	video.eko.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	perf-na1.hsforms.com	video.eko.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	px4.ads.linkedin.com	video.eko.com
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	res.cloudinary.com	video.eko.com
1	video.helloeko.com	1 redirects
1	cdnjs.cloudflare.com	escapadre-film.ch
1	code.jquery.com	escapadre-film.ch
97	41

This site contains links to these domains. Also see Links.

Domain
www.instagram.com

Subject Issuer	Validity	Valid
*.hosttech.eu Sectigo RSA Domain Validation Secure Server CA	`2023-01-24` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
eko.com Amazon RSA 2048 M02	`2023-06-22` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.eko.com Amazon RSA 2048 M02	`2023-02-21` - `2024-03-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://escapadre-film.ch/
Frame ID: B7765EF3CBF89D11519DC9AFA85D57E7
Requests: 25 HTTP requests in this frame

Frame: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Frame ID: 226A73BDE736691687B707D9255265B9
Requests: 45 HTTP requests in this frame

Frame: https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/embed.html?publisherID=WtXaz1&allowiphonehls=true&allowiphonecanvaseek=true&embedderversion=2.0.0&slug=V2ggmJ&loaderUrl=https%3A%2F%2Fvideo.eko.com%2Fresources%2Fjs%2Floaders%2F3.x%2Floader.min.gz.js&timeOrigin=1696822436613.7&embedapi=true&embedapiuid=1696822438599&autoload=false
Frame ID: B6CEE4B1EAAC5CB8526390E857EA4420
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Escapadre Der Film

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

80 %
HTTPS

84 %
IPv6

30
Domains

41
Subdomains

36
IPs

3
Countries

7470 kB
Transfer

18995 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/escapadre_film/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://video.helloeko.com/v/V2ggmJ/embed?publisherID=WtXaz1 HTTP 301
https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4111969%26time%3D1696822438775%26url%3Dhttps%253A%252F%252Fescapadre-film.ch%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true&e_ipv6=AQKw6XQbLLLKwQAAAYsSf61zD_QXuCErdtedrimL0erIktOMyf2RAHnZfFHwqAiflTzQihq6zg

97 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
escapadre-film.ch/ 11 KB
3 KB 132ms
31ms Document
text/html 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: c694c375ff9f1c850d5141a6d2061236bfd5111f8341f790795ddc4e7dc366b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

content-encoding: br
content-type: text/html
date: Mon, 09 Oct 2023 03:33:56 GMT
etag: W/"5d22f24b-2c38"
last-modified: Mon, 08 Jul 2019 07:35:39 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 82ms
46ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1078
cdn-cachedat: 01/04/2023 11:35:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1ff95cf8c6ba85814b6c92c4bdd7783e
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 813390a50c5424be-ZRH
cdn-requestpullsuccess: True

GET
H2 200 style.css
escapadre-film.ch/ 5 KB
1 KB 73ms
73ms Stylesheet
text/css 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://escapadre-film.ch/style.css
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: 4ec6b1edd203517b5a58c91d676bbcc360ad9dcb9089c4d630b80ddf7f304330

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2019 08:46:38 GMT
server: nginx
etag: W/"5cff6a6e-12aa"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 fixed.css
escapadre-film.ch/css/ 1 KB
538 B 32ms
31ms Stylesheet
text/css 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://escapadre-film.ch/css/fixed.css
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: adae640b9342103f05eac5d5b87459733f3a68624ebe661d6722b14b40aca29b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: br
last-modified: Thu, 06 Jun 2019 14:31:03 GMT
server: nginx
etag: W/"5cf923a7-543"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
12 KB 506ms
414ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JZFTQFJHMXBPAZV5
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NCzEIklAcLjW+3DA9Ab+BSBkpzU/u/IVqUh2QMJMLDUbRSUoT3l34trdaP9ggmBQW7JuxH5ELtA=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: W/"77cbad34e5ce95e70847b074e05faeab"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BrfDcFcA0Oz9BtzmuR1Bt%2BAOfZ4i3YuIqaZr1S8dPckL25m4EIgsvhshJAfB85%2BKzQLYDXegRK3Ner5m0XjhqauWaPRpPLBAPt0xtPzWCSVpFM5ErWMWR8faXmKXtPie22k73og3Mop0IQW7FePCaWN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 813390a5785e9a17-FRA

GET
H2 200 matthias.jpg
escapadre-film.ch/img/ 54 KB
54 KB 71ms
68ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/matthias.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: 6c30ef0794f5cd5182db7fdcf7445137783f64b36c329bda5c168b3f185d74b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:14 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fa-d86c"
content-length: 55404
content-type: image/jpeg

GET
H2 200 ben.jpg
escapadre-film.ch/img/ 116 KB
116 KB 72ms
70ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/ben.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: 6c9c4829779d923a0c2c435d237e198d457a72fb37a858908b4dd90052bce636

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:14 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fa-1cf76"
content-length: 118646
content-type: image/jpeg

GET
H2 200 selina.jpg
escapadre-film.ch/img/ 135 KB
135 KB 72ms
70ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/selina.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: c9482d303ab4f5517d3b55b0735cffe5b3efaf60c54f66763784eaf1fff77036

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:15 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fb-21cee"
content-length: 138478
content-type: image/jpeg

GET
H2 200 franziska.jpg
escapadre-film.ch/img/ 26 KB
26 KB 71ms
69ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/franziska.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: 239946972796f6e0cedf67d0cd51ccc5b7571f3ebff929fbdc05004d7228a66e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:14 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fa-689d"
content-length: 26781
content-type: image/jpeg

GET
H2 200 maria.jpg
escapadre-film.ch/img/ 61 KB
61 KB 71ms
69ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/maria.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: ad64ce3fac522a03d36424572e5c2499f57f1b82aeb3c874f4aec37c95eca20e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:14 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fa-f3d4"
content-length: 62420
content-type: image/jpeg

GET
H2 200 vale.jpg
escapadre-film.ch/img/ 83 KB
83 KB 71ms
69ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/vale.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: ab3a9b16e80af9c10cbf77d60a9b9e0f3fe8663384411052a4b08c0bcb12e356

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:15 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fb-14cf6"
content-length: 85238
content-type: image/jpeg

GET
H2 200 alex.jpg
escapadre-film.ch/img/ 117 KB
117 KB 52ms
50ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/alex.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: e511a5d87a4fcb4e199e9cf626cede7078af1bf817649383d88a0050a26bac73

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:10 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944f6-1d334"
content-length: 119604
content-type: image/jpeg

GET
H2 200 ladina.jpg
escapadre-film.ch/img/ 70 KB
70 KB 72ms
70ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/ladina.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: d347640145ef4c8da16cb4c922e2092b69b2404d4cace02c7ea076a659fca8cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:14 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fa-116ec"
content-length: 71404
content-type: image/jpeg

GET
H2 200 nadja.jpg
escapadre-film.ch/img/ 598 KB
599 KB 72ms
70ms Image
image/jpeg 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/nadja.jpg
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: 7bce4e5467d06e37cef16d8e64b33057488439cb07a0c08d4925db3382cfe0e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
last-modified: Thu, 06 Jun 2019 16:53:15 GMT
server: nginx
accept-ranges: bytes
etag: "5cf944fb-957bc"
content-length: 612284
content-type: image/jpeg

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 84ms
24ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2021837
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230020-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696822437.680315,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 132518

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 57ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 434215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i9PVSRxTV2K5wUrwHDjCiH%2BGlU30V36rZhExQxDv4h3m1Hkp6pXVtWa6fxNBRT6LeqkzwfcuUHF3%2FC30htyjAiiQTR7DfN%2FmXnIs2jG957FjlQh6%2FZLw%2Bgg8XQ9tuXgDGXXcNYLwcns2guFnvKciFmL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 813390a51b2823c7-ZRH
expires: Sat, 28 Sep 2024 03:33:56 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 82ms
49ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1079
cdn-cachedat: 08/21/2023 18:50:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 62eff0228f86fed86c91591e9fb623d7
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 813390a50c5724be-ZRH
cdn-requestpullsuccess: True

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.5.0/js/ 1 MB
371 KB 145ms
54ms Script
application/javascript 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/js/all.js
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 953ETXZXNQKT3X0N
age: 765738
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NFf1MmoNalWlMfxthT0FGuhcIMLTb9H2kvC00qlrnWqTVpZns8w4kuzi8cQX+nkcMSnX/RAZ4lE=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"02dc00e986773a2294d5ce33ef02e442"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43mNspsjtdPcnRl2bkI7ZQKO%2BMGMc1fLSeSVQJfugh7JmpOevOrKApifPZOIfWsuiUpPy%2BNRSdOF3A5xMg9kT6GqV97g9kgkfC2s1IAjCzC0zA7lkIkwxydd0cJI9iWEKf0eyD0CczYzLay%2FjDVsAJSW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 813390a5782a5b26-FRA

GET
H2

200

embed Show response
video.eko.com/v/V2ggmJ/ Frame 226A
Redirect Chain

https://video.helloeko.com/v/V2ggmJ/embed?publisherID=WtXaz1
https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

43 KB
10 KB

737ms
618ms

Document
text/html

2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

380bcdfd13ce82feefe075df20412be145b7dea9404eae2c637fd477f2e44f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://escapadre-film.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

cache-control: max-age=60, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 03:33:57 GMT
etag: "9f3500b5e71d2a70007db2387a6ae9f6-gzip"
strict-transport-security: max-age=15768000
vary: accept-encoding
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-cf-id: 0Ng6bcsiclcavMZehY4nk861Y_HaXfDSXjZzMpEuiQdA8dP6iQX4jQ==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/json
date: Mon, 09 Oct 2023 03:33:56 GMT
location: //video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
via: 1.1 7270c380adcd801a51b624e5f77df782.cloudfront.net (CloudFront)
x-amz-apigw-id: Mg8p0Ge0oAMF5WA=
x-amz-cf-id: wWLnHTeAORSjustkAoA4fdTfloW16gkNbAtnVSGxCzuvTF7APOe7dw==
x-amz-cf-pop: DUS51-P3
x-amzn-requestid: 6c3d5f57-f460-4cbd-bf8c-509cf3f45a51
x-amzn-trace-id: Root=1-652374a4-082efd303a06d8a10de9511c;Sampled=0;lineage=59ba2e58:0
x-cache: Miss from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 3 KB
697 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&display=swap

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96707832de5ebdb44bce971713e8be40cbdbc48ca26ae5c62402a8aebf5ef5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:22:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:33:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 431 B
739 B 81ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Special+Elite&display=swap

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b00e4058d2bec6e8ea4cf02d74ef321b3acb4a5bb086981454eff3daa9f91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:33:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:33:56 GMT

GET
H2 200 header.png
escapadre-film.ch/img/ 2 MB
2 MB 30ms
30ms Image
image/png 185.178.193.141
HOSTTECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://escapadre-film.ch/img/header.png
Requested by: Host: escapadre-film.ch
URL: https://escapadre-film.ch/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.178.193.141 , Switzerland, ASN207143 (HOSTTECH-AS, CH),
Reverse DNS: mx141.mail.hosttech.eu
Software: nginx /
Resource Hash: b1cbd60bd5e43ee3c41f9471e830c35d25a0c4dfb94637bc38c514b453294e24

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:57 GMT
last-modified: Thu, 06 Jun 2019 15:28:57 GMT
server: nginx
accept-ranges: bytes
etag: "5cf93139-2320e0"
content-length: 2302176
content-type: image/png

GET
H2 200 XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2
fonts.gstatic.com/s/specialelite/v18/ 52 KB
53 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/specialelite/v18/XLYgIZbkc4JPUL5CVArUVL0ntnAOSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Special+Elite&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:01:02 GMT
x-content-type-options: nosniff
age: 163975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53296
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:00:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 06:01:02 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
73 KB 403ms
402ms Font
font/woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CC66K8RY3JWBD7G6
alt-svc: h3=":443"; ma=86400
content-length: 74328
x-amz-id-2: Jyy+oi+dKooAceYo16t6kvv//PSXJCSi3AHkE4VNs7ONDHqRVCTSk79/ut7qPBDneQlgLGYgz/c=
last-modified: Wed, 30 Jun 2021 15:47:21 GMT
server: cloudflare
etag: "64b3e814a66c2719b15abf8f7998bd73"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8%2Fh4LKz76yTDATrqfmf43DSnbb%2FTyBIv%2F3EA9983lipjtf9OD28wEkhpv3TRXrStnqg7Dq8FB5ZBgYzp5qifWP%2F%2FOOf6idXAOSR7bj0zoaU7kqWyF2mPrPCuuadBcgBmp5PfAOweBVg78Xxkhis2nhi"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 813390a849dd9a17-FRA

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 108ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 11:32:59 GMT
x-content-type-options: nosniff
age: 144058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 11:32:59 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
73 KB 441ms
441ms Font
font/woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

Referer: https://www.google.com/
Origin: https://escapadre-film.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CC62YX6DMY1PS1CQ
alt-svc: h3=":443"; ma=86400
content-length: 74656
x-amz-id-2: MCyxotEDsyUYrlmjnWBF/lVo67TjxlgCgZbnFG69l7zhdtKwyEK/phyt9BbG5Z5UuDP9dOuQQnw=
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
server: cloudflare
etag: "9f4ce3dc689981a1b87faab0f5484f9e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlmzS7LoNVMU1EOZoildQN5P4K0LVGndjhSAtq5o0kIPA61wvZxI2DpjP%2FPsgXUqEhpjIR9vYP0ND%2BncmyVMzQr6XMYos1liEyXzbgDsDPEaLWArS%2BvMzI33mv%2B5Gv481jcnFxgbJe72624v2plO6V29"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 813390a849de9a17-FRA

GET
H2 200 layout.css
video.eko.com/resources/js/ Frame 226A 115 KB
62 KB 63ms
63ms Stylesheet
text/css 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/js/layout.css

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ac39dbbc6fea51af024f551d25e59d6e0dde308ebcddc3255e34e0eb2d65b622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 06:11:29 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 76947
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:44:26 GMT
etag: "36dfc9a8b75266a27697ab755602499c0dfd9358-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 96ujRQM-URp4X6PrC5o5JbtHKfOG_eqyRuDDOQM45JcqAcET68Q7rg==

GET
H2 200 player-env Show response
ekoapi.eko.com/scripts/ Frame 226A 93 KB
31 KB 521ms
423ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/player-env
Requested by: Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5e94c930320d8f3a753355dee09821dc9ceb06c70ecffbcbb9165a95109434c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
content-encoding: gzip
control-allow-headers: newrelic
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
vary: origin,accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-amz-cf-id: tpacSUbwgaemEhOmOJaLpk-GxyIuJ5_fnrbTURGNxuOnw1IhN7EEFQ==

GET
H2 200 EkoAnalytics.min.gz.js Show response
d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/ Frame 226A 220 KB
65 KB 108ms
38ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Requested by: Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de7148c747cf4d4739ca9dc1f351f313f6afe1cca26c4a09cd40ec525b877e5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: DXssjHdrdR0GA.FjfXvC4qEmEtRl7lKg
content-encoding: gzip
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 03:33:57 GMT
x-amz-cf-pop: DUS51-P1
age: 639
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65647
last-modified: Thu, 20 Jul 2023 05:54:14 GMT
server: AmazonS3
etag: "8dae6b96e4fbd87dfbe451e9547b0623"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: HbPBZ57yCM_mlJX-dJ3ENb9QQkKQnlvt2nEG7VPRU0TWVUpgoZVIEw==

GET
H2 200 projectPage.css
video.eko.com/resources/js/ Frame 226A 141 KB
66 KB 250ms
250ms Stylesheet
text/css 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/js/projectPage.css

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8adbb96f9df2e816bd1616b8081b4b192688b3693ab4303b83dc5b6d4606db40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:57 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:44:26 GMT
etag: "a3b3f2f8b930f3ea0a65029c43499c6f91dc6b42-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: n5WA9fNx8QFpN2jbRLP_t3dMd2HLOlUziB5X4L6nxRrqpVLOZTC85g==

GET
H2 200 bcbfe256ad0c2563fa90ebc2f143329b.jpg
res.cloudinary.com/dlkxfitke/image/upload/w_1920,f_auto,q_auto/fl_lossy/remote_efu/upload/ Frame 226A 20 KB
21 KB 531ms
389ms Image
image/webp 2a02:26f0:480:9ab::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dlkxfitke/image/upload/w_1920,f_auto,q_auto/fl_lossy/remote_efu/upload/bcbfe256ad0c2563fa90ebc2f143329b.jpg

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:9ab::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

5a51e9855e2be02c13649280e38f715f57d1a20cc0490509521d384b08edf98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="bcbfe256ad0c2563fa90ebc2f143329b.webp"
server-timing: cld-akam;dur=356;cpu=18;start=2023-10-09T03:33:58.504Z;desc=miss,rtt;dur=31,cloudinary;dur=56;start=2023-10-09T03:33:58.756Z
content-length: 20586
last-modified: Tue, 17 Dec 2019 10:41:45 GMT
server: Cloudinary
etag: "30396795816c0ff62d705f6dc0ca609c"
vary: Accept,User-Agent,Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 projectEmbed.min.js Show response
video.eko.com/resources/js/ Frame 226A 3 MB
666 KB 51ms
51ms Script
application/javascript 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/js/projectEmbed.min.js

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e364873210587eac297c8ec3f5173c3a7f1c3ed8a8075e924ff63b17672256ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:31:30 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 82948
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:44:26 GMT
etag: "19364e61b870d50f26e2cf87bfa3ceabfd2885ec-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: mKysMvL1QXwIjoz1dm_Vr5FmCNY5zVcO5r6AgZucs2Nz3DcJUWclgg==

GET
H2 200 eko.min.js Show response
video.eko.com/resources/js/ Frame 226A 4 MB
746 KB 50ms
50ms Script
application/javascript 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/js/eko.min.js

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f26d1c0b833c3a69e44f35dfea47b48e7932384b99eacba38800c438dd6d300e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:29:03 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 3895
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:44:26 GMT
etag: "0ae856d56b09ffeec489b3c2c0e2eb2b1caf93ca-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: aDcPrC2nvxArFF1IqnaUv_ne3bKX103UDPyoRxcyAfMATL0QaH3hBg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 226A 249 KB
88 KB 88ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7139195968d441c8de9975e5b636e6b290b95aab133e232de45ec36df5a5bf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89563
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 03:33:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 226A 7 KB
730 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700

Requested by

Host: video.eko.com
URL: https://video.eko.com/resources/js/layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb8cd39f5152bc131c823290b863adaa981d536a2cba55631f0aee266f084a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 02:26:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:33:57 GMT

OPTIONS
H2 200 tatabbue
spea.eko.com/com.ziggy/ Frame 0
0 399ms
122ms Preflight 18.235.251.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spea.eko.com/com.ziggy/tatabbue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.251.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-251-161.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://video.eko.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://video.eko.com
access-control-max-age: 600
content-length: 0
date: Mon, 09 Oct 2023 03:33:58 GMT
server: nginx

POST
H2 200 tatabbue
spea.eko.com/com.ziggy/ Frame 226A 2 B
331 B 361ms
121ms Ping
text/plain 18.235.251.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spea.eko.com/com.ziggy/tatabbue
Requested by: Host: d3425luerwqydx.cloudfront.net
URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.251.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-251-161.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://video.eko.com
date: Mon, 09 Oct 2023 03:33:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
BLOB 200
OK 274d6f46-f60d-4955-8c6e-85c063267eb2
https://video.eko.com/ Frame 226A 1 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://video.eko.com/274d6f46-f60d-4955-8c6e-85c063267eb2
Requested by: Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 1
Content-Type: text/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 226A 198 KB
53 KB 83ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 03:33:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: o2pYP0S0OC+PB2hmivqf5YMht5tu7c0TDHQQIWQ9YQdnXg4f4hAkH4b8iCBRY0yCvjd/ZXDFpijWRWtGdAdRRA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 226A 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 01:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 09 Oct 2023 03:49:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 226A 12 KB
4 KB 140ms
41ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=71014
accept-ranges: bytes
content-length: 3822

GET
H2 200 21788053.js Show response
js.hs-scripts.com/ Frame 226A 3 KB
1 KB 185ms
148ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21788053.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2261129b98750692dddb4a2d2683da52a3c86a5cab27ec56460477113f4b42d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f613cd58-a6c6-44f7-ad33-0f52e43f159f
x-envoy-upstream-service-time: 24
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f613cd58-a6c6-44f7-ad33-0f52e43f159f
last-modified: Mon, 09 Oct 2023 03:33:58 GMT
server: cloudflare
x-trace: 2B7D94FE17BC55A34DF9E95F4F2EDB88084F22BF8D000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.google.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-vzn6l
cf-ray: 813390b16b3b01f4-ZRH
expires: Mon, 09 Oct 2023 03:34:58 GMT

OPTIONS
H2 200 tatabbue
spea.eko.com/com.ziggy/ Frame 0
0 177ms
121ms Preflight 18.235.251.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spea.eko.com/com.ziggy/tatabbue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.251.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-251-161.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://video.eko.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://video.eko.com
access-control-max-age: 600
content-length: 0
date: Mon, 09 Oct 2023 03:33:58 GMT
server: nginx

GET
H2 200 with-half-lines.json Show response
video.eko.com/resources/animations/ Frame 226A 178 KB
48 KB 52ms
52ms XHR
application/json 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/animations/with-half-lines.json

Requested by

Host:
URL: webpack:///./node_modules/bodymovin/build/player/bodymovin.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c6f1e848e8b7ff8bd6e06ac1665b912c55be160f30d03e32f7508c551d4d7dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 04:31:31 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 82947
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:43:47 GMT
etag: "ee5f8e771382c0b69a7d496aea37100e5b49fe0d-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: icHajsFzM2Yl2T3H16yZXE7copGIfOap3BLH1iFpGF4epp7WZdIzSw==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 226A 32 KB
32 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://video.eko.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 292493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:19:05 GMT

GET
H2 200 30E833_2_0.woff2
d1w2zhnqcy4l8f.cloudfront.net/content/helloeko/fonts/Stolzl/ Frame 226A 30 KB
31 KB 96ms
31ms Font
application/octet-stream 2600:9000:223f:2800:17:19ad:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1w2zhnqcy4l8f.cloudfront.net/content/helloeko/fonts/Stolzl/30E833_2_0.woff2
Requested by: Host: video.eko.com
URL: https://video.eko.com/resources/js/layout.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:17:19ad:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110e47f94362b21610e4ad0773100a22d95470e53d6f49cfc4bb565a84687a5e

Request headers

Referer: https://www.google.com/
Origin: https://video.eko.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:02 GMT
x-amz-version-id: Tn_RkhZgpqaQ2bO_DaqGVhO51cy1Z2l.
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26871357
x-cache: Hit from cloudfront
content-length: 30685
last-modified: Wed, 09 Jan 2019 13:53:06 GMT
server: AmazonS3
etag: "a040460dac0d6923b7f8ea448d7a861e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lpm6mGXOh4GBv1Xao70A_646TZ8MR077ptqjs2QktxLSqb4y0Nvfpg==

POST
H2 200 tatabbue
spea.eko.com/com.ziggy/ Frame 226A 2 B
330 B 363ms
121ms Ping
text/plain 18.235.251.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spea.eko.com/com.ziggy/tatabbue
Requested by: Host: d3425luerwqydx.cloudfront.net
URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.251.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-251-161.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://video.eko.com
date: Mon, 09 Oct 2023 03:33:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 embed.html Show response
stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/ Frame B6CE 3 KB
3 KB 277ms
195ms Document
text/html 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/embed.html?publisherID=WtXaz1&allowiphonehls=true&allowiphonecanvaseek=true&embedderversion=2.0.0&slug=V2ggmJ&loaderUrl=https%3A%2F%2Fvideo.eko.com%2Fresources%2Fjs%2Floaders%2F3.x%2Floader.min.gz.js&timeOrigin=1696822436613.7&embedapi=true&embedapiuid=1696822438599&autoload=false
Requested by: Host:
URL: webpack:///./sites/helloeko.com/lib/client-side/embedder/interludeEmbedder.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 297965d3ec5cdc9db0592f669a1a73504d0a88939dfbf144ff85941741f9c043

Request headers

Referer: https://video.eko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

content-length: 3113
content-type: text/html
date: Mon, 09 Oct 2023 03:33:59 GMT
etag: "bd5fea5ed484cdd49398e90876cb3250"
last-modified: Sun, 07 Jul 2019 15:20:21 GMT
server: AmazonS3
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-id: vtm0pXVXdzFElGi8iOlyeGCzqdsP3WMRtRv2Ces5JKgBGsk-lSbmYQ==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: ZqpKchg_d8k_7xHpzY1.G6NDEi9FHZUE
x-cache: Miss from cloudfront

GET
H2 200 948032275246615 Show response
connect.facebook.net/signals/config/ Frame 226A 136 KB
36 KB 114ms
114ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/948032275246615?v=2.9.132&r=stable&domain=escapadre-film.ch

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee300890f0c2e55ec321fc82486b76fbadc3be55e7cbc2330b0a50f95e812218

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 03:33:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: HzVZwJL+MfPrTViz3RiYbEDaVeQOUy+cO73ygWanOY68T01V5Lc5t93zgUd61mXKk4KzEAV+GCa8JW/ZjEdmEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 226A 13 KB
5 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17098
accept-ranges: bytes
content-length: 4862

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame 226A 76 KB
22 KB 60ms
22ms Script
application/javascript 2606:4700::6811:f7a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375fab8cd866ba618630e49036f0373b7693dbff589140c489017185d4092fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: ox9i7AJUcGNeHtamA4MecCiw7bDVoEmE
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 458
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14347/bundles/project.js&cfRay=8133857f3cae23f7-ZRH
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 6a666685-439c-4012-98c8-3a84f93f2fc5
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6a666685-439c-4012-98c8-3a84f93f2fc5
last-modified: Thu, 05 Oct 2023 02:05:19 UTC
server: cloudflare
etag: W/"c45075af7860f89c815bfe1becd1495f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-27cn8
cf-ray: 813390b29883233d-ZRH
x-amz-cf-id: Dg0m8uzAJbyOWbCQSil_LB8PF5P4sVefwFTm7olWyLAdq7Kf2sICPA==
x-hs-target-asset: conversations-embed/static-1.14347/bundles/project.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ Frame 226A 69 KB
25 KB 155ms
111ms Script
application/javascript 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
Origin: https://video.eko.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: 99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1f194243-86a4-48a7-beda-29b54c8abe02
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=813390b29a7f24c6-ZRH
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1f194243-86a4-48a7-beda-29b54c8abe02
last-modified: Fri, 22 Sep 2023 08:42:59 UTC
server: cloudflare
etag: W/"526bb173ed1384afadfc2b0eb6b0846e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hjsqm
cf-ray: 813390b29a7f24c6-ZRH
x-amz-cf-id: 6AC8nvyVSw9AwSHVSR-UiwPIe3YzFk4iLQIu4zHErc6LFEHTUDu5IA==
x-hs-target-asset: collected-forms-embed-js/static-1.425/bundles/project.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ Frame 226A 75 KB
23 KB 191ms
140ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb73112c646c0cfca5313dce411270cee90340454a51c3ee1218834774ddd5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
Origin: https://video.eko.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.579/bundles/project.js&cfRay=813390b2add824c2-ZRH
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"61cf09f2840246c03b083d2b2aaedbaf"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.579/bundles/project.js
date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: ZH1lXdEo36sSD12T68pVuRktbLMj6Y_H
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 61d360f3-9316-4330-88d9-b9851df42201
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-request-id: 61d360f3-9316-4330-88d9-b9851df42201
last-modified: Wed, 04 Oct 2023 10:21:17 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlKMq0L9e9h9kKM10EX%2B4g9r9QQhp9qTn623%2B24FDim%2FWBMEiHWJeF52XlB8tJlBiegWmJq1seX2rRySoC1nZa28H9sY4CILcbIqbimSH8htnFX9LpPqMYfM6CuA9PJxmNYfDO65Zvs0I1UU"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
cf-ray: 813390b2add824c2-ZRH
x-amz-cf-id: m9SCJhe9jDItSxvq9i48fJdKK8E3TR6xY4E3OHJx65nZVsOAr_dmhg==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21788053/ Frame 226A 65 KB
20 KB 161ms
125ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21788053/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5780c07b226e005f419702cdf122790d3c62234fa5e0c2281f48cdc4e126487d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: LeZVjzew8aSDbfo4YZsLBWhLNsUtXAQ6
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: FZZ5PS54R6VS2QKR
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5b797548-f879-42e0-a9fe-e971572a21c5
x-envoy-upstream-service-time: 36
x-amz-id-2: Rx1eOyeOSVpodX6zmMWq4P3BSLB/uI+tb7fwRteuG+MeUaVCMRx5Wx2hrEFVS0xuKvGZdYsmg20=
x-evy-trace-listener: listener_https
x-request-id: 5b797548-f879-42e0-a9fe-e971572a21c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 26 Sep 2023 22:02:23 GMT
server: cloudflare
etag: W/"88b5541aa6f322c947feffda8357a750"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://video.eko.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 813390b29ea40204-ZRH
expires: Mon, 09 Oct 2023 03:38:58 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 226A 6 KB
4 KB 65ms
28ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: MiORZOji2P27E5f3usS102mv5dcg0lYn
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 10
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=8133906f3afa24be-ZRH
x-cache: Hit from cloudfront
x-hubspot-correlation-id: ee810694-9870-43db-b276-c29b63aa2acc
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ee810694-9870-43db-b276-c29b63aa2acc
last-modified: Tue, 19 Sep 2023 08:21:28 UTC
server: cloudflare
etag: W/"1bce211846e6a6691aa314979e0a21fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-sgzbx
cf-ray: 813390b29c0324c0-ZRH
x-amz-cf-id: a4ZFXZtoraQ2qNOR8edDfm_aLacEHEb0JPoKPdBoAxgPmpJvUMpW3w==
x-hs-target-asset: adsscriptloaderstatic/static-1.485/bundles/pixels-release.js

GET
H2 200 21788053.js Show response
js.hs-analytics.net/analytics/1696822200000/ Frame 226A 66 KB
21 KB 204ms
164ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1696822200000/21788053.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21788053.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa0bc690463d7391b903e9fcfc13b6a8a96564e232808e524fd496c49960e63

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q2DPBV0QS32NNMH4
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dc932134-d481-44ec-a56a-d92e02d88802
x-envoy-upstream-service-time: 34
x-amz-id-2: Lgltoh/ENP8c7TqElxYXeckEYhIUSS8fioeYsXDDKNuB0ZNFk7CwooH/H3H8Zv7LbIPFQPNrcZ58y1uWcLNY6g==
x-evy-trace-listener: listener_https
x-request-id: dc932134-d481-44ec-a56a-d92e02d88802
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 15 Sep 2023 18:40:07 GMT
server: cloudflare
etag: W/"701e71176c9299a28c7a475fb8e41f9f"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-844fh
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 813390b299e901df-ZRH
expires: Mon, 09 Oct 2023 03:38:58 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4111969/domain/video.eko.com/ Frame 226A 36 B
395 B 112ms
27ms XHR
application/json 2600:9000:20eb:b000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4111969/domain/video.eko.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:b000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 09:57:08 GMT
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 581810
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: A8zHV2b9fOle5nkFcDfW-kxocSRac0N4_7Fxrfji4tyQTrBXOFWcYg==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 226A
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4111969%26time%3D1696822438775%26url%3Dhttps%253A%252F%252Fescapadre-film.ch%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true&e_ipv6=AQKw6XQbLLLKwQAAAYsSf61zD_QXuCErdtedrimL0er...

0
482 B

194ms
120ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true&e_ipv6=AQKw6XQbLLLKwQAAAYsSf61zD_QXuCErdtedrimL0erIktOMyf2RAHnZfFHwqAiflTzQihq6zg
Requested by: Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 29E89A6B5A2745428F05793750DAC042 Ref B: ZRHEDGE1712 Ref C: 2023-10-09T03:33:59Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHQELAZ7pt+6WvkxUhNA==

Redirect headers

date: Mon, 09 Oct 2023 03:33:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4F0BDC2065E440D583AD182D467A2D92 Ref B: ZRHEDGE0916 Ref C: 2023-10-09T03:33:59Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4111969&time=1696822438775&url=https%3A%2F%2Fescapadre-film.ch%2F&cookiesTest=true&liSync=true&e_ipv6=AQKw6XQbLLLKwQAAAYsSf61zD_QXuCErdtedrimL0erIktOMyf2RAHnZfFHwqAiflTzQihq6zg
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHQEK9b0XvvYvBMqYKHA==

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 135ms
134ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21788053&conversations-embed=static-1.14347&mobile=false&messagesUtk=8afb600f33964fce90de93c6df80c886&traceId=8afb600f33964fce90de93c6df80c886&referrer=https%3A%2F%2Fescapadre-film.ch%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://video.eko.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://video.eko.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 813390b2de1924c2-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 09 Oct 2023 03:33:58 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78tDiJHC2dFJnEgf0xLupZUAmU%2B0F7HYKEqEurIwSc84a1moP%2BD0yuNxHR5x1FjfpeSZ2O9RxPdBJgwwpPVgv0%2BcwLwu7pQMxLKyMgukZXblcXyQbIGuKTnpceyPXWWPKz4bGPursWhkcYtyog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wp4hz
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 53a78a76-0424-42da-9518-ff2fca817375
x-request-id: 53a78a76-0424-42da-9518-ff2fca817375
x-trace: 2B6D3283A4268846946AB02C1BD89157E012053FF6000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ Frame 226A 290 B
968 B 162ms
162ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42448cc1018ca7ebe4444336c6e0524cd05eeef9d46701f6a32622c01b7c1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
X-HubSpot-Messages-Uri: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cc083bdc-22a8-41f8-927d-814bb7067fee
x-envoy-upstream-service-time: 15
content-length: 236
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cc083bdc-22a8-41f8-927d-814bb7067fee
server: cloudflare
x-trace: 2B6A924148B049F0E0C35849B1FB88C2CD590C4987000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://video.eko.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-ztn57
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db6Y9Noig1NmIZJDL%2BAWU23Uv0GJ0cpdN5kq8q%2F7qMy%2FcQXpfCLRkFjKq2fXdCvLbY1L1ooDdbLtHm%2BR9Blz6MVVG2XoyDrhnI32ce89IRgmbYvUJ0JOJkeojgVcxpQXufdBcPh83GYHiVY3CA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 813390b3af7824c2-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 /
www.facebook.com/tr/ Frame 226A 0
185 B 87ms
27ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=948032275246615&ev=PageView&dl=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&rl=https%3A%2F%2Fescapadre-film.ch%2F&if=true&ts=1696822438866&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&cs_est=true&ler=other&it=1696822438727&coo=false&exp=a1&rqm=GET

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 03:33:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 loader.min.gz.js Show response
video.eko.com/resources/js/loaders/3.x/ Frame B6CE 187 KB
59 KB 53ms
53ms Script
application/javascript 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/resources/js/loaders/3.x/loader.min.gz.js

Requested by

Host: stage.eko.com
URL: https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/embed.html?publisherID=WtXaz1&allowiphonehls=true&allowiphonecanvaseek=true&embedderversion=2.0.0&slug=V2ggmJ&loaderUrl=https%3A%2F%2Fvideo.eko.com%2Fresources%2Fjs%2Floaders%2F3.x%2Floader.min.gz.js&timeOrigin=1696822436613.7&embedapi=true&embedapiuid=1696822438599&autoload=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3a37e1d5cf39b66035cdfec607473feb9b645f6a8eb591e9204c00a2e3800754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 78467
x-cache: Hit from cloudfront
content-length: 60196
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Apr 2023 11:43:46 GMT
etag: "080b05e2ad13ba094b37b78e22a2085a8bc15938-gzip"
x-download-options: noopen
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: FQy3Gt7w-hXf2emrNMqadVkJfMqCLPMEW5vQF8T5M5dNrPe38W8h1w==

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ Frame 226A 253 B
1 KB 182ms
148ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21788053

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08acb04b6d9343b03f663b143a1667a9ecf836cf04d05a4f7f43436139e080d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8a221a98-fc57-4622-8dae-47a5121aa622
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8a221a98-fc57-4622-8dae-47a5121aa622
server: cloudflare
x-trace: 2B3D37999B20CB7C4EC790E110FA56629695427843000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://video.eko.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-rmgdk
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FH%2BnHjmZGeRe7z6oJkHxopnZNGP%2FOX0SmXTv553F8VJM72IqJXXq1HzVfdURyEqSQmt8RSKe5zy%2Ff3sTOj%2FpIKypcMXbgUoCDbOO%2BXVCHqQbL7fRUJ2XCzqb9dvFOZ6LlZb9jRXZtSW%2Fplbu"}],"group":"cf-nel","max_age":604800}
cf-ray: 813390b3ded201f8-ZRH
access-control-allow-headers: *

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ Frame 226A 207 B
1 KB 158ms
141ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=21788053&currentUrl=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&referrer=https%3A%2F%2Fescapadre-film.ch%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 76b22dca-8b5e-43bd-91b4-010678458187
content-encoding: br
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 76b22dca-8b5e-43bd-91b4-010678458187
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://video.eko.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F60KYgk71XodDA4llR2FiHwWkW2bs5FVDSNvwA8paV6zuHayjCRYA4fCjgjZzpWjupdbFAtSnV6TPLH0vAKTjl8IH642a0cKaDqah4b9zYlCTkyqtAfTYRqRFhmYOxBz6EKd%2F8Rzw%2FmSe6EURSafYlrfAmp%2BDZb1WYA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 813390b3efd824c2-ZRH
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-48whc

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ Frame 226A 116 B
452 B 137ms
128ms XHR
application/json 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21788053&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

688d44538e03f0d3eed690405050875a58edd34423fcee9806a81de3f282f964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: adef1aeb-17db-4b26-8c03-2ab5c71aea34
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: adef1aeb-17db-4b26-8c03-2ab5c71aea34
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://video.eko.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 813390b3dc1b24c6-ZRH

GET
H2 200 EkoAnalytics.min.gz.js Show response
d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/ Frame B6CE 220 KB
65 KB 33ms
32ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3425luerwqydx.cloudfront.net/ekoanalytics/master/latest/EkoAnalytics.min.gz.js
Requested by: Host: video.eko.com
URL: https://video.eko.com/resources/js/loaders/3.x/loader.min.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de7148c747cf4d4739ca9dc1f351f313f6afe1cca26c4a09cd40ec525b877e5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: DXssjHdrdR0GA.FjfXvC4qEmEtRl7lKg
content-encoding: gzip
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 03:33:57 GMT
x-amz-cf-pop: DUS51-P1
age: 641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65647
last-modified: Thu, 20 Jul 2023 05:54:14 GMT
server: AmazonS3
etag: "8dae6b96e4fbd87dfbe451e9547b0623"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: C_XhCy9uuLgBuJQu4u-A_H4t5riGxxVqEKyQoZVJww_j22ZJe8Ursg==

GET
H2 200 bundle Show response
ekoapi.eko.com/scripts/ Frame B6CE 3 MB
678 KB 700ms
700ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Requested by: Host: video.eko.com
URL: https://video.eko.com/resources/js/loaders/3.x/loader.min.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: df5100105c2e6b829e1c36ee247f4b5ff62786e88792c9511a77f45b474b4d72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: gzip
control-allow-headers: newrelic
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
vary: origin,accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-amz-cf-id: gLZ1fqtMHvsSuriq3xB8a6n50F9qHyLYLUzAVRPpq5rF9OxAEfP48g==

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ Frame 226A 35 B
1 KB 186ms
135ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 03:33:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: e5bdfa47-4ed2-416b-99fd-f46e8c3507bc
x-envoy-upstream-service-time: 6
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e5bdfa47-4ed2-416b-99fd-f46e8c3507bc
Last-Modified: Mon, 09 Oct 2023 03:33:59 GMT
Server: cloudflare
X-Trace: 2B62895B98040F77598617CB70180FA04DA425F205000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-rwf2n
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 813390b51bb801e3-ZRH

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 226A 227 KB
79 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-933735970

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a9293a74b928f3975d83fb15da182a31350633efd7b8407390ae7077a9f1596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80731
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 03:33:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 226A 227 KB
79 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-933735970&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2SZHZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3a5671a4fbc76ec604bcdb9a9d134a88cf68afdef8c7c0e5ab1c9ae035076d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80632
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 03:33:59 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4111969/domain/video.eko.com/ Frame 226A 36 B
395 B 28ms
28ms XHR
application/json 2600:9000:20eb:b000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4111969/domain/video.eko.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:b000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 09:57:08 GMT
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 581811
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: do0aEEdzjQjN6mVd9g6TLW8Da5f5_pUXowTOaOCP6DMyGDnxk1K11w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/933735970/ Frame 226A 3 KB
2 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933735970/?random=1696822439239&cv=11&fst=1696822439239&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&ref=https%3A%2F%2Fescapadre-film.ch%2F&hn=www.googleadservices.com&frm=2&tiba=eko%20-%20ESCAPADRE%20-%20Der%20Film&did=dZTQ1Zm&gdid=dZTQ1Zm&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-933735970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5ee267bb6c16f5e00eeac00fcedfdf7dd1d9a52f43e4808cdde495fa467562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 03:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/933735970/ Frame 226A 42 B
455 B 85ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933735970/?random=1696822439239&cv=11&fst=1696820400000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&ref=https%3A%2F%2Fescapadre-film.ch%2F&frm=2&tiba=eko%20-%20ESCAPADRE%20-%20Der%20Film&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1142988656&rmt_tld=0&ipr=y

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 03:33:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/933735970/ Frame 226A 42 B
455 B 84ms
33ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/933735970/?random=1696822439239&cv=11&fst=1696820400000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&ref=https%3A%2F%2Fescapadre-film.ch%2F&frm=2&tiba=eko%20-%20ESCAPADRE%20-%20Der%20Film&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1142988656&rmt_tld=1&ipr=y

Requested by

Host: video.eko.com
URL: https://video.eko.com/v/V2ggmJ/embed?publisherID=WtXaz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 03:33:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 450438677165689 Show response
connect.facebook.net/signals/config/ Frame 226A 131 KB
34 KB 111ms
110ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450438677165689?v=2.9.132&r=stable&domain=escapadre-film.ch

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf0c504909d41a3da03685b4b4121715725a217cc6e76eb000f225b1c962bbb6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Oct 2023 03:33:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: K5Y8iJW8PMRxPYooLq1YZGt0twd+jmWh6dRAFdVTlJ6M/h2rIIWnYFBKtL0Ad122evE7Hh1LtQnOObjV+Udk4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 226A 45 B
1 KB 196ms
146ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=21788053&rcu=https%3A%2F%2Feko.com%2Fv%2FV2ggmJ%3Fautoplay%3Dtrue&r=https%3A%2F%2Fescapadre-film.ch%2F&pu=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&t=eko+-+ESCAPADRE+-+Der+Film&cts=1696822439542&vi=009168f536f207f63b070ed925d3f869&nc=true&cc=15

Requested by

Host: escapadre-film.ch
URL: https://escapadre-film.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cdf6a5b6-42c1-4dc9-9b6a-2e4eb1173009
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cdf6a5b6-42c1-4dc9-9b6a-2e4eb1173009
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obY%2FAxek3ZKZq71J9eLd%2BabTH6FsAjY3x2nvrT%2FpRbhzYKuXQNUBIxg3PWlnuV82%2FnVYlNmsVCvUyN2hV0ziktQMlsQhNdIqrgPwiqXhxsYBiVzF2vtkOdVdhuZ5jzbGRUGnmoQptir6alU3gNdP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-76tt8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 813390b77b6e01eb-ZRH
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ Frame 226A 0
54 B 27ms
26ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450438677165689&ev=PageView&dl=https%3A%2F%2Fvideo.eko.com%2Fv%2FV2ggmJ%2Fembed%3FpublisherID%3DWtXaz1&rl=https%3A%2F%2Fescapadre-film.ch%2F&if=true&ts=1696822439684&sw=1600&sh=1200&ud[external_id]=009168f536f207f63b070ed925d3f869&v=2.9.132&r=stable&ec=0&o=30&ler=other&it=1696822438727&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Oct 2023 03:33:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame B6CE 7 KB
649 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

988bbd699c543f1fcb84032a54d5011bd328964298b1b4568d477b76f7358bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:20:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:34:00 GMT

GET
H2 200 app.min.gz.js Show response
stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/ Frame B6CE 491 KB
39 KB 209ms
209ms Script
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.eko.com/projects/us-east-1:081f6162-2649-41b4-b511-df8cb75e97e1/4fd1d8d0-85dd-11e9-8642-8b7dabce846d/archive/11/app.min.gz.js
Requested by: Host: video.eko.com
URL: https://video.eko.com/resources/js/loaders/3.x/loader.min.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5faa3dba17f7431678864f6e3e57b4586edee9d52d3c6f9ef4dc98ac5e276b4a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-version-id: cQQOxsU8wd6NxCqavPPklM1S4q_0VB8j
last-modified: Sun, 07 Jul 2019 15:20:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "3f2928ab8f1182ad3abb80dcaa1a26a1"
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 39843
x-amz-cf-id: 7N7E2ZXlRbyMbqdphvo1_E-PLdgPu1QOWhFxfLSnq5cwXhyUIZDgvQ==

OPTIONS
H2 200 V2ggmJ
video.eko.com/api/nextup/ Frame 0
0 308ms
241ms Preflight 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.eko.com/api/nextup/V2ggmJ?shouldEmbedNextUp=true&showId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://stage.eko.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods: POST
access-control-allow-origin: https://stage.eko.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
content-length: 0
date: Mon, 09 Oct 2023 03:34:01 GMT
etag: "37a6259cc0c1dae299a7866489dff0bd"
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-id: 6TUueQalN_oL1vF1ehpMKQcRtM66nMSJZe3r8dJAK17E3dl8vdkYeg==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

POST
H2 200 V2ggmJ Show response
video.eko.com/api/nextup/ Frame B6CE 436 B
921 B 749ms
749ms XHR
application/json 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/api/nextup/V2ggmJ?shouldEmbedNextUp=true&showId=

Requested by

Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

84e059a11b5ea6103466ccdda444c6a78e5cd34bddb0dbc36649a27ec7549b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Oct 2023 03:34:02 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 436
x-xss-protection: 1; mode=block
etag: "d7710a8232a2e3eb09e7df99748592e7"
x-download-options: noopen
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stage.eko.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-amz-cf-id: 5eMuk7VCboku7apeijKXWiIlzENoMlsQbruEOs1unjQbIs0zZKdDdA==

GET
H2 200 helloekoDefault Show response
video.eko.com/api/feedback/ Frame B6CE 537 B
1 KB 405ms
339ms XHR
application/json 2600:9000:224a:6800:19:ae7e:3e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://video.eko.com/api/feedback/helloekoDefault

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:19:ae7e:3e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4a19f52188dc6d332ba3ce0505d65a338fcdd1c949775f9edc114246d7aecff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 537
x-xss-protection: 1; mode=block
etag: "b691db6c9d539d5c586c0c3df5fe835f"
x-download-options: noopen
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stage.eko.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
x-amz-cf-id: vwrg3m8Xv5QXLL9QRJYAjB3i9Fq2Ws2Z9IO_ULh1hfPAb-d7hfN5Qw==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame B6CE 188 KB
65 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJC926P

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fee1d53a1f2b74892a9512fa97cce42be1b086ab07f30be0dbebef71ae65cd60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67004
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Oct 2023 03:34:01 GMT

GET
H2 200 ui_0.js Show response
ekoapi.eko.com/scripts/ui@1.0.1/dist/ Frame B6CE 14 KB
5 KB 43ms
42ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/ui@1.0.1/dist/ui_0.js
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 88236c50333ac2e271f2686dc9fd02e0f2773eb32d317a251e272cc942328285

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:31:35 GMT
content-encoding: gzip
control-allow-headers: newrelic
last-modified: Tue, 03 Oct 2023 09:26:07 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "5f2397f02e682a3e8822211b2b0c06a824e2a802-gzip"
age: 146
vary: origin,accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: 9YWKpuJVUEuLPPR3LHnuc05SHB190HBmmwZZO9HN2n6I_Ldj3c7H4Q==

GET
H2 200 ui_19.js Show response
ekoapi.eko.com/scripts/ui@1.0.1/dist/ Frame B6CE 6 KB
2 KB 322ms
321ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/ui@1.0.1/dist/ui_19.js
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 05f0264a92b4bd4c116dc4ebcdf09a776f08bad67d12c1a78d0a401bbac148b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
control-allow-headers: newrelic
last-modified: Tue, 03 Oct 2023 09:26:07 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "a3fe22b17855929d52f2a9e3714a88e5f5bf3cd5-gzip"
vary: origin,accept-encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: 0ICZ0iw3Fe09TjX-K1hGMWEShRjddVbWddoJFev1zgBxZ-pNNgMMNg==

GET
H2 200 ui_14.js Show response
ekoapi.eko.com/scripts/ui@1.0.1/dist/ Frame B6CE 8 KB
3 KB 136ms
135ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/ui@1.0.1/dist/ui_14.js
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c0af8ac59442459d76a1c59a9dcfd41b1cecfc5557a8a66e3132846afb59ceed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
control-allow-headers: newrelic
last-modified: Tue, 03 Oct 2023 09:26:07 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "fb255a70ead34d808005c0cec6eaa7ea5b174eac-gzip"
vary: origin,accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: WeWHFPj_HofUcD3o-LLbm7aQ8l3A-2reCjyPMhu-H_-eT-M8kaqz9A==

GET
H2 200 ui_25.js Show response
ekoapi.eko.com/scripts/ui@1.0.1/dist/ Frame B6CE 6 KB
2 KB 36ms
35ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/ui@1.0.1/dist/ui_25.js
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: eba4a15a550e07ecc5bf94977cce633e626773c601038e217d97e1d21e095b7c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
control-allow-headers: newrelic
last-modified: Tue, 03 Oct 2023 09:26:07 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "b8164d16f8923fda3f73606f24bd7e2286c2a3d0-gzip"
age: 18
vary: origin,accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: _y8nTVpz6PaxzlXnBjdez6Pa4U0lPt_uD00D9B9EQe6RFKp3byKgtg==

GET
H2 200 ui_5.js Show response
ekoapi.eko.com/scripts/ui@1.0.1/dist/ Frame B6CE 7 KB
3 KB 318ms
317ms Script
application/javascript 2600:9000:224a:400:15:caa1:5dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekoapi.eko.com/scripts/ui@1.0.1/dist/ui_5.js
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:15:caa1:5dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ea0ac1d59e6b191330983f77b43f254c587c792fad03cccfafcc1fd39da15fbc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
control-allow-headers: newrelic
last-modified: Tue, 03 Oct 2023 09:26:07 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: "3dd257052a718ff352b9deed6329e49adeb90858-gzip"
vary: origin,accept-encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: 9fJqaZgNWSyPpvixfmSBFcrdsKYMbdQNiAigl9BaY9gNkro6mTJMHA==

GET
DATA 200
OK truncated
/ Frame B6CE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1796db92417c0a3a6900aa232efe70e1a51a6c91f6959cbcbc00de66e6801927

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B6CE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 165e18d0f3a270de1a2640d5f96408995bfd2be9cf0b49b0b99c7f7f10dc0001

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B6CE 718 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ac427df44d43895e08802f7477e130e5bb1797184047480eeb5580ad2817fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B6CE 734 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 333f4488e87db851993c3fc2355e8efdd7a4e3062de925d31351facdea48a68a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7a824776236e88c7b2d55ace2ffdac12.mp3 Show response
d1w2zhnqcy4l8f.cloudfront.net/ Frame B6CE 50 KB
50 KB 34ms
33ms XHR
audio/mpeg 2600:9000:223f:2800:17:19ad:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1w2zhnqcy4l8f.cloudfront.net/7a824776236e88c7b2d55ace2ffdac12.mp3
Requested by: Host: ekoapi.eko.com
URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2800:17:19ad:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b1ce25df5ab3a219351aedccaaf7faa497fead9c1f6f431184151847211cb49

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 07:28:43 GMT
x-amz-meta-cache-control: max-age=315360000
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-version-id: BSH9zT5100mpTaOFQj_o9bLBws_nCv6N
x-amz-meta-expires: Tue, 22 Aug 2023 13:29:29 GMT
x-amz-cf-pop: FRA56-P5
age: 6465919
x-cache: Hit from cloudfront
content-length: 50821
last-modified: Wed, 22 Aug 2018 13:29:30 GMT
server: AmazonS3
etag: "7a824776236e88c7b2d55ace2ffdac12"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: audio/mpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: aBAgEWpc5v0ZX1y_hKsif01lorJdAYfdjUqzWJfIIjF4s0xRjrJQKQ==
expires: Tue, 22 Aug 2023 13:29:29 GMT

GET
BLOB 200
OK 6f55efe2-4396-4e8e-945f-7e4443f31bfe
https://stage.eko.com/ Frame B6CE 1 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://stage.eko.com/6f55efe2-4396-4e8e-945f-7e4443f31bfe
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 1
Content-Type: text/javascript

GET
BLOB 200
OK 42d1c59d-2730-4e28-a1b6-ba304d06e3bb
https://stage.eko.com/ Frame B6CE 241 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://stage.eko.com/42d1c59d-2730-4e28-a1b6-ba304d06e3bb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f2949b92cdf4ff07dfef3c48b57a0f23a87964d22289083ced4c63cd0f403a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 246317
Content-Type: text/javascript

GET
BLOB 200
OK 3bfe73bd-65fb-4936-a4cd-963c10abe063
https://stage.eko.com/ Frame B6CE 241 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://stage.eko.com/3bfe73bd-65fb-4936-a4cd-963c10abe063
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc01a8fd2f9dd6bad73b854b8f270b86f93312050b960294ae179140ddfb1d9d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 246317
Content-Type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame B6CE 395 B
308 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nixie+One

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90f32075690cba4d766a4685da9e87e4cd6acc8ba858106066affe3dbdd5c9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 03:34:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:34:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B6CE 1 KB
463 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4de41edd6d540328311323b4ed0b21dc34b269d909f793164e2dedf3c611edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 02:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:34:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B6CE 2 KB
604 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a9c8782f2d67ff5fa288288aad8315bd542e80614b7e16d05da1fb0bb98968d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 03:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 02:47:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 03:34:01 GMT

OPTIONS
H2 200 e8a52664baf15d2c186ec84ae7511b35.0.Audio_High.webm_vorbis.webm
storage.eko.com/efu/publish_efu/upload/e8a52664baf15d2c186ec84ae7511b35.mp4/ Frame 0
0 1422ms
406ms Preflight 2600:9000:223f:6400:17:19ad:9fc0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.eko.com/efu/publish_efu/upload/e8a52664baf15d2c186ec84ae7511b35.mp4/e8a52664baf15d2c186ec84ae7511b35.0.Audio_High.webm_vorbis.webm?x-eko-sw-cache=enabled
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:17:19ad:9fc0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-eko-sw-cache
Access-Control-Request-Method: GET
Origin: https://stage.eko.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: x-eko-sw-cache
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length
content-length: 0
date: Mon, 09 Oct 2023 03:34:03 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-id: j1f_Z4llIMxGuoREa9VHC5CBwvm0tWL5-f9TqGtIViTGtwup_tj_sA==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront

OPTIONS e8a52664baf15d2c186ec84ae7511b35.1.Audio_Low.webm_vorbis.webm
storage.eko.com/efu/publish_efu/upload/e8a52664baf15d2c186ec84ae7511b35.mp4/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storage.eko.com
URL: https://storage.eko.com/efu/publish_efu/upload/e8a52664baf15d2c186ec84ae7511b35.mp4/e8a52664baf15d2c186ec84ae7511b35.1.Audio_Low.webm_vorbis.webm?x-eko-sw-cache=enabled

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eko.com/	1970-01-20 15:20:24	Name: _sp_ses.3d9b Value: *
.linkedin.com/	1970-01-20 17:29:58	Name: li_sugr Value: 9b10f61d-dd71-417c-9ef6-090978193d29
.linkedin.com/	1970-01-21 00:05:58	Name: bcookie Value: "v=2&7657d058-4ec0-4787-82a8-2294e8985975"
.linkedin.com/	1970-01-20 15:21:48	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2760:u=1:x=1:i=1696822438:t=1696908838:v=2:sig=AQF1ZrYu8BxrLW2PFoC8a7_uuBsikOlo"
.linkedin.com/	1970-01-20 16:03:34	Name: UserMatchHistory Value: AQIY1S5PLQn-qQAAAYsSf6x76rz8Z97SVlJ5Q49Fm7ysR7nJL-a9Iq4frQY6wjn_YiaRvKg0A6D9GQ
.linkedin.com/	1970-01-20 16:03:34	Name: AnalyticsSyncHistory Value: AQLTC38CPjLKPgAAAYsSf6x7acyEuON45uIGro0hJzHnP6dSgrq2ZIgu5LmBxu8lVyvDd7l4dUq7IqD9oVGCtg
.www.linkedin.com/	1970-01-21 00:05:58	Name: bscookie Value: "v=1&202310090333594d2a5cb9-caf1-463c-8160-2277a3aa60ceAQFQaD2cKHcz4_IuM1l4skKDaDSvJ12X"
.linkedin.com/	1970-01-20 19:39:34	Name: li_gc Value: MTswOzE2OTY4MjI0Mzk7MjswMjGQSGTPDpX99zWUUx0idZh7McfIl6XgXxrbzt22exa+gw==
.doubleclick.net/	1970-01-20 15:20:23	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 15:20:24	Name: __cf_bm Value: qRqtVlZW3qeCzSbT17cqCGiXpP8alCD7yMY9CGSneA8-1696822439-0-Aasq/F2jzPhtGfBTJ4W6kkh6XlB4EFvP57iYLggf/j0nPLd1ETCYKinq8o3epNHlwIYx5iIjOaE2OIBRMlGzdiI=
.eko.com/	1970-01-21 00:56:22	Name: _sp_id.3d9b Value: 2bc4a164-d7ec-4ff1-8317-dabc66825feb.1696822438.1.1696822441.1696822438.e64f9f6b-39fe-4d5c-b3d4-3196b53fe2ac

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: webpack:///./sites/helloeko.com/lib/client-side/embedder/interludeEmbedder.js?(Line 147) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0(Line 461) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0(Line 461) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://ekoapi.eko.com/scripts/bundle?content=player,react,gsap,debug,tracker,share,end,checkpoints,storage,overlays,ekoplaybutton,urls,project,ekoshell,externalanalytics,interactions,ui,looper,state,subtitles,decision,variables,sparks,profiler,user,ekouicomponents,monetization,sendables,audio,canvas,control,eol,sentry,analytics&APIVersion=3.31.0 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cta-service-cms2.hubspot.com
d1w2zhnqcy4l8f.cloudfront.net
d3425luerwqydx.cloudfront.net
ekoapi.eko.com
escapadre-film.ch
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
res.cloudinary.com
snap.licdn.com
spea.eko.com
stackpath.bootstrapcdn.com
stage.eko.com
storage.eko.com
track.hubspot.com
use.fontawesome.com
video.eko.com
video.helloeko.com
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.linkedin.com
storage.eko.com
13.107.42.14
18.173.233.110
18.235.251.161
18.66.248.121
185.178.193.141
2600:9000:20eb:b000:2:53b2:240:93a1
2600:9000:223f:2800:17:19ad:9fc0:93a1
2600:9000:223f:6400:17:19ad:9fc0:93a1
2600:9000:224a:400:15:caa1:5dc0:93a1
2600:9000:224a:6800:19:ae7e:3e40:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:bc59
2606:4700::6811:190e
2606:4700::6811:5a9a
2606:4700::6811:cccc
2606:4700::6811:e3a3
2606:4700::6811:f7a8
2606:4700::6812:a07d
2606:4700::6812:acf
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e0::ac40:660b
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:806::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:26f0:480:9ab::523
2a02:26f0:780::210:a40a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::649
65.9.66.20
05f0264a92b4bd4c116dc4ebcdf09a776f08bad67d12c1a78d0a401bbac148b4
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
08acb04b6d9343b03f663b143a1667a9ecf836cf04d05a4f7f43436139e080d5
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
110e47f94362b21610e4ad0773100a22d95470e53d6f49cfc4bb565a84687a5e
165e18d0f3a270de1a2640d5f96408995bfd2be9cf0b49b0b99c7f7f10dc0001
16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17
1796db92417c0a3a6900aa232efe70e1a51a6c91f6959cbcbc00de66e6801927
2261129b98750692dddb4a2d2683da52a3c86a5cab27ec56460477113f4b42d0
239946972796f6e0cedf67d0cd51ccc5b7571f3ebff929fbdc05004d7228a66e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
28ac427df44d43895e08802f7477e130e5bb1797184047480eeb5580ad2817fd
297965d3ec5cdc9db0592f669a1a73504d0a88939dfbf144ff85941741f9c043
333f4488e87db851993c3fc2355e8efdd7a4e3062de925d31351facdea48a68a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375fab8cd866ba618630e49036f0373b7693dbff589140c489017185d4092fd4
380bcdfd13ce82feefe075df20412be145b7dea9404eae2c637fd477f2e44f81
3a37e1d5cf39b66035cdfec607473feb9b645f6a8eb591e9204c00a2e3800754
4a19f52188dc6d332ba3ce0505d65a338fcdd1c949775f9edc114246d7aecff1
4b1ce25df5ab3a219351aedccaaf7faa497fead9c1f6f431184151847211cb49
4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5
4ec6b1edd203517b5a58c91d676bbcc360ad9dcb9089c4d630b80ddf7f304330
5780c07b226e005f419702cdf122790d3c62234fa5e0c2281f48cdc4e126487d
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5a51e9855e2be02c13649280e38f715f57d1a20cc0490509521d384b08edf98a
5e94c930320d8f3a753355dee09821dc9ceb06c70ecffbcbb9165a95109434c4
5f2949b92cdf4ff07dfef3c48b57a0f23a87964d22289083ced4c63cd0f403a1
5faa3dba17f7431678864f6e3e57b4586edee9d52d3c6f9ef4dc98ac5e276b4a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
688d44538e03f0d3eed690405050875a58edd34423fcee9806a81de3f282f964
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6c30ef0794f5cd5182db7fdcf7445137783f64b36c329bda5c168b3f185d74b5
6c9c4829779d923a0c2c435d237e198d457a72fb37a858908b4dd90052bce636
6fa0bc690463d7391b903e9fcfc13b6a8a96564e232808e524fd496c49960e63
7139195968d441c8de9975e5b636e6b290b95aab133e232de45ec36df5a5bf73
770493d84cbb753cd0573d0f014550583138f40469d137e310d239593a1949d8
7a9293a74b928f3975d83fb15da182a31350633efd7b8407390ae7077a9f1596
7a9c8782f2d67ff5fa288288aad8315bd542e80614b7e16d05da1fb0bb98968d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bce4e5467d06e37cef16d8e64b33057488439cb07a0c08d4925db3382cfe0e8
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
83b00e4058d2bec6e8ea4cf02d74ef321b3acb4a5bb086981454eff3daa9f91f
84e059a11b5ea6103466ccdda444c6a78e5cd34bddb0dbc36649a27ec7549b65
88236c50333ac2e271f2686dc9fd02e0f2773eb32d317a251e272cc942328285
8adbb96f9df2e816bd1616b8081b4b192688b3693ab4303b83dc5b6d4606db40
90f32075690cba4d766a4685da9e87e4cd6acc8ba858106066affe3dbdd5c9ae
96707832de5ebdb44bce971713e8be40cbdbc48ca26ae5c62402a8aebf5ef5ce
988bbd699c543f1fcb84032a54d5011bd328964298b1b4568d477b76f7358bef
9f5ee267bb6c16f5e00eeac00fcedfdf7dd1d9a52f43e4808cdde495fa467562
a3a5671a4fbc76ec604bcdb9a9d134a88cf68afdef8c7c0e5ab1c9ae035076d4
ab3a9b16e80af9c10cbf77d60a9b9e0f3fe8663384411052a4b08c0bcb12e356
abb73112c646c0cfca5313dce411270cee90340454a51c3ee1218834774ddd5c
ac39dbbc6fea51af024f551d25e59d6e0dde308ebcddc3255e34e0eb2d65b622
ad64ce3fac522a03d36424572e5c2499f57f1b82aeb3c874f4aec37c95eca20e
adae640b9342103f05eac5d5b87459733f3a68624ebe661d6722b14b40aca29b
b1cbd60bd5e43ee3c41f9471e830c35d25a0c4dfb94637bc38c514b453294e24
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb8cd39f5152bc131c823290b863adaa981d536a2cba55631f0aee266f084a0a
c0af8ac59442459d76a1c59a9dcfd41b1cecfc5557a8a66e3132846afb59ceed
c42448cc1018ca7ebe4444336c6e0524cd05eeef9d46701f6a32622c01b7c1a4
c694c375ff9f1c850d5141a6d2061236bfd5111f8341f790795ddc4e7dc366b6
c6f1e848e8b7ff8bd6e06ac1665b912c55be160f30d03e32f7508c551d4d7dfd
c9482d303ab4f5517d3b55b0735cffe5b3efaf60c54f66763784eaf1fff77036
cf0c504909d41a3da03685b4b4121715725a217cc6e76eb000f225b1c962bbb6
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
d347640145ef4c8da16cb4c922e2092b69b2404d4cace02c7ea076a659fca8cd
dc01a8fd2f9dd6bad73b854b8f270b86f93312050b960294ae179140ddfb1d9d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7148c747cf4d4739ca9dc1f351f313f6afe1cca26c4a09cd40ec525b877e5b
df5100105c2e6b829e1c36ee247f4b5ff62786e88792c9511a77f45b474b4d72
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
e364873210587eac297c8ec3f5173c3a7f1c3ed8a8075e924ff63b17672256ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e511a5d87a4fcb4e199e9cf626cede7078af1bf817649383d88a0050a26bac73
ea0ac1d59e6b191330983f77b43f254c587c792fad03cccfafcc1fd39da15fbc
eba4a15a550e07ecc5bf94977cce633e626773c601038e217d97e1d21e095b7c
ee300890f0c2e55ec321fc82486b76fbadc3be55e7cbc2330b0a50f95e812218
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26d1c0b833c3a69e44f35dfea47b48e7932384b99eacba38800c438dd6d300e
f4de41edd6d540328311323b4ed0b21dc34b269d909f793164e2dedf3c611edb
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fee1d53a1f2b74892a9512fa97cce42be1b086ab07f30be0dbebef71ae65cd60

escapadre-film.ch Open in urlscan Pro 185.178.193.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

80 %HTTPS

84 %IPv6

30 Domains

41 Subdomains

36 IPs

3 Countries

7470 kBTransfer

18995 kBSize

11 Cookies

1 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

escapadre-film.ch Open in urlscan Pro
185.178.193.141 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

80 %
HTTPS

84 %
IPv6

30
Domains

41
Subdomains

36
IPs

3
Countries

7470 kB
Transfer

18995 kB
Size

11
Cookies

97 HTTP transactions
4 data transactions