www.eftours.com Open in urlscan Pro
2606:4700::6811:d548 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t1.links.eftours.com/r/?id=h5fe7a2f1,1aec4fe2,1892438f
Effective URL:
https://www.eftours.com/help-center
Submission: On February 09 via api (February 9th 2024, 3:03:57 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 70 HTTP transactions. The main IP is 2606:4700::6811:d548, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 209470.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.88.239.67 52.88.239.67	16509 (AMAZON-02) (AMAZON-02)
1 20	2606:4700::68... 2606:4700::6811:d548	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:6f::84 2a04:4e42:6f::84	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
6	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	34.242.8.249 34.242.8.249	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2.16.1.234 2.16.1.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.17.191.240 2.17.191.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.245.86.77 18.245.86.77	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
70	22

1 52.88.239.67 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-239-67.us-west-2.compute.amazonaws.com

t1.links.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6811:d548 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:6f::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.8.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-8-249.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

surveystats.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.1.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.191.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-191-240.deploy.static.akamaitechnologies.com

a24099230963.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-77.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	eftours.com 2 redirects t1.links.eftours.com — Cisco Umbrella Rank: 604355 www.eftours.com — Cisco Umbrella Rank: 209470 media.eftours.com — Cisco Umbrella Rank: 263823	2 MB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 10470	52 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 628	146 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 859	6 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	226 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	247 B
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 902 a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 190453 logx.optimizely.com — Cisco Umbrella Rank: 1548	92 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 363	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	292 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	71 KB
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6479 surveystats.hotjar.io — Cisco Umbrella Rank: 20425	643 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2720	308 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 853	20 KB
1	driftt.com js.driftt.com — Cisco Umbrella Rank: 5986	62 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5323	7 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6562	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 80	254 B
70	17

	Domain	Requested by
15	media.eftours.com	www.eftours.com media.eftours.com
10	c.lytics.io	www.eftours.com c.lytics.io
6	analytics.tiktok.com	www.eftours.com analytics.tiktok.com
6	ct.pinterest.com	s.pinimg.com www.eftours.com
5	www.eftours.com	1 redirects www.eftours.com
4	script.hotjar.com	static.hotjar.com script.hotjar.com www.eftours.com
3	www.facebook.com	www.eftours.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.eftours.com
3	www.googletagmanager.com	www.eftours.com www.googletagmanager.com
2	connect.facebook.net	www.eftours.com connect.facebook.net
2	region1.analytics.google.com	www.googletagmanager.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
1	logx.optimizely.com	js.driftt.com
1	js.driftt.com	www.eftours.com
1	a24099230963.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	www.googletagmanager.com
1	widget.trustpilot.com	www.googletagmanager.com
1	surveystats.hotjar.io	script.hotjar.com
1	content.hotjar.io	script.hotjar.com
1	www.google.de	www.eftours.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	t1.links.eftours.com	1 redirects
70	23

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
careers.ef.com
www.efexploreamerica.com
www.efstudyabroad.com
girltrips.eftours.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com
www.ef.edu
www.hotjar.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-02-08` - `2024-05-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.eftours.com/help-center
Frame ID: C012DD1EFEE746B543A2D680B9F52EFB
Requests: 68 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: EB16B1C3E0D8FD26000BAFC0BE666233
Requests: 2 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: C4CC1E68186D7D5AB560C65DCE429A03
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0B75DDB775BE36C4288CE23976F0A6E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Help Center | EF Educational Tours

Page URL History Show full URLs

http://t1.links.eftours.com/r/?id=h5fe7a2f1,1aec4fe2,1892438f HTTP 302
https://www.eftours.com/help-center Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

50 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

3068 kB
Transfer

5850 kB
Size

33
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girls

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/feedback-surveys?utm_source=client&utm_medium=poll&utm_campaign=insights
Title: Made with Hotjar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t1.links.eftours.com/r/?id=h5fe7a2f1,1aec4fe2,1892438f HTTP 302
https://www.eftours.com/help-center Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request help-center Show response
www.eftours.com/
Redirect Chain

http://t1.links.eftours.com/r/?id=h5fe7a2f1,1aec4fe2,1892438f
https://www.eftours.com/help-center

35 KB
10 KB

827ms
794ms

Document
text/html

2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d895c51b6147ca0d912bd63556454fcdbcc3a3f889620e3e9390531f20c783

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

apigw-requestid: S37BrhORCYcEPDA=
cache-control: private, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 852d005f1cc8bb43-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Feb 2024 15:03:51 GMT
expires: -1
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: all
x-ua-compatible: IE=edge

Redirect headers

Connection: keep-alive
Content-Length: 17
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Feb 2024 15:03:50 GMT
Location: https://www.eftours.com/help-center
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
X-Robots-Tag: noindex

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 390 KB
113 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b6340f09a595e4a1a7501116009df2d0edd3c4e8a547f210724e4d67f485403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 114811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 15:03:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81d517dcdad7f88104ab83d8b9268be5c574357860ee0aac3fd8a59f9f652358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 15:03:51 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 76ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 09 Feb 2024 15:03:51 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95D8EBE3AAD54BD188107C5597196B55 Ref B: FRA31EDGE0622 Ref C: 2024-02-09T15:03:51Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 12 KB
5 KB 32ms
8ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

3bbcf214093df05199f2770c286412601014eecc05a11219d78ad6abba806927

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 15:03:34 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 18
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/791dc1e85bb222d744a94669a4c74a22
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 43pQAvkBRcMQIw7FfLVgWJdxGKpWuoLv3lruBY85YC3QsV69JGxEtQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 28ms
7ms Script
application/javascript 2a04:4e42:6f::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f541b09d3f169b333fecf7d94459e7ad60a4fe96e4d57dc794d26bc4d1087d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: br
x-cdn: fastly
etag: "41d4f22af522e8bb22aadeabf6fa09ea"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1861

GET
H2 200 baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
media.eftours.com/bundles/css/ 568 KB
129 KB 614ms
605ms Stylesheet
text/css 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:37:20 GMT
date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Feb 2024 14:37:20 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=2590501
cf-ray: 852d0064ffc5bb43-FRA
x-ua-compatible: IE=edge

GET
H2 200 modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
6 KB 507ms
499ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:39:36 GMT
date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Feb 2024 14:39:36 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2590488
cf-ray: 852d0064ffcabb43-FRA
content-length: 5776
x-ua-compatible: IE=edge

GET
H2 200 howtoenroll01_thumb.jpg
media.eftours.com/~/media/images/etus/help-center/ 12 KB
12 KB 487ms
487ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/help-center/howtoenroll01_thumb.jpg?h=84&w=84

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01851affe098e66f80896e44be9b5028677bb1e5660f1218ea8688a5269194c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Jan 2020 16:56:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="HowToEnroll01_thumb.jpg"
accept-ranges: bytes
cf-ray: 852d00696fa9bb43-FRA
content-length: 12128
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 01_payment_plans%20thumb.jpg
media.eftours.com/~/media/images/etus/help-center/ 9 KB
9 KB 498ms
497ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/help-center/01_payment_plans%20thumb.jpg?h=84&w=84

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38490a14ce877940f3eac57bf750582885a876e45c51b2c56645153c5987fb43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Apr 2016 20:23:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="01_Payment_plans thumb.jpg"
accept-ranges: bytes
cf-ray: 852d006a28dcbb43-FRA
content-length: 9055
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 travelingwithef_thumb.jpg
media.eftours.com/~/media/images/etus/help-center/ 12 KB
12 KB 501ms
500ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/help-center/travelingwithef_thumb.jpg?h=84&w=84

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58247fba19056a9434d21650e4aaf6762608964d22cfd3b0a80d822fde1d5015

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Apr 2016 14:51:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="TravelingWithEF_thumb.jpg"
accept-ranges: bytes
cf-ray: 852d006a38f0bb43-FRA
content-length: 12138
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 tourdirector_thumb.jpg
media.eftours.com/~/media/images/etus/help-center/ 11 KB
11 KB 501ms
500ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/help-center/tourdirector_thumb.jpg?h=84&w=84

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f6867e91f5a24ed072e7e46ae2960994421eccdf6ca05f4a5740a62e4e8a70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Apr 2016 14:51:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="TourDirector_thumb.jpg"
accept-ranges: bytes
cf-ray: 852d006a38f2bb43-FRA
content-length: 10841
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 accreditation_thumb.jpg
media.eftours.com/~/media/images/etus/help-center/ 13 KB
13 KB 499ms
498ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/help-center/accreditation_thumb.jpg?h=84&w=84

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaea4ab69faf3b3ba973a1232ebf22646431a6b26a2cc2bc8d3de166341314f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Apr 2016 14:51:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="Accreditation_thumb.jpg"
accept-ranges: bytes
cf-ray: 852d006a38f4bb43-FRA
content-length: 13391
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 6 KB
6 KB 39ms
30ms Image
image/png 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:51 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 20:40:33 GMT
server: cloudflare
age: 16
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF-logo-footer_optimized.png"
accept-ranges: bytes
cf-ray: 852d0064ffcdbb43-FRA
content-length: 6326
expires: Sun, 10 Mar 2024 15:03:51 GMT

GET
H2 200 rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1 Show response
media.eftours.com/bundles/ 6 KB
3 KB 497ms
488ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:39:49 GMT
date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Feb 2024 14:39:49 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2590501
cf-ray: 852d0064ffd0bb43-FRA
content-length: 2463
x-ua-compatible: IE=edge

GET
H2 200 requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
8 KB 450ms
450ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:39:29 GMT
date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Feb 2024 14:39:29 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2590481
cf-ray: 852d00653830bb43-FRA
content-length: 7510
x-ua-compatible: IE=edge

GET
H2 200 rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1 Show response
media.eftours.com/bundles/ 654 B
937 B 154ms
154ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 14:39:24 GMT
date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 09 Feb 2024 14:39:24 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2590476
cf-ray: 852d00680d43bb43-FRA
content-length: 476
x-ua-compatible: IE=edge

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je4270v877811556z8867853431za200&_p=1707491031706&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1969485715.1707491032&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707491031&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&dt=Help%20Center%20%7C%20EF%20Educational%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group&tfd=1381
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 53ms
18ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=1969485715.1707491032&gtm=45je4270v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 56ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=1969485715.1707491032&gtm=45je4270v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=856090157

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13007618.js Show response
bat.bing.com/p/action/ 0
117 B 30ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13007618.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 09 Feb 2024 15:03:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 050A586C9DD840E69C818D4ED55438B6 Ref B: FRA31EDGE0622 Ref C: 2024-02-09T15:03:52Z
x-cache: CONFIG_NOCACHE

GET
H2 200 modules.8414bbb3c65a3c228a5a.js Show response
script.hotjar.com/ 218 KB
55 KB 31ms
8ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55350
last-modified: Fri, 09 Feb 2024 12:49:54 GMT
etag: "a7ea8f13d71da1eabb486d86cde54573"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 53eMyY_2Aa6ZXX_eppYPXNc5hqqbxfAl1T9t0sp3yQMDkOPooDkbfA==

GET
H2 200 main.deb3b3f8.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 7ms
7ms Script
application/javascript 2a04:4e42:6f::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b306b09654fe82ddf9f380fb188d3b957efcc472f0d44142e440c3fd6689e67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: br
x-cdn: fastly
etag: "b7048c83fa3e7c5a8e48bb07d8c7e849"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18527

GET
H2 200 brochure-banner-great-wall-2.png
media.eftours.com/~/media/images/etus/page-headers/ 2 MB
2 MB 707ms
707ms Image
image/png 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/page-headers/brochure-banner-great-wall-2.png?mw=1600

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d839e3d0525eae92f1ebbaeab3e8d4fc96d05705297c7299b34bf0a1d75d38a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Fri, 09 Feb 2024 15:03:53 GMT
cf-cache-status: MISS
last-modified: Thu, 16 Feb 2017 16:49:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="brochure-banner-great-wall-2.png"
accept-ranges: bytes
cf-ray: 852d006a38f6bb43-FRA
content-length: 1812956
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
DATA 200
OK truncated
/ 789 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7a528a2a2b997985e10f686f9cd4f01cd4d3e03a5eebf0417632493b46cfd63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
23 KB 39ms
39ms Font
application/font-woff2 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.eftours.com/help-center
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
cf-cache-status: HIT
age: 111482
content-length: 23756
apigw-requestid: Szq2whS7iYcEJMw=
x-ua-compatible: IE=edge
last-modified: Tue, 23 Jan 2024 21:57:18 GMT
server: cloudflare
etag: "0f3f121474eda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: all
cf-ray: 852d006a38fbbb43-FRA
expires: Sun, 10 Mar 2024 15:03:52 GMT

GET
H2 200 bootstrap.25043c26.js Show response
media.eftours.com/content/js-build/ 36 KB
15 KB 31ms
30ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.25043c26.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1402773
content-length: 14899
x-ua-compatible: IE=edge
last-modified: Tue, 23 Jan 2024 21:57:20 GMT
server: cloudflare
etag: "0202323474eda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 852d006c6ce9bb43-FRA
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 jquery-3.5.0.min.js Show response
media.eftours.com/Content/js/libs/ 105 KB
43 KB 22ms
22ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-3.5.0.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2353677
content-length: 43498
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 852d006cad43bb43-FRA
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2

200

main.js Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame EB16
Redirect Chain

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

22ms
22ms

Script
application/javascript

2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d59b63ae6513837ff56ba950fb75576eb8eace33266bdb56dd5537ac73a162b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 852d006aba1dbb43-FRA

Redirect headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 852d006a6971bb43-FRA

GET
H2 204 0
bat.bing.com/action/ 0
287 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=c83c8685-4158-4680-922b-cfa6f27b1682&sid=701e5bc0c75c11eeada5510c62ff0363&vid=701e8a40c75c11ee8db101805adc61b3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Help%20Center%20%7C%20EF%20Educational%20Tours&p=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&r=&lt=2212&evt=pageLoad&sv=1&rn=724988

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 15:03:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F064408BE8404DCD975DC8C6CA8392FB Ref B: FRA31EDGE0622 Ref C: 2024-02-09T15:03:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
617 B 56ms
34ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1707491032704&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3765163170666584
content-length: 172
pin-unauth: dWlkPVlqQTNNMlE0WkRFdE16UTNOUzAwTlRKbUxUbGlOemt0TmpSa1kyRTNaakpqTXpZNQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
290 B 59ms
38ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1707491032705&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1574145827518390
content-length: 172
pin-unauth: dWlkPVkyVmpabVUyTldNdE4yWmxOQzAwWVdKaExXSTBNbUV0T0dJNU9EY3paRGxsTkdNdw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 56ms
36ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2Fhelp-center%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22deb3b3f8%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707491032706
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/help-center
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:52 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5828026655371560
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 survey-v2.c63b1f4dbad07df711a5.js Show response
script.hotjar.com/ 289 KB
67 KB 7ms
7ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/survey-v2.c63b1f4dbad07df711a5.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

a0827cc73c0b2b7076014df814dd61f8692e484142c8a3850e0ff6308fa531d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 14:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2745
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 67960
last-modified: Fri, 09 Feb 2024 14:17:27 GMT
etag: "db1fc6cccb92f2a661bb24a4059aa073"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1ZpRKD1Yg21S0UQDTgF70Ew6N7kFrfkls22zBkrR66aadX--qBUIRQ==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 140ms
62ms XHR
application/json 34.242.8.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=157276&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.242.8.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-8-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5f2017eb9fdbe0721f787623311b8a26db1e146bbad04148ee36f071619bd45

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 09 Feb 2024 15:03:52 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 hit Show response
surveystats.hotjar.io/ 0
482 B 41ms
8ms XHR
binary/octet-stream 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveystats.hotjar.io/hit?id=979167&device=desktop
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:53:11 GMT
x-amz-version-id: null
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1383042
x-cache: Hit from cloudfront
content-length: 0
last-modified: Wed, 27 Jan 2021 15:23:17 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=0
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: FdkfM7gKefbH7ts9I5eNI2UXjuNXAoMVTc1TSin2y_jP4_e9ty86iA==

GET
DATA 200
OK truncated
/ 588 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad9e7a558cbea1c8b48ed95c1424ab49abca1f57598b76c4a133d9b76135ea77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
331 B 33ms
33ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1707491032812&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlqQTNNMlE0WkRFdE16UTNOUzAwTlRKbUxUbGlOemt0TmpSa1kyRTNaakpqTXpZNQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2Fhelp-center%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22deb3b3f8%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/help-center
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:52 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 9816750820444995
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Roboto-Medium.ef8bb0.woff2
script.hotjar.com/ 49 KB
50 KB 22ms
8ms Font
font/woff2 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/Roboto-Medium.ef8bb0.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eftours.com/
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 12:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10033353
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Mon, 16 Oct 2023 12:00:23 GMT
etag: "e49eef23dfc0f7c54977c365624b68fa"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: 7SaxbfXl1byq2ndr-pt3TJV-acu43QPTkrsq7AHfTGN5i4YITtsukg==

GET
H2 200 Roboto-Regular.422781.woff2
script.hotjar.com/ 49 KB
50 KB 28ms
15ms Font
font/woff2 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/Roboto-Regular.422781.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eftours.com/
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 12:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10033363
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Mon, 16 Oct 2023 12:00:23 GMT
etag: "184a2a669cf798f8d80bcfba041c3ecf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: ifNp063X1qnGnxLp2eNwZs4UW2wPOogK1OXVHa6j7MhJV8klDMt7DA==

POST
H2 200 852d005f1cc8bb43 Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EB16 0
295 B 36ms
35ms XHR
text/plain 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/852d005f1cc8bb43
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
cache-control: private, max-age=3600
content-encoding: gzip
server: cloudflare
cf-ray: 852d006b8b68bb43-FRA
content-type: text/plain; charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6c7707817a2cd8519a6af87950bc1507978f3ee4d14149d614193534cedd187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 15:03:52 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 28ms
7ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 03:14:37 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 42556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: WHpOECkk0HiTW6L2Ga832KJJx_kUGssagDbH2Ihi_d8cKxwBFfqhZA==

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/ 67 KB
23 KB 89ms
53ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40a2b5111402b0685167fea776cc738d5e81929ca44048bdf5d4c870b865373

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:52 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 14:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1253
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CHKB7LVVKUTRgTVFDn41DbkYKLEIGfyNlJZU7ozE8RsksHYHUNV1EfhA3LG8v8ZMU6gfEXQwWcR%2BfJ560rlez%2F3QEV%2FdHoAeyXvjYK05iVzD0GMBREVy9WfMIBu4M%2FXoRAXy9XxDS32"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 852d006bda016ae2-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 133ms
104ms Script
application/javascript 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/help-center
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 736a2cf32f4cff0643769bed4a35009bce54a08e67dc4d022b48925ab259458e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: abadf7e7.30558731
date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240209150352F8CC6E385653D730B582-513273C763714D21-00
x-cache: TCP_MISS from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 92,2.16.1.230
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=2
content-length: 1939
pragma: no-cache
server: nginx
x-tt-logid: 20240209150352F8CC6E385653D730B582
x-cache-remote: TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.200.40
x-tt-trace-host: 0151073e60a041ec656923d320ad767e78aae1f5d57aa52aa58ac341c46600dcfa13d331ddb0c8bfc03b9be577bff71fb39462d8a93c62068e90a19a34872dc6232cef7b52fd58593583fde789639de95fe2e8890273ef8153b655a7711edefe0b2a577f6202b393b4e3b32b21508677be
expires: Fri, 09 Feb 2024 15:03:53 GMT

GET
H2 200 24439131089.js Show response
cdn.optimizely.com/js/ 291 KB
89 KB 41ms
18ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/24439131089.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4992a5239d80718d43b4942add3e6a327bf1160855487111fd5e125db410bf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: weVJfx.MJALHs2.5L8rP3RJipK_yh8R6
content-encoding: gzip
date: Fri, 09 Feb 2024 15:03:52 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: ZAPPGCEKDQ6AEY98
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 95
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1707491032912_388276626_47320248_861_1312_6_10_146";dur=1
content-length: 90705
x-amz-id-2: cgPJ4nmuS98d0rTdpPdHciKFl4EEXr1jlFOpP/lngJDMYFMcayiKJHEzUTpbhMVlbOlSeEbo5ys=
last-modified: Mon, 05 Feb 2024 16:52:07 GMT
server: AmazonS3
etag: "5e7105dbeadbb8b97268aaab327dd566"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 15:03:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 6FYq+kBgy0y65eZSb+Eu4WvAU3RME5Cglr4GbXHKKpyoaIEADO8FnbtWem3CLfE8OuHiVe4A4RNDlrqFewiixg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je4270v877811556za200&_p=1707491031706&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1969485715.1707491032&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707491031&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&dt=Help%20Center%20%7C%20EF%20Educational%20Tours&en=scroll&ep.content_group=Other%20group&epn.percent_scrolled=90&_et=8&tfd=2448
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 15:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 302935565346434 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302935565346434?v=2.9.145&r=stable&domain=www.eftours.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c8aa91634cf9147d31eba2d1e84f324ab2a53b28096313942e9689a30923c86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 15:03:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: Sl7iz5FiAcnwJxetJFsox9PRxkuE+mLY3fLGCNhHywUl8TpkcJKPiGTh/SXHthZbAuVCzYP3fVI8VrbnmExjGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a24099230963.html Show response
a24099230963.cdn.optimizely.com/client_storage/ Frame C4CC 3 KB
2 KB 44ms
9ms Document
text/html 2.17.191.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.17.191.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-191-240.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

20eb0e714fd815d22a5a0eafe1abf7cddc8a379fd1801159d4439f0b08d501a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1031
content-type: text/html; charset=utf-8
date: Fri, 09 Feb 2024 15:03:53 GMT
etag: "a875185522e0072d9700484cfd89ff11"
last-modified: Fri, 09 Feb 2024 15:00:09 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2.17.191.240";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1707491033017_34901878_163510134_35_1883_6_10_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: LxTO5U3VgYLEdinZXpNWoaYk6fEp/2oVHYVZxmqYAzXvZo9+ylDU42uNLtbl5q+wxa0LL1QFV4A=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: JSNRS1TVXDVYQGNK
x-amz-server-side-encryption: AES256
x-amz-version-id: vSzwKfYXgEwW4xiAJtC5_95aJDzbH9QG

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1707491100000/ 220 KB
62 KB 154ms
122ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1707491100000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

52d87460560d706c4aa2b62216ad84345b4292322c818c69fd55bb234afd4c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: HprHXY.99uyuv4UI_XMdF2xIfeEfDySD
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 09 Feb 2024 15:03:53 GMT
via: 1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Tue, 30 Jan 2024 20:20:44 GMT
server: istio-envoy
etag: W/"8bb3282387347ab14b7a49c1d4f4e79f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G5vcsWbxJqEzOzy5Gokyt3_kLOHa672ATIeQF7xjwM8QiR0CETlFbw==

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
578 B 137ms
136ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ts=1707491033005&_nmob=t&_device=desktop&url=www.eftours.com%2Fhelp-center&_ga=GA1.1.1969485715.1707491032&optimizelyid=oeu1707491032982r0.48240849447467893&_v=3.0.35&_uid=af98f202-a1d3-405d-bf51-537faf1a564f&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFE0BW%2FbqoagEre57yssnyyr5LkY1pogKy1pHk0TZkZpMzZh9mJ66%2B%2BGYc5xkBsDno%2BIwVU%2BTH0NJAFwexcaKMHQjWWRfcq5u1DfLTBSWpH%2Fv4CsXJHjZd4N%2FPrNks6NEFcUOAArZI6e"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 852d006c5afb6ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
317 B 148ms
148ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?gtm.start=1707491031706&event=gtm.js&gtm.uniqueEventId=1&_ts=1707491033010&_nmob=t&_device=desktop&url=www.eftours.com%2Fhelp-center&_ga=GA1.1.1969485715.1707491032&optimizelyid=oeu1707491032982r0.48240849447467893&_v=3.0.35&_uid=af98f202-a1d3-405d-bf51-537faf1a564f&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW%2BZS4ABET6w%2FSMGPJxmSBoSeI09t4gmUg5gkDJpvjVTEp3dQQWfdWzEB1oEGEl%2F4np3CIQee164MQTw9R9%2Beeq7VW1GZLeq4ET5wqy5%2FdcxTovbFCYf0xy%2B8HH2Oi4wJQarGFE6Jfnd"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 852d006c5afe6ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
317 B 140ms
140ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?event=gtm.scrollDepth&gtm.scrollThreshold=90&gtm.scrollUnits=percent&gtm.scrollDirection=vertical&gtm.triggers=12&gtm.uniqueEventId=14&_ts=1707491033010&_nmob=t&_device=desktop&url=www.eftours.com%2Fhelp-center&_ga=GA1.1.1969485715.1707491032&optimizelyid=oeu1707491032982r0.48240849447467893&_v=3.0.35&_uid=af98f202-a1d3-405d-bf51-537faf1a564f&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zHWBTF5z7rHKnWOdoggm6ITdBY%2Bvp4wTsdk5gyHNlAJbGsEPAeVpWMTyMuUMURHJQdCKwcuRNJG5eWChF91BR4Jbk5u%2BPOMxklnjntInqj%2FAFY5wli3yueY%2BFnBfc%2Bw4G1B7RfyHZHj"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 852d006c5aff6ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
395 B 137ms
137ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BI%2FRG9y7gpOMRgqnQSprfc%2FtL0XK6DnrW7bmU0VmoaYmTwl%2Btz%2BcfoNjUio%2BrxIQNB6Xye6vQym0b54n8A5Kf25neBR%2BifFIcEoovkl7e8B7NrmgCcRTZnoj4qX6v3%2FKpIWg2778xes"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 852d006c5b006ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&rl=&if=false&ts=1707491033017&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1707491033016.179484243&cs_est=true&ler=empty&cdl=API_unavailable&it=1707491032946&coo=false&exp=e1&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Feb 2024 15:03:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.MTU3YmJkODI0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 399 KB
104 KB 24ms
24ms Script
application/javascript 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: 305587c2
date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240125200847DDA91E517C5E8E6B985F
x-tt-trace-id: 00-240125200847DDA91E517C5E8E6B985F-7725D46E0742E506-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f1bb587ca53ca3d3fb6edf7936233219d091c6df59c4c49f922618b052e49fee42c2b0acd9c939a493a6842f5e2fadc37fd9070bbb47ba5aac5e960aefdd75f9ea19483028bcbb51cf117070641655693afb1792fb23501c7d9489968b0870e5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 106170

GET
H2 200 af98f202-a1d3-405d-bf51-537faf1a564f Show response
c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/ 326 B
578 B 193ms
193ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/af98f202-a1d3-405d-bf51-537faf1a564f?segments=true&stream=ef_et&mergestate=true&state=%7B%22_uid%22%3A%22af98f202-a1d3-405d-bf51-537faf1a564f%22%2C%22_ga%22%3A%22GA1.1.1969485715.1707491032%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2Fhelp-center%22%2C%22optimizelyid%22%3A%22oeu1707491032982r0.48240849447467893%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1707491033113&callback=u_853956291743664000

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4cfba5e98cc2c73ce257b20c272f300ffce879f5e5aa4ad920f8e0b10f35b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQqJy%2FM08sr9FM7K8zIGgHQrKqg9O6XPyOLyUV73knbvI0jkSNvNoERAUnzzbaS%2BYYiWwi9gV4hitKvZ3kJzlj9lHPwHkZHXXSqgy3S8dmPa%2BUQTNnHZ8N7ls2j57nhZEp24QrWfwapl"}],"group":"cf-nel","max_age":604800}
cf-ray: 852d006cfc476ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
314 B 143ms
142ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ga=GA1.1.1969485715.1707491032&_ts=1707491033105&_nmob=t&_device=desktop&url=www.eftours.com%2Fhelp-center&_uid=af98f202-a1d3-405d-bf51-537faf1a564f&optimizelyid=oeu1707491032982r0.48240849447467893&_v=3.0.35

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CdzZNU%2FgQsOSPJ2eR8yx7Bn9D0T7cbRPoK7jcIeDYJPb4hueJOmRRFtUjZAaAi600wqRq6ATa8IUy7EXUZ%2BlkvVwUG6brjXyysbJ7C8jTiYJrzFdxdkHuw8XWpDYHqmRxAi7qd%2Bx31X"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 852d006cfc4e6ae2-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1050858
content-length: 2210
x-ua-compatible: IE=edge
last-modified: Tue, 23 Jan 2024 21:57:20 GMT
server: cloudflare
etag: "0202323474eda1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 852d006d0ddbbb43-FRA
expires: Sun, 10 Mar 2024 15:03:53 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 13ms
12ms Script
application/javascript 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: 3055882d
date: Fri, 09 Feb 2024 15:03:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151541C24600940D693CC0364F
x-tt-trace-id: 00-240123151541C24600940D693CC0364F-5B94EE98C3A0A4FC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b08062277ac0c2e98e64041b66c1b15306295a986812a0ebad68141093a9b5aeb1ae278850eb782d3df28abe2175afe74b6b5215d46993d31596c1dbc1363b1bb860f7805ba3b9d5f7068d3575b388fd73da4a282f9f02627c7bd1dc878dd4b5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 36988

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 160ms
157ms Ping
text/plain 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3055884e
date: Fri, 09 Feb 2024 15:03:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402091503539993FB951E34C3197438-6BFD9CAE4A6D5C0C-00
x-cache: TCP_MISS from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=7, origin; dur=119
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402091503539993FB951E34C3197438
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 121,2.16.1.230
x-tt-trace-host: 0151073e60a041ec656923d320ad767e780655efe1c81c1520181700fba14af180fbcd15be8b4251377bbf188bec1efae852d857f6f5dec9089642450ad3b12e53f7b820a4d6444f04ce97995486636620e8341450e2d986bd4414d98a9ad074b6
access-control-allow-headers: Authorization,*
expires: Fri, 09 Feb 2024 15:03:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 302ms
301ms Ping
text/plain 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3055884f
date: Fri, 09 Feb 2024 15:03:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240209150353C7D00DCE5D11690C691E-65FD44A471BB228C-00
x-cache: TCP_MISS from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
server-timing: inner; dur=183, cdn-cache; desc=MISS, edge; dur=7, origin; dur=284
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240209150353C7D00DCE5D11690C691E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 284,2.16.1.230
x-tt-trace-host: 0151073e60a041ec656923d320ad767e780655efe1c81c1520181700fba14af1805045e8836a5fb5ad0247fc7ce90d383a60919b35e6b896be866c9403e14042b963dac7dd5f5f78058f7fd4f3e0df2f61cb9bbd85826b89c0db8517b0a211a8a1
access-control-allow-headers: Authorization,*
expires: Fri, 09 Feb 2024 15:03:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&rl=&if=false&ts=1707491033310&cd[external_id]=af98f202-a1d3-405d-bf51-537faf1a564f&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1707491033016.179484243&ler=empty&cdl=API_unavailable&it=1707491032946&coo=false&exp=e1&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Feb 2024 15:03:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2Fhelp-center&rl=&if=false&ts=1707491033311&cd[ly_unknown_email]=true&cd[all]=true&cd[default_anon_seg]=true&cd[unknown]=true&cd[smt_new]=true&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1707491033016.179484243&ler=empty&cdl=API_unavailable&it=1707491032946&coo=false&exp=e1&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/help-center

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Feb 2024 15:03:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
835 B 130ms
129ms Ping
text/plain 2.16.1.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: abae0c5e.3055899e
date: Fri, 09 Feb 2024 15:03:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2402091503530BC14C015EE0CC222423-3770F252935BED94-00
x-cache: TCP_MISS from a2-16-1-230.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 107,2.16.1.230
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=21, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202402091503530BC14C015EE0CC222423
x-cache-remote: TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.48.200.40
x-tt-trace-host: 0151073e60a041ec656923d320ad767e78aae1f5d57aa52aa58ac341c46600dcfa13d331ddb0c8bfc03b9be577bff71fb34c1065f50ffdb25219e752e4daffad65259a9710e05d3fc9936a349aec64be656f2fea90b6708531d8e38adc0c7e0d0f5c4336a2af69dfdb8223daba86c78826
access-control-allow-headers: Authorization,*
expires: Fri, 09 Feb 2024 15:03:53 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 31ms
31ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 14:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3495
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prrl3gOvfSAOsA1CeKeO%2FMQ4upSmedsC5RG2lrr0QDPXMlCaJt%2BUvExwGBjB38ios1c24EBOErInFdNQdVRpxEfhr8Wsjyh1wWilIi72jRHfyhVOMKNaoZc2jUu1EvxuR%2FCFPLuXz5WV"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 852d00715e116ae2-FRA

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 13:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6137
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXCbuGYKvsiV83JpPA%2BCkeLLa7zAfBdamtSccoPVyS99wJagbxKMfLRHBeoXN%2BZXOuJ70%2FI3E3Esl6H2vm6%2BZHv56rFulqdywNCoqeer8nZg6OTjoq1EqVvKuKyoU2p%2FVmsuJtFfTZjT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 852d00719e906ae2-FRA

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
522 B 29ms
28ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 14:43:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1252
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teFZF5WQG2hMSieXIi6rQqwj1V0yaAwyRVjwJ06YPynq6Z%2Bmm6BsckLMn%2Fu8pSdQGCISWtoN3G6U7owXeB02mO0RBaZmdK%2BAEaWGDBULqkzi5l%2B8aNDkyyFEDqalGWZkowEUzkIbiVrW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 852d00719eae6ae2-FRA

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 7ms
7ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e25b95455e7fb1949815ca9634790871682f9499c5785d52e3a8202116543349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
x-cdn: fastly
age: 4617
etag: "067bae08a9fe7a530b507c43b95e0778"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4043

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame 0B75 565 B
515 B 43ms
43ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 09 Feb 2024 15:03:53 GMT
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1823856133111061

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
481 B 131ms
109ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1707491100000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 09 Feb 2024 15:03:53 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 186685f3-8cc6-40e1-86bf-48602eeed026

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eftours.com/	1970-01-21 03:39:47	Name: AMCV_014E03975E4DD0E30A495FDB%40AdobeOrg Value: MCMID%7C19995275909304156150698040281068470271
.eftours.com/	1969-12-31 23:59:59	Name: nlid Value: 5fe7a2f1\|1aec4fe2
.eftours.com/	1970-01-21 03:39:47	Name: nllastdelid Value: 1aec4fe2
www.eftours.com/	1970-01-20 18:28:15	Name: AWSALB Value: pJGlhdK45URlQpydIDTWJfMdjOatLIoc2DZxu2htTBGgY3uUv3LJobED6qm2MW04mkQ9vzBZT+sjcaetypLoEZprh938aGHFN+x7fCeKMUlzmNWsss/63c580B/k
www.eftours.com/	1970-01-20 18:28:15	Name: AWSALBCORS Value: pJGlhdK45URlQpydIDTWJfMdjOatLIoc2DZxu2htTBGgY3uUv3LJobED6qm2MW04mkQ9vzBZT+sjcaetypLoEZprh938aGHFN+x7fCeKMUlzmNWsss/63c580B/k
www.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0c1ypigtdsv2i43ujleksmc3
www.eftours.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: uJkMZfGQKiuUdHLPcfxyZ3a20HQrmLnvQ0fv2xHQPB8P2fva7DS1aQ-TOgvRGOgd03VCQJmnnetcomYrklkTmt8389stLgIcR2s8l0oNasA1
.eftours.com/	1969-12-31 23:59:59	Name: PriceDefault Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/	1969-12-31 23:59:59	Name: recent Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/	1970-01-20 18:18:12	Name: __cf_bm Value: irn.EYtjbCmXiSOCyqKjzudw3uPh1fpsp3Fxg_CR5Rg-1707491031-1-AaLrf+eRngdj2drSfF0w7ZaVIlOMAoqQst+gnAYMjhy8kLmUbW449G3dTL9kw+g/B9OzPsKsA4nwuD2NcESs2T6QrR2g2WfsvLuSsH/WXY2L
.eftours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: LRIQ6gGEMEF2sHN5iTFOzYeb9vv7XAHQRfsV6pAWcGk-1707491031680-0-604800000
.eftours.com/	1970-01-20 20:27:47	Name: _gcl_au Value: 1.1.1706207645.1707491032
.eftours.com/	1970-01-21 03:54:11	Name: _ga Value: GA1.1.1969485715.1707491032
media.eftours.com/	1970-01-20 18:28:15	Name: AWSALB Value: UAuQAx/chVCQ3J4/SSaB32+UMmQoJxBWbz3WoVfrTzMYDBpmBfYI3HLsb9n7akAf2DR7owIeMOjEv/TYae/uMZk0XxnyxiY6dKgDKmJ3rCSHPIpE4PD9FCKKuojW
media.eftours.com/	1970-01-20 18:28:15	Name: AWSALBCORS Value: UAuQAx/chVCQ3J4/SSaB32+UMmQoJxBWbz3WoVfrTzMYDBpmBfYI3HLsb9n7akAf2DR7owIeMOjEv/TYae/uMZk0XxnyxiY6dKgDKmJ3rCSHPIpE4PD9FCKKuojW
.eftours.com/	1970-01-20 18:19:37	Name: _uetsid Value: 701e5bc0c75c11eeada5510c62ff0363
.eftours.com/	1970-01-21 03:39:47	Name: _uetvid Value: 701e8a40c75c11ee8db101805adc61b3
.bing.com/	1970-01-21 03:39:47	Name: MUID Value: 01C8C4D7F09560870413D0F7F11E61F6
.eftours.com/	1970-01-21 03:03:47	Name: _hjSessionUser_157276 Value: eyJpZCI6Ijg1NzUzNDgyLWU5NTQtNWM5Ny04NGM2LTk0ZjNkZTRmZTI0NiIsImNyZWF0ZWQiOjE3MDc0OTEwMzI3MzIsImV4aXN0aW5nIjp0cnVlfQ==
.eftours.com/	1970-01-20 18:18:12	Name: _hjSession_157276 Value: eyJpZCI6ImZmM2E4MmNlLTRlZWQtNDIwZC1iOTdmLTM1MzQxZTllZjUwMCIsImMiOjE3MDc0OTEwMzI3MzQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.pinterest.com/	1970-01-21 03:03:47	Name: ar_debug Value: 1
.eftours.com/	1970-01-21 03:03:47	Name: _pin_unauth Value: dWlkPVlqQTNNMlE0WkRFdE16UTNOUzAwTlRKbUxUbGlOemt0TmpSa1kyRTNaakpqTXpZNQ
.ct.pinterest.com/	1970-01-21 03:03:47	Name: _pinterest_ct_ua Value: "TWc9PSZFOU52V2lncmlxWUQ3SUFCTmxUU1FESEZZME1MT1NpaHlzSmxhNE0ybzF3c2tGWE54UEhwK1U5djZBUC82S2RLVmNabFNFSUVJdXZuVUNtZGRpK3JLbU9RK0pXVnFPTFZoWlZoRzI5OW0rVT0mZmFCNVRPV1l6Nk5SWGxRdUx2aUFRNTFKK1RvPQ=="
.eftours.com/	1970-01-21 03:03:47	Name: cf_clearance Value: 6DrW2yGykXZA69KBaMIZ4KBkgWIz0aBloXOKRIqWYTE-1707491032-1-AYUvH7FeSBgIN/WQzWIWpzc2nOmEILlBOomRlwr+vwWOe0f13I0qtZ7BNcFBXm7hbU3Y5yaBH+BJ2pSRyWDMPE8=
.eftours.com/	1970-01-21 03:54:11	Name: _ga_9JLH500JCE Value: GS1.1.1707491031.1.1.1707491032.59.0.0
.eftours.com/	1970-01-20 22:37:23	Name: optimizelyEndUserId Value: oeu1707491032982r0.48240849447467893
.www.eftours.com/	1970-01-20 18:18:12	Name: seerses Value: e
.www.eftours.com/	1970-01-21 03:54:11	Name: seerid Value: af98f202-a1d3-405d-bf51-537faf1a564f
.eftours.com/	1970-01-20 20:27:47	Name: _fbp Value: fb.1.1707491033016.179484243
.tiktok.com/	1970-01-21 03:39:47	Name: _ttp Value: 2c8R52XItjWTuacxi0dnZ7rC5a9
.eftours.com/	1970-01-21 03:39:47	Name: _tt_enable_cookie Value: 1
.lytics.io/	1970-01-21 03:54:11	Name: seerid Value: af98f202-a1d3-405d-bf51-537faf1a564f
.eftours.com/	1970-01-21 03:39:47	Name: _ttp Value: CYMhNZrpxU4EuBiZGcsRA_XvsvG

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/302935565346434?v=2.9.145&r=stable&domain=www.eftours.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1707491100000/5by59bm3fdyy.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/help-center Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a24099230963.cdn.optimizely.com
analytics.tiktok.com
bat.bing.com
c.lytics.io
cdn.optimizely.com
connect.facebook.net
content.hotjar.io
ct.pinterest.com
js.driftt.com
logx.optimizely.com
media.eftours.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
surveystats.hotjar.io
t1.links.eftours.com
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.de
www.googletagmanager.com
13.32.27.19
143.204.98.6
151.101.128.84
18.245.86.77
18.66.97.37
2.16.1.234
2.17.191.240
2001:4860:4802:32::36
2606:4700:20::681a:216
2606:4700::6811:d548
2620:1ec:c11::200
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9c
2a02:26f0:3500:88e::13b8
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:6f::84
34.111.140.246
34.242.8.249
52.222.236.107
52.88.239.67
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
20eb0e714fd815d22a5a0eafe1abf7cddc8a379fd1801159d4439f0b08d501a1
290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38490a14ce877940f3eac57bf750582885a876e45c51b2c56645153c5987fb43
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
3bbcf214093df05199f2770c286412601014eecc05a11219d78ad6abba806927
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4992a5239d80718d43b4942add3e6a327bf1160855487111fd5e125db410bf99
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
52d87460560d706c4aa2b62216ad84345b4292322c818c69fd55bb234afd4c83
53f6867e91f5a24ed072e7e46ae2960994421eccdf6ca05f4a5740a62e4e8a70
58247fba19056a9434d21650e4aaf6762608964d22cfd3b0a80d822fde1d5015
5d59b63ae6513837ff56ba950fb75576eb8eace33266bdb56dd5537ac73a162b
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c8aa91634cf9147d31eba2d1e84f324ab2a53b28096313942e9689a30923c86
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
736a2cf32f4cff0643769bed4a35009bce54a08e67dc4d022b48925ab259458e
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
81d517dcdad7f88104ab83d8b9268be5c574357860ee0aac3fd8a59f9f652358
8b6340f09a595e4a1a7501116009df2d0edd3c4e8a547f210724e4d67f485403
8d839e3d0525eae92f1ebbaeab3e8d4fc96d05705297c7299b34bf0a1d75d38a
a0827cc73c0b2b7076014df814dd61f8692e484142c8a3850e0ff6308fa531d9
a5f2017eb9fdbe0721f787623311b8a26db1e146bbad04148ee36f071619bd45
a6d895c51b6147ca0d912bd63556454fcdbcc3a3f889620e3e9390531f20c783
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7a528a2a2b997985e10f686f9cd4f01cd4d3e03a5eebf0417632493b46cfd63
ad9e7a558cbea1c8b48ed95c1424ab49abca1f57598b76c4a133d9b76135ea77
b306b09654fe82ddf9f380fb188d3b957efcc472f0d44142e440c3fd6689e67a
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c01851affe098e66f80896e44be9b5028677bb1e5660f1218ea8688a5269194c
c40a2b5111402b0685167fea776cc738d5e81929ca44048bdf5d4c870b865373
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
d6c7707817a2cd8519a6af87950bc1507978f3ee4d14149d614193534cedd187
e25b95455e7fb1949815ca9634790871682f9499c5785d52e3a8202116543349
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaea4ab69faf3b3ba973a1232ebf22646431a6b26a2cc2bc8d3de166341314f1
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f541b09d3f169b333fecf7d94459e7ad60a4fe96e4d57dc794d26bc4d1087d84
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc4cfba5e98cc2c73ce257b20c272f300ffce879f5e5aa4ad920f8e0b10f35b7

www.eftours.com Open in urlscan Pro 2606:4700::6811:d548 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

50 %IPv6

17 Domains

23 Subdomains

22 IPs

4 Countries

3068 kBTransfer

5850 kBSize

33 Cookies

16 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eftours.com Open in urlscan Pro
2606:4700::6811:d548 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

50 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

3068 kB
Transfer

5850 kB
Size

33
Cookies

70 HTTP transactions
2 data transactions