www.eftours.com Open in urlscan Pro
2606:4700::6811:d648 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t1.links.eftours.com/r/?id=h5ef221f4,1ae7fc94,18909e68
Effective URL:
https://www.eftours.com/our-story-email
Submission: On October 19 via api (October 19th 2023, 5:32:28 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6811:d648, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 297291.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.88.136.200 52.88.136.200	16509 (AMAZON-02) (AMAZON-02)
1 23	2606:4700::68... 2606:4700::6811:d648	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:a00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
6	23.36.163.224 23.36.163.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	18.66.112.55 18.66.112.55	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	54.216.227.15 54.216.227.15	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:236... 2600:9000:236e:ba00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.120 13.225.78.120	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:c00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
74	22

1 52.88.136.200 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-136-200.us-west-2.compute.amazonaws.com

t1.links.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6811:d648 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.36.163.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-224.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-55.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.227.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-227-15.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:ba00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-120.fra2.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:c00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	eftours.com 2 redirects t1.links.eftours.com — Cisco Umbrella Rank: 764096 www.eftours.com — Cisco Umbrella Rank: 297291 media.eftours.com — Cisco Umbrella Rank: 313075	2 MB
16	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4560 embed-ssl.wistia.com — Cisco Umbrella Rank: 8638 pipedream.wistia.com — Cisco Umbrella Rank: 7286 distillery.wistia.com — Cisco Umbrella Rank: 7083 embed-cloudfront.wistia.com	2 MB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	141 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 965	2 KB
5	driftt.com js.driftt.com — Cisco Umbrella Rank: 6698	81 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	282 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714	299 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 980	20 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	60 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7121	161 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	254 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5560	7 KB
74	16

	Domain	Requested by
17	media.eftours.com	www.eftours.com media.eftours.com
10	fast.wistia.com	www.eftours.com fast.wistia.com js.driftt.com
6	analytics.tiktok.com	www.eftours.com analytics.tiktok.com
6	www.eftours.com	1 redirects www.eftours.com
5	ct.pinterest.com	s.pinimg.com www.eftours.com
5	js.driftt.com	www.eftours.com js.driftt.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.eftours.com
3	www.googletagmanager.com	www.eftours.com www.googletagmanager.com
2	embed-cloudfront.wistia.com	js.driftt.com
2	pipedream.wistia.com	js.driftt.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.eftours.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
1	distillery.wistia.com	js.driftt.com
1	www.facebook.com	www.eftours.com
1	content.hotjar.io	script.hotjar.com
1	www.google.de	www.eftours.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	widget.trustpilot.com	www.googletagmanager.com
1	embed-ssl.wistia.com	www.eftours.com
1	t1.links.eftours.com	1 redirects
74	23

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
www.ef.edu
www.ef.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
careers.ef.com
www.efexploreamerica.com
www.efstudyabroad.com
girltrips.eftours.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-29` - `2023-10-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.eftours.com/our-story-email
Frame ID: EDA25846DAA8DF2A8174801F29AA15A6
Requests: 67 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: 8695C6910B27B323E7DBF8C24A895EC6
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: BA7A13969243D0750AA30757FF48B5CF
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=091bd39f-d2d8-4c92-8a54-453d642a736f&sessionStarted=1697736748.331&campaignRefreshToken=cda3b836-2f1e-442a-b8ad-04763ddad05c&hideController=false&pageLoadStartTime=1697736741662&mode=CHAT&driftEnableLog=false&loadStrategy=ON_INTERACTIVE&secureIframe=false&u=https%3A%2F%2Fwww.eftours.com%2Four-story-email
Frame ID: 15C1F82F70A4C494E91EF7626D926B38
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662
Frame ID: CE04F463E194A857EE2E297BD20C9598
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get to Know EF | EF Educational Tours

Page URL History Show full URLs

http://t1.links.eftours.com/r/?id=h5ef221f4,1ae7fc94,18909e68 HTTP 302
https://www.eftours.com/our-story-email Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

97 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

22
IPs

4
Countries

4317 kB
Transfer

7671 kB
Size

30
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.ef.edu/about-us/our-company/
Title: EF’s mission

Search URL Search Domain Scan URL

URL: https://www.ef.com/wwen/blog/we-are-ef/meet-the-global-ef-deib-team/
Title: Learn more

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girls

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t1.links.eftours.com/r/?id=h5ef221f4,1ae7fc94,18909e68 HTTP 302
https://www.eftours.com/our-story-email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request our-story-email Show response
www.eftours.com/
Redirect Chain

http://t1.links.eftours.com/r/?id=h5ef221f4,1ae7fc94,18909e68
https://www.eftours.com/our-story-email

46 KB
12 KB

752ms
712ms

Document
text/html

2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d213296a1bfbee4a1cc955340006dbc26ed08f97561f7a105b15ed6b18bd87d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

apigw-requestid: ND012jD9iYcEP7Q=
cache-control: private, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 818ac285ae955d8d-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 17:32:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-robots-tag: all
x-ua-compatible: IE=edge

Redirect headers

Connection: keep-alive
Content-Length: 17
Content-Type: text/plain; charset=utf-8
Date: Thu, 19 Oct 2023 17:32:20 GMT
Location: https://www.eftours.com/our-story-email
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
X-Robots-Tag: noindex

GET
H2 200 VisitorIdentification.js Show response
www.eftours.com/layouts/hemeva_system/ 2 KB
949 B 607ms
607ms Script
application/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/layouts/hemeva_system/VisitorIdentification.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0e6349b48866b6abc3d338772e025f18a0cc1b22391cf26b48b8b35a539478

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/our-story-email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 18 Oct 2023 19:51:34 GMT
server: cloudflare
etag: W/"0274d7ffc1da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=3600
x-robots-tag: all
cf-ray: 818ac28a2d255d8d-FRA
apigw-requestid: NCcV8jFUCYcEMlw=
expires: Thu, 19 Oct 2023 21:32:22 GMT

GET
H2 200 basea4w1dusaNLga8posXMgIX9Mj4kgpaEO94R9-iXA9lF01cdn
media.eftours.com/bundles/css/ 568 KB
128 KB 53ms
31ms Stylesheet
text/css 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/basea4w1dusaNLga8posXMgIX9Mj4kgpaEO94R9-iXA9lF01cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b653c3aaaa3bf24b443e647fb0eeab7caa7394562a64d403b1b992fc365cc11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:21 GMT
date: Thu, 19 Oct 2023 17:32:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 18:50:18 GMT
server: cloudflare
age: 1118558
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 818ac28a4d4c5d8d-FRA
x-ua-compatible: IE=edge

GET
H2 200 modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
6 KB 46ms
45ms Script
text/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:21 GMT
date: Thu, 19 Oct 2023 17:32:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 22:35:57 GMT
server: cloudflare
age: 68197
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac28acdff5d8d-FRA
content-length: 5776
x-ua-compatible: IE=edge

GET
H2 200 opening-the-world.png
media.eftours.com/~/media/images/eaus/content%20pages/about-ef/ 205 KB
206 KB 754ms
753ms Image
image/png 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/eaus/content%20pages/about-ef/opening-the-world.png?la=en

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06638d1be127b15d169bdf31db6ff6c0757bb281fb04dd9e001cfcd29f3f9480

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Dec 2020 16:59:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="opening-the-world.png"
accept-ranges: bytes
cf-ray: 818ac28ace025d8d-FRA
content-length: 210266
x-ua-compatible: IE=edge

GET
H2 200 education_approach.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 139 KB
140 KB 633ms
632ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/education_approach.jpg?la=en

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f45b5140e70f44a73db3fa7c88dd73f39fba8277efaaf1eef22de77052a4c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Oct 2020 17:45:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="education_approach.jpg"
accept-ranges: bytes
cf-ray: 818ac28ace065d8d-FRA
content-length: 142533
x-ua-compatible: IE=edge

GET
H2 200 travel_philosophy2.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 155 KB
155 KB 817ms
814ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/travel_philosophy2.jpg?la=en

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8e0043ebc1903ba1b667fbfc7ee177514dd6a4a845a5747f4dcbbcae989488

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Oct 2020 17:45:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="travel_philosophy2.jpg"
accept-ranges: bytes
cf-ray: 818ac28e3af55d8d-FRA
content-length: 158888
x-ua-compatible: IE=edge

GET
H2 200 ef_history_top.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 24 KB
25 KB 672ms
669ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ef_history_top.jpg?h=139&w=814

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5283cfa89323c90fced6f5ae98b4bde9ac1b6a357c9e29417b4d6850497362f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Aug 2020 20:04:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF_history_top.jpg"
accept-ranges: bytes
cf-ray: 818ac28e3af85d8d-FRA
content-length: 25028
x-ua-compatible: IE=edge

GET
H2 200 ef_history_bottom.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 193 KB
194 KB 723ms
721ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ef_history_bottom.jpg?h=542&w=814

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1e1fefe16898c4b309bcda376ee9cfbcea9799073c58fb15a9b5af562e7930

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Aug 2020 20:04:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF_history_bottom.jpg"
accept-ranges: bytes
cf-ray: 818ac28e3afa5d8d-FRA
content-length: 198122
x-ua-compatible: IE=edge

GET
H2 200 people_top.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 7 KB
7 KB 422ms
422ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/people_top.jpg?h=43&w=968

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d16b9c604411bbd4101a9f53e6be1e2832cb261cb56e509813ac7ee93bf4e73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Aug 2020 15:06:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="people_top.jpg"
accept-ranges: bytes
cf-ray: 818ac28f7cb45d8d-FRA
content-length: 7220
x-ua-compatible: IE=edge

GET
H2 200 people_bottom.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 144 KB
144 KB 618ms
618ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/people_bottom.jpg?h=607&w=968

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcf6d29132bfcf11180a08c00bff05daa896a9d5174c56873b698c51372a1ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Oct 2020 17:45:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="people_bottom.jpg"
accept-ranges: bytes
cf-ray: 818ac28f8cbc5d8d-FRA
content-length: 147417
x-ua-compatible: IE=edge

GET
H2 200 keca6s3pmw.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 53ms
21ms Script
application/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/keca6s3pmw.jsonp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

26cc758acc5b5c7f281db6febcae369229ee274b350df5dcddc145e755beb588

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 5443600a954c786f2e851cd6ea9e7e98.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 29700
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 57
content-length: 1642
x-request-id: 321d4380-551d-4321-ba48-e26f9e896b7d
x-served-by: cache-iad-kjyo7100098-IAD, cache-fra-eddf8230071-FRA
x-runtime: 0.055036
x-browser-version: 118
server: envoy
x-timer: S1697736742.149978,VS0,VE3
etag: W/"26cc758acc5b5c7f281db6febcae3692"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9sMq8BTcvbFa8sR7n6dwFzWNesa4wV4Aedndnj-naFhGvVvU6Z8dKA==
x-cache-hits: 5, 1

GET
H2 200 swatch
fast.wistia.com/embed/medias/keca6s3pmw/ 4 KB
5 KB 52ms
20ms Image
image/jpeg 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/keca6s3pmw/swatch

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

857198327dcc6a19e7580a55bcebd4a27871b4d23426a44f336ad2b9beba3f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
access-control-request-method: *
via: 1.1 87e6563b344d9d0eb9b5aa233652bc74.cloudfront.net (CloudFront), 1.1 69323cc81a35966f2e018b11a9d4a8e6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD61-P2, IAD61-P1
age: 94037
edge-cache-tag: 3f48ba585e49e0863dde2b6b523a1368c34d5971
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 32
content-disposition: inline
content-length: 4259
x-served-by: cache-iad-kcgs7200131-IAD, cache-fra-eddf8230071-FRA
x-browser-version: 118
last-modified: Thu, 23 Sep 2021 19:44:01 UTC
server: envoy
x-timer: S1697736742.150564,VS0,VE1
etag: Z10n6znZ97Kp_OCBrpInBIBunAs=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gLhaGWCIX-i4zWGx30KQRLRe9-p3TgSoIMvPckmBLs1k3OvUJfearQ==
x-cache-hits: 334, 1

GET
H2 200 ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 6 KB
6 KB 53ms
53ms Image
image/png 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 20:40:33 GMT
server: cloudflare
age: 727686
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF-logo-footer_optimized.png"
accept-ranges: bytes
cf-ray: 818ac29218745d8d-FRA
content-length: 6326
x-ua-compatible: IE=edge

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 736 KB
125 KB 39ms
7ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7fec0a18bb8460fc200cfa086066ef50356dc403676822d8c83caec89dd2f8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1198
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127961
x-served-by: cache-iad-kiad7000118-IAD, cache-fra-eddf8230071-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:32 GMT
server: AmazonS3
x-timer: S1697736742.150594,VS0,VE0
etag: "df17692b23dacdd41bbf0e17bfd46472"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17, 167

GET
H2 200 rq-fingerprintsakhviz4fG0vxJ5UpmKoH19KM0odC2-FMbTIbr0vW3601 Show response
media.eftours.com/bundles/ 7 KB
3 KB 36ms
33ms Script
text/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsakhviz4fG0vxJ5UpmKoH19KM0odC2-FMbTIbr0vW3601

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ce36894787d761085e5caf7d9ea2f9fee938d463eb9eddaf5335539fba8731

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Oct 2023 14:29:07 GMT
server: cloudflare
age: 615846
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac28e3afc5d8d-FRA
content-length: 2562
x-ua-compatible: IE=edge

GET
H2 200 requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
7 KB 46ms
46ms Script
text/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Oct 2023 11:20:00 GMT
server: cloudflare
age: 886385
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac28e7b515d8d-FRA
content-length: 7512
x-ua-compatible: IE=edge

GET
H2 200 rq-app60AIQs8_SFLBNyc4-XZ0NT8o4HUQjjI2YJ9pi_WkSjY1 Show response
media.eftours.com/bundles/ 661 B
542 B 40ms
40ms Script
text/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-app60AIQs8_SFLBNyc4-XZ0NT8o4HUQjjI2YJ9pi_WkSjY1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7db5efa08d05127e672d74f3e595575ec3ba6275c15a445fe42c96dd0883cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Oct 2023 14:29:07 GMT
server: cloudflare
age: 615846
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac28f3c645d8d-FRA
content-length: 478
x-ua-compatible: IE=edge

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
107 KB 156ms
71ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fafc77a64336ea4db605b9c8ec9fb0bf34f61f9198f4e5fd5a7524f659173d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108917
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 16:29:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 17:32:22 GMT

GET
H2 200 about_ef_hub_stage.jpg
media.eftours.com/~/media/images/etus/content-pages/our-story/hub/ 695 KB
696 KB 673ms
673ms Image
image/jpeg 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/content-pages/our-story/hub/about_ef_hub_stage.jpg?mw=1600

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4583d7f47a6f033a7d508e4d91a26c6cf0ca421571d1006c47123a6e99ccb6dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 18 Nov 2023 17:32:22 GMT
date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 19:57:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="about_EF_Hub_Stage.jpg"
accept-ranges: bytes
cf-ray: 818ac28e5b345d8d-FRA
content-length: 711568
x-ua-compatible: IE=edge

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
23 KB 50ms
49ms Font
application/font-woff2 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.eftours.com/our-story-email
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
cf-cache-status: HIT
age: 1121998
content-length: 23756
x-ua-compatible: IE=edge
last-modified: Thu, 05 Oct 2023 15:53:42 GMT
server: cloudflare
etag: "07281da4f7d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
cf-ray: 818ac28e4b135d8d-FRA
expires: Sat, 18 Nov 2023 17:32:22 GMT

GET
H2 200 googleAnalytics4.js Show response
fast.wistia.com/assets/external/ 16 KB
4 KB 33ms
33ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/googleAnalytics4.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c6ba0c31d78a21fc57d4fa4750394091a622ecf9cbe49d1317b7f01ab3d45976

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1197
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 4158
x-served-by: cache-iad-kiad7000033-IAD, cache-fra-eddf8230071-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:33 GMT
server: AmazonS3
x-timer: S1697736742.325095,VS0,VE1
etag: "92ac3ac4654cfe93c0a422444dea1adc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 5

GET
H2

200

main.js Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 8695
Redirect Chain

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
4 KB

17ms
16ms

Script
application/javascript

2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f23bdbe5b2161d645e6e5dd8bdeee3f4f031bb7778940918c681ca478c83d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 818ac28ffd5c5d8d-FRA

Redirect headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
cache-control: private, max-age=3600
cf-ray: 818ac28f9cdb5d8d-FRA

GET
H2 200 bootstrap.762a99f3.js Show response
media.eftours.com/content/js-build/ 33 KB
14 KB 30ms
30ms Script
application/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.762a99f3.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2125462
content-length: 14123
x-ua-compatible: IE=edge
last-modified: Thu, 21 Sep 2023 15:31:54 GMT
server: cloudflare
etag: "091bebfa0ecd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac29268e15d8d-FRA
expires: Sat, 18 Nov 2023 17:32:22 GMT

GET
H2 200 3f48ba585e49e0863dde2b6b523a1368c34d5971.webp
embed-ssl.wistia.com/deliveries/ 136 KB
137 KB 73ms
11ms Image
image/webp 2600:9000:211e:a00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/3f48ba585e49e0863dde2b6b523a1368c34d5971.webp?image_crop_resized=1920x1080
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/our-story-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8853a051fce014cec795741528863cd94dd3bff6383a9c9b252e6367bd91dd63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:45:19 GMT
access-control-request-method: *
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 204423
edge-cache-tag: 3f48ba585e49e0863dde2b6b523a1368c34d5971
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 563
content-disposition: inline
surrogate-key: 3f48ba585e49e0863dde2b6b523a1368c34d5971 thumbnail-delivery
last-modified: Thu, 23 Sep 2021 19:44:01 UTC
server: envoy
etag: r8JZueetlKle5fKxCUY8p2DhCO0=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: b-n3y2cFxIGsCacTgRrqp1kL3lruzSZb6kdYXltlPvAxruTAAYdpUg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e12b6a1c983346e93dda9f7c4b3b4ec638cc9cb20bcb9e394f5cec6bd57247d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 17:32:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bdfea37cae67f3fd6ef85e870e788992de731f33a317c76373f3a0c92893683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 17:32:22 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 40ms
7ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 03:59:15 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 48788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6676
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 13:48:29 GMT
server: AmazonS3
etag: "befec09eb386fc68a0869c8d1b529dd6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ZAZ1rcqXbiadw8_Cd1s6x_GkuF5CLNZ8GIq2ov8ykRRxk4FH3qWeVA==

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 19 Oct 2023 17:32:22 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6560ABEC00D444A486B8BB22EA816448 Ref B: FRAEDGE1805 Ref C: 2023-10-19T17:32:22Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 10 KB
4 KB 45ms
11ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

2d73bc6aa56f9130cbb05c1f8bcbae892487b714565ce375ecb91538f35e2871

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 17:31:41 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 41
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7eba715dfe4364f5538a711e82622549
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 96EcjsiZ2rM6o8_LpL3BA4zLtvL6ivLNmsJdt8aLFFGXW1oWZtV58Q==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 40ms
7ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
x-cdn: fastly
etag: "9928a24818ebe5caf4dcef81e67e3283"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1736

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 178ms
118ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/our-story-email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b7d4ac471db59b25f7c580bc5b944f740717a127afe6cb25769e6de090c6ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 2de59ff6.2680ce6d
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 103,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=12, inner; dur=4
content-length: 1917
pragma: no-cache
server: nginx
x-tt-logid: 20231019173222FC5D8E39C547B1F82837
x-cache-remote: TCP_MISS from a23-195-36-201.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.195.36.201
x-tt-trace-host: 01392bde94874d31fb968a84a99887dc7c67ff067c7e2205b37cd23970d95c30091cf79ddfc3be55f49e3d674e35a9618f710a1b1de203944716927fbcb45da32eba425f4746968f70d04dec7e22058667cce79687e8d0c37a6718cae69c06420a12a318bb4c5c7cf92adea8638f5c68ea
expires: Thu, 19 Oct 2023 17:32:22 GMT

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1697736900000/ 215 KB
61 KB 426ms
409ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

514e99bc866993616752bf2b54ea054fb7f25e3cf12e7a3404e08f91f9621fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
x-amz-version-id: YnvFsjjybyw5psHKuLTIiINb1nY63les
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Wed, 18 Oct 2023 19:27:57 GMT
server: istio-envoy
etag: W/"8416e394d48fbc356737fcff372e9234"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pI2xLlSO3IfIXvjWE69zTKeaFiNckyBDbvY6DMLDJMm0ztHc5D8NUw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 19 Oct 2023 17:32:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: CxHFpbkQ9PIrVcy0PozbKSJeUJFDopLfFcx0blwyaGhGFJ3mBqb07dxzdIcdCKiKmj1GA/D/rdvSgN6IQTf2ag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 818ac285ae955d8d Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8695 0
264 B 47ms
46ms XHR
text/plain 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/818ac285ae955d8d
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
cache-control: private, max-age=3600
content-encoding: gzip
server: cloudflare
cf-ray: 818ac290eedd5d8d-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 main.15c91276.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 26ms
25ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: br
x-cdn: fastly
etag: "22b382da8bd5bbd651c2ead900859322"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18887

GET
H2 200 modules.e1dfa7708b9d9a8bea71.js Show response
script.hotjar.com/ 228 KB
56 KB 42ms
8ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19636
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56552
last-modified: Thu, 19 Oct 2023 12:04:32 GMT
etag: "6767acf9424d83d0946202b3a45c9012"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nwfWnls7pzFtD7zr_RZSGK8Vopq8bWKIhD2ODtX__D4FIlhIPQOPPw==

GET
H2 204 13007618.js Show response
bat.bing.com/p/action/ 0
115 B 30ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13007618.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 19 Oct 2023 17:32:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A9CCC02617A444281490E28F6815322 Ref B: FRAEDGE1805 Ref C: 2023-10-19T17:32:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=61863f34-2d69-47cf-a982-bb5e0372a341&sid=7623f0906ea511ee94a6fb7ddc8e9958&vid=762439906ea511ee9405e944e64ab966&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Get%20to%20Know%20EF%20%7C%20EF%20Educational%20Tours&p=https%3A%2F%2Fwww.eftours.com%2Four-story-email&r=&lt=2038&evt=pageLoad&sv=1&rn=351851

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 19 Oct 2023 17:32:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99AA0BCE381F4EE49DF2963AF715EDCA Ref B: FRAEDGE1805 Ref C: 2023-10-19T17:32:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 302935565346434 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302935565346434?v=2.9.134&r=stable&domain=www.eftours.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41b62dd1fae567811cc3e3551ada2feaca501df7ae5f81e9b5159a759e25c976

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 19 Oct 2023 17:32:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: aihqayGRfAI+pQ/9HjBZ6Pqx3jUuM5NdCqacAZCmppVPkSSnj0CggXo4m2gbCjJmTabcaZCJyE1a72A5zwRMdA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 54ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je3ai0&_p=1821575487&_gaz=1&cid=1789758332.1697736743&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697736742&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2Four-story-email&dt=Get%20to%20Know%20EF%20%7C%20EF%20Educational%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=1789758332.1697736743&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 162ms
75ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=1789758332.1697736743&gtm=45je3ai0&aip=1&z=800697683

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
810 B 106ms
36ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1697736742656&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1377362719194383
content-length: 385
pin-unauth: dWlkPU0yVmxaVFZoWmpRdE5qZzVPUzAwT0RZM0xXRmlZV0l0TldVNVlqQTJNMk15WXpZeg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
498 B 106ms
37ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1697736742657&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8450659520255585
content-length: 385
pin-unauth: dWlkPU9XTTNOV1psTW1VdE5EQmhaQzAwWVRobExUaGtOMk10TURBM09EVXhPVEl6WlRjdw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTEyYzFhMzhjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 21ms
20ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ddaade48feb610d02e9b1e3d52f6c4521b1508da436251eb79911fa94ce9b45c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 2680d0cd
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023101711160586AACDD9DFCA030B3E30
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01af419792122bf10b6f037ec2017c5337444173f0d53c759bff709442a435ab26aabe2852b53718d184fa9041247314d3815722506ff7b52b49d8b9c1757be6fdd9343ebec459e1edd2f681d3d3534c029301eb6a3589f5bce1e48c3bb287751b
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
content-length: 102856

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
184 B 106ms
38ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2Four-story-email%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215c91276%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1697736742659
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/our-story-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:22 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1628343851768908
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 150ms
62ms XHR
application/json 54.216.227.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.227.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-227-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 593341c0fdb8d0035a3e88753c80ce66d99b4e79ecb81d00cab12ae82f8bbcd1

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 17:32:22 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2Four-story-email&rl=&if=false&ts=1697736742761&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697736742757.1915347333&cs_est=true&ler=empty&it=1697736742598&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/our-story-email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 19 Oct 2023 17:32:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_6291e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 17ms
16ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_6291e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id: 2680d2dd
date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202310171116052861D2814A7FC6B156D5
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016707a0730a71eb52f5168c3345b79ed82af10f7c1ae1075d7e83ff276b8150bb1711ef0855a007b136667f0f8e0befa252bb4de83647aac246eb75f071e03c5904cb3bd0e792a141f4794cf38bbf0c419215b7a4cef53efa693dff9ae2b43ff5
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=10
content-length: 35693

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
792 B 169ms
168ms Ping
text/plain 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2da676ee.2680d38d
date: Thu, 19 Oct 2023 17:32:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 143,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=54, inner; dur=51
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023101917322276A6FE23EBA45DF869DD
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.220.105.68
x-tt-trace-host: 01392bde94874d31fb968a84a99887dc7c67ff067c7e2205b37cd23970d95c3009649c7dd9bcfc8fb2cea381f92295d65410781df4cd0b5b356ddf7587d71bd52ffe205044819cf017cc83ac7f1636eb13537d728231777b40d4043c8b4eb066f5ef400d99fefdd6317cc5b85b4c8d6757
access-control-allow-headers: Authorization,*
expires: Thu, 19 Oct 2023 17:32:22 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
789 B 154ms
154ms Ping
text/plain 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1f1620ac.2680d393
date: Thu, 19 Oct 2023 17:32:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 136,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=55, inner; dur=46
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231019173222AC84425D263439809E00
x-cache-remote: TCP_MISS from a23-195-36-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 55,23.195.36.196
x-tt-trace-host: 01392bde94874d31fb968a84a99887dc7c67ff067c7e2205b37cd23970d95c3009da6ae30626580a4002498b512d47f0ab0af9ee197c98c1b4d119028358ae2d72a748379c26e8ed5c6a60d74f4ac73a1f6e5591fb4a5cce1408b7ad3756d7808e806b8ef965ccffcac604afd9663a8d85
access-control-allow-headers: Authorization,*
expires: Thu, 19 Oct 2023 17:32:22 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 56ms
56ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1697736742845&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU0yVmxaVFZoWmpRdE5qZzVPUzAwT0RZM0xXRmlZV0l0TldVNVlqQTJNMk15WXpZeg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2Four-story-email%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215c91276%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/our-story-email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:22 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1799480221219595
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery-2.1.1.min.js Show response
media.eftours.com/Content/js/libs/ 82 KB
29 KB 27ms
26ms Script
application/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-2.1.1.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1120894
content-length: 29569
x-ua-compatible: IE=edge
last-modified: Thu, 05 Oct 2023 15:53:42 GMT
server: cloudflare
etag: "07281da4f7d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac292f9ca5d8d-FRA
expires: Sat, 18 Nov 2023 17:32:22 GMT

GET
H2 200 nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
2 KB 37ms
36ms Script
application/javascript 2606:4700::6811:d648
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d648 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1966238
content-length: 2210
x-ua-compatible: IE=edge
last-modified: Thu, 21 Sep 2023 15:31:54 GMT
server: cloudflare
etag: "091bebfa0ecd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 818ac292f9cb5d8d-FRA
expires: Sat, 18 Nov 2023 17:32:22 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
789 B 187ms
187ms Ping
text/plain 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3074e9b9.2680d764
date: Thu, 19 Oct 2023 17:32:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 156,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=114, origin; dur=52, inner; dur=46
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310191732231900515132B1E9EAD06B
x-cache-remote: TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 53,23.220.105.89
x-tt-trace-host: 01392bde94874d31fb968a84a99887dc7c67ff067c7e2205b37cd23970d95c3009f30dfa3e14bb96602e9aeed7e1af1e03367097ec0325a475fbb65430221c5ac1f2d3320e24a911ad99fa3578b7fef9b245d27dedd19fe51f2afe72b58a12efa0298c079ec917d84b92a407e98af9c889
access-control-allow-headers: Authorization,*
expires: Thu, 19 Oct 2023 17:32:23 GMT

GET
H2 200 embedLinks.js Show response
fast.wistia.com/assets/external/ 58 KB
16 KB 34ms
20ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/embedLinks.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2de7607967ab371709a01c20ec5082612c351ebdfa283bed57c45ef6064edfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1194
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 15998
x-served-by: cache-iad-kiad7000038-IAD, cache-fra-eddf8230070-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:33 GMT
server: AmazonS3
x-timer: S1697736743.197898,VS0,VE3
etag: "e4af7ceea0e7e2834d32d69aec0098d1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 21ms
7ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

077760fe07ba148c11f5876718c2d4464b2cb3b97a1eccdee830113fe565fec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21016
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-eddf8230070-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:33 GMT
server: AmazonS3
x-timer: S1697736743.198063,VS0,VE0
etag: "87486d394ae6da1be123cb371aa80e54"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 47

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 472 KB
115 KB 20ms
8ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be1b4b6e4c98b1796b28a62a2e65e1309aabbf8bb3ffe898b68bb21a4a70b771

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1199
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117627
x-served-by: cache-iad-kcgs7200101-IAD, cache-fra-eddf8230070-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:33 GMT
server: AmazonS3
x-timer: S1697736743.198036,VS0,VE0
etag: "6780af61f69dfba564a33e8887c69210"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 31

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame BA7A 565 B
426 B 37ms
37ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 17:32:23 GMT
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1222489193191810

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 141ms
102ms Fetch
text/plain 2600:9000:236e:ba00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:ba00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: Vjd6N9U_OJzlqJzyb5zCPLC0feebrtRYXPMMB7V3zzc9H_VSW-8fhw==

POST
H2 204 x
distillery.wistia.com/ 0
0 138ms
101ms Fetch 13.225.78.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-120.fra2.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: dIBsumRsLuU3ZN-2OB5tGdVosu-8GfE1YlPhxHBp6v0veJsO6ALF2w==

GET
H2 200 keca6s3pmw.m3u8 Show response
fast.wistia.com/embed/medias/ 932 B
2 KB 9ms
8ms XHR
application/x-mpegurl 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/keca6s3pmw.m3u8

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

71749a84c8960f8fef876df8f4cd50590db078ac38d9d8e01e54645ad5efd92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
via: 1.1 76a7fdbced88b6eccf433c4e386bae40.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 1507
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 31
content-length: 932
x-request-id: 55394bb2-7488-4c5d-9860-907e369f149d
x-served-by: cache-iad-kcgs7200126-IAD, cache-fra-eddf8230070-FRA
x-runtime: 0.029212
x-browser-version: 118
server: envoy
x-timer: S1697736743.298548,VS0,VE2
etag: W/"71749a84c8960f8fef876df8f4cd5059"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XTZAefE2_fTGHYVGNwiKhVsYoi-MwdIm-xVafKNPI_5RrAPpoLTvhA==
x-cache-hits: 544, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 7ms
6ms Image
image/gif 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.eftours.com/
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2558
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230070-FRA
x-browser-version: 118
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1697736743.304611,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8271863, 118

GET
H2 200 e3b02e9b563ad1ad619f4461b44560ea7cf27a75.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 224 B
806 B 60ms
9ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:c00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/e3b02e9b563ad1ad619f4461b44560ea7cf27a75.m3u8
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 65b3493ca44fc69c6a3f2c604a64dd0c71eb599d64121f4e5aeafa4602259f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:50:09 GMT
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 290534
edge-cache-tag: e3b02e9b563ad1ad619f4461b44560ea7cf27a75-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 125
content-length: 224
surrogate-key: e3b02e9b563ad1ad619f4461b44560ea7cf27a75-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SIi8nsl1_9KMYd7vas58P7oWOWYzbc0xzg8Ywnkp34yMyDbufipy7w==
expires: Tue, 15 Oct 2024 08:50:09 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f45e67f7f83d12b939ee8a9c87c15c02ffbf63cfee88690ec1d54d477ea2f075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/e3b02e9b563ad1ad619f4461b44560ea7cf27a75.m3u8/ 1 MB
1 MB 10ms
9ms XHR
video/mp2t 2600:9000:211e:c00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/e3b02e9b563ad1ad619f4461b44560ea7cf27a75.m3u8/seg-1-v1-a1.ts
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: da481afb44a2470a64d16fc2343e593473be22da51360b16676c78ac214ad13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:41:52 GMT
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 456630
edge-cache-tag: e3b02e9b563ad1ad619f4461b44560ea7cf27a75-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 223
content-length: 1411128
surrogate-key: e3b02e9b563ad1ad619f4461b44560ea7cf27a75-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sFeaZ97LClH0WeN4qOOkHq3yDWLn-jFwOCgD0lMJNAc5iF8pgFVAcA==
expires: Sun, 13 Oct 2024 10:41:52 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
326 B 101ms
100ms Fetch
text/plain 2600:9000:236e:ba00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:ba00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Oct 2023 17:32:23 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: p6doCLo2tblsVbtGUXZ-Gi48j7BLYSO_DGpwW62yw1mPN15iRgH_ow==

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 7ms
7ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5ba1cbaffa1cfdd845e826a727fbc8387859efd352100f57002da3aaea3d7c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:32:24 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1200
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5798
x-served-by: cache-iad-kiad7000059-IAD, cache-fra-eddf8230070-FRA
x-browser-version: 118
last-modified: Thu, 19 Oct 2023 17:11:32 GMT
server: AmazonS3
x-timer: S1697736744.185474,VS0,VE0
etag: "6e537a2c3058089a0e4d40771baf0480"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: f604b983df9d531109785a2b9f213e86bec00ede
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 28

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je3ai0&_p=1821575487&cid=1789758332.1697736743&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1697736742&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2Four-story-email&dt=Get%20to%20Know%20EF%20%7C%20EF%20Educational%20Tours&en=page_view&_ee=1&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 17:32:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET core
js.driftt.com/ Frame 15C1 0
0

GET
H2 200 chat Show response
js.driftt.com/core/ Frame CE04 2 KB
1 KB 110ms
110ms Document
text/html 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1697736900000/5by59bm3fdyy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b1e27c31d6f1c04fdb692789b7ebae6eef1ad92f5febc39b1281515abd78cf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 17:32:28 GMT
etag: W/"3a10d93a8e3b46d18d1def05bf45653f"
last-modified: Wed, 18 Oct 2023 19:27:45 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-id: byRLvJCMtr93sR_BWNw8CqnANNQISvOHEXqD6LaDsTAmRV2DSpcGYg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: 4izk7On8Z6bnk7PIYB_xncSltDxCogDn
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 13

GET
H2 200 runtime~main.d639987d.js Show response
js.driftt.com/core/assets/js/ Frame CE04 6 KB
3 KB 9ms
8ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d639987d.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d93e1c5100859ae978c81f2cc7d428b1ead087c4cd12a1b86eb55c9013ed5fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:27:44 GMT
x-amz-version-id: ZdrPqph.Zti3EBV5aQRVsxtHcARgquaj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 79484
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 18 Oct 2023 18:16:55 GMT
server: istio-envoy
etag: W/"a6c6d97cd26f8b83449bd8a17d1508d0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xcQ2cdrTiVBpuNbEOY9HJf-fV3hxlm4cQc9DuU_DizyldSRHXYAXtg==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE04 35 KB
13 KB 9ms
9ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:18:07 GMT
x-amz-version-id: q5pTVpOtKy3mkc3tgJvo47OHqvdilate
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7834460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 20 Jul 2023 18:22:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SiBBfRzf_GcCh7hmfC72QtYXD37k97FD8p_zcjHJg74c43r5MSRQ6Q==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE04 7 KB
3 KB 10ms
10ms Script
application/javascript 18.66.112.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-55.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1697736741662
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: OTiYyuMgyycXvMHseM5MN77RPTRQczpn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2538334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 18 Sep 2023 19:58:07 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WC0CoK4WsLMarsWqWLvZtu1MWYOiAPEi8jYeEkrZPIHrP0n6cGu4AA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=091bd39f-d2d8-4c92-8a54-453d642a736f&sessionStarted=1697736748.331&campaignRefreshToken=cda3b836-2f1e-442a-b8ad-04763ddad05c&hideController=false&pageLoadStartTime=1697736741662&mode=CHAT&driftEnableLog=false&loadStrategy=ON_INTERACTIVE&secureIframe=false&u=https%3A%2F%2Fwww.eftours.com%2Four-story-email

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eftours.com/	1970-01-21 00:57:12	Name: AMCV_014E03975E4DD0E30A495FDB%40AdobeOrg Value: MCMID%7C21341432734201937912430254948919803903
.eftours.com/	1969-12-31 23:59:59	Name: nlid Value: 5ef221f4\|1ae7fc94
.eftours.com/	1970-01-21 00:57:12	Name: nllastdelid Value: 1ae7fc94
www.eftours.com/	1970-01-20 15:45:41	Name: AWSALB Value: FHzbuIWi530qVXY7Tk3ZzyfZjK0Pt0yHpeL2dXfg4mjsmPVJP0e4fb51F114ZlFIxYg0hwSgzTt6/XHNqpBEbJSkKWY1LbeFXOcnwJXV5cEOCgnzjzQFQS83gZMy
www.eftours.com/	1970-01-20 15:45:41	Name: AWSALBCORS Value: FHzbuIWi530qVXY7Tk3ZzyfZjK0Pt0yHpeL2dXfg4mjsmPVJP0e4fb51F114ZlFIxYg0hwSgzTt6/XHNqpBEbJSkKWY1LbeFXOcnwJXV5cEOCgnzjzQFQS83gZMy
www.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: t3rpoorr5gceel5b0qtcmy5k
www.eftours.com/	1970-01-21 01:11:36	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 7003ef5d913b4e23a7aace9f1e582f29\|False
.eftours.com/	1969-12-31 23:59:59	Name: PriceDefault Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/	1969-12-31 23:59:59	Name: recent Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/	1970-01-20 15:35:38	Name: __cf_bm Value: .hxcx8WJgtC_wFzefbNN3WqMEBi_Y.NMdCw71UivgMY-1697736741-0-Ad0SaYmoBt5J1MnQJ2C6MzQfwSNoIV0DiTDDxm6Xri/yafZCXY6J+JjUCm4I73QFJ7NYomFmwEsVC5mi2Ev0IclnbdTC/PRXeXhLiOH3BwUW
.eftours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: I3uBGSAHR2MzAG8xfnVI4k6xtW4Dldp9HHhOoMhDEXc-1697736741451-0-604800000
.eftours.com/	1970-01-20 17:45:12	Name: _gcl_au Value: 1.1.829707773.1697736742
.eftours.com/	1970-01-20 15:37:03	Name: _uetsid Value: 7623f0906ea511ee94a6fb7ddc8e9958
.eftours.com/	1970-01-21 00:57:12	Name: _uetvid Value: 762439906ea511ee9405e944e64ab966
.eftours.com/	1970-01-21 00:21:12	Name: cf_clearance Value: z1ZbF3Uzre7yHgc18mE.IuPaLW1BvSwKKQwoRbLMckY-1697736742-0-1-6e709441.609314c5.3971cba1-0.2.1697736742
.bing.com/	1970-01-21 00:57:12	Name: MUID Value: 12E06BA0D5466AA824B7780FD4466BD3
.eftours.com/	1970-01-21 01:11:36	Name: _ga Value: GA1.1.1789758332.1697736743
.tiktok.com/	1970-01-21 00:57:12	Name: _ttp Value: 2WzYBokwsP3p5hSIyZDIlBjD5Q3
.eftours.com/	1970-01-21 01:11:36	Name: _ga_9JLH500JCE Value: GS1.1.1697736742.1.1.1697736742.60.0.0
.eftours.com/	1970-01-20 15:35:38	Name: _hjFirstSeen Value: 1
.eftours.com/	1970-01-20 15:35:36	Name: _hjIncludedInSessionSample_157276 Value: 1
.eftours.com/	1970-01-20 15:35:38	Name: _hjSession_157276 Value: eyJpZCI6ImRjMjY0NGI0LTNiYjMtNGU1My1iMzdlLTI2YmU0MjhhM2VmZCIsImNyZWF0ZWQiOjE2OTc3MzY3NDI2OTMsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.eftours.com/	1970-01-21 00:21:12	Name: _hjSessionUser_157276 Value: eyJpZCI6IjhhNDk5ZmQ2LWY2ODAtNTc0Ni1hMzY0LWRiZjU5ZTFhZDBmOSIsImNyZWF0ZWQiOjE2OTc3MzY3NDI2OTEsImV4aXN0aW5nIjp0cnVlfQ==
.eftours.com/	1970-01-20 15:35:38	Name: _hjAbsoluteSessionInProgress Value: 0
.eftours.com/	1970-01-20 17:45:12	Name: _fbp Value: fb.1.1697736742757.1915347333
.pinterest.com/	1970-01-21 00:21:12	Name: ar_debug Value: 1
.eftours.com/	1970-01-21 00:57:12	Name: _tt_enable_cookie Value: 1
.eftours.com/	1970-01-21 00:57:12	Name: _ttp Value: j5gzFsR__Tn9OoFmTp0UErmda0D
.eftours.com/	1970-01-21 00:21:12	Name: _pin_unauth Value: dWlkPU0yVmxaVFZoWmpRdE5qZzVPUzAwT0RZM0xXRmlZV0l0TldVNVlqQTJNMk15WXpZeg
.ct.pinterest.com/	1970-01-21 00:21:12	Name: _pinterest_ct_ua Value: "TWc9PSZhSXBUeDBheFpOcDJKN1NIVnhudEYzd05JOExIRnpZVlNUY1NJSFl6VWFHazM0N3BrRXhPUk91RmgvNW4vdDVFemd2UVB0VWtnUVZHTWRZQWdJZVp4ZjRoNW9iWlNORGtFR0tWeDY3Umgwbz0mbkZCV1FvaW1KMDFzYjZrR2hPY2lSekQzcW5RPQ=="

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
bat.bing.com
connect.facebook.net
content.hotjar.io
ct.pinterest.com
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
js.driftt.com
media.eftours.com
pipedream.wistia.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
t1.links.eftours.com
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.de
www.googletagmanager.com
js.driftt.com
13.225.78.120
13.32.27.19
151.101.192.84
18.66.112.55
18.66.97.37
2001:4860:4802:34::36
23.36.163.224
2600:9000:211e:a00:1e:c86:4140:93a1
2600:9000:211e:c00:1e:c86:4140:93a1
2600:9000:236e:ba00:3:471f:5240:93a1
2606:4700::6811:d648
2620:1ec:c11::200
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c02::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::644
2a04:4e42:8d::84
52.222.236.71
52.88.136.200
54.216.227.15
06638d1be127b15d169bdf31db6ff6c0757bb281fb04dd9e001cfcd29f3f9480
077760fe07ba148c11f5876718c2d4464b2cb3b97a1eccdee830113fe565fec1
0b653c3aaaa3bf24b443e647fb0eeab7caa7394562a64d403b1b992fc365cc11
0b7d4ac471db59b25f7c580bc5b944f740717a127afe6cb25769e6de090c6ed2
18f23bdbe5b2161d645e6e5dd8bdeee3f4f031bb7778940918c681ca478c83d1
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
26cc758acc5b5c7f281db6febcae369229ee274b350df5dcddc145e755beb588
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2d73bc6aa56f9130cbb05c1f8bcbae892487b714565ce375ecb91538f35e2871
2de7607967ab371709a01c20ec5082612c351ebdfa283bed57c45ef6064edfd3
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
41b62dd1fae567811cc3e3551ada2feaca501df7ae5f81e9b5159a759e25c976
4583d7f47a6f033a7d508e4d91a26c6cf0ca421571d1006c47123a6e99ccb6dd
473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4a7db5efa08d05127e672d74f3e595575ec3ba6275c15a445fe42c96dd0883cd
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
514e99bc866993616752bf2b54ea054fb7f25e3cf12e7a3404e08f91f9621fe2
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
593341c0fdb8d0035a3e88753c80ce66d99b4e79ecb81d00cab12ae82f8bbcd1
5ba1cbaffa1cfdd845e826a727fbc8387859efd352100f57002da3aaea3d7c42
65b3493ca44fc69c6a3f2c604a64dd0c71eb599d64121f4e5aeafa4602259f03
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6bdfea37cae67f3fd6ef85e870e788992de731f33a317c76373f3a0c92893683
6d16b9c604411bbd4101a9f53e6be1e2832cb261cb56e509813ac7ee93bf4e73
6fafc77a64336ea4db605b9c8ec9fb0bf34f61f9198f4e5fd5a7524f659173d1
71749a84c8960f8fef876df8f4cd50590db078ac38d9d8e01e54645ad5efd92e
7fec0a18bb8460fc200cfa086066ef50356dc403676822d8c83caec89dd2f8ad
857198327dcc6a19e7580a55bcebd4a27871b4d23426a44f336ad2b9beba3f49
8853a051fce014cec795741528863cd94dd3bff6383a9c9b252e6367bd91dd63
8d1e1fefe16898c4b309bcda376ee9cfbcea9799073c58fb15a9b5af562e7930
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f
9bcf6d29132bfcf11180a08c00bff05daa896a9d5174c56873b698c51372a1ba
9c8e0043ebc1903ba1b667fbfc7ee177514dd6a4a845a5747f4dcbbcae989488
a6f45b5140e70f44a73db3fa7c88dd73f39fba8277efaaf1eef22de77052a4c6
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c
b1e27c31d6f1c04fdb692789b7ebae6eef1ad92f5febc39b1281515abd78cf96
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
be0e6349b48866b6abc3d338772e025f18a0cc1b22391cf26b48b8b35a539478
be1b4b6e4c98b1796b28a62a2e65e1309aabbf8bb3ffe898b68bb21a4a70b771
c3ce36894787d761085e5caf7d9ea2f9fee938d463eb9eddaf5335539fba8731
c6ba0c31d78a21fc57d4fa4750394091a622ecf9cbe49d1317b7f01ab3d45976
d213296a1bfbee4a1cc955340006dbc26ed08f97561f7a105b15ed6b18bd87d9
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
d5283cfa89323c90fced6f5ae98b4bde9ac1b6a357c9e29417b4d6850497362f
d93e1c5100859ae978c81f2cc7d428b1ead087c4cd12a1b86eb55c9013ed5fe1
da481afb44a2470a64d16fc2343e593473be22da51360b16676c78ac214ad13b
ddaade48feb610d02e9b1e3d52f6c4521b1508da436251eb79911fa94ce9b45c
e12b6a1c983346e93dda9f7c4b3b4ec638cc9cb20bcb9e394f5cec6bd57247d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45e67f7f83d12b939ee8a9c87c15c02ffbf63cfee88690ec1d54d477ea2f075
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

www.eftours.com Open in urlscan Pro 2606:4700::6811:d648 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

59 %IPv6

16 Domains

23 Subdomains

22 IPs

4 Countries

4317 kBTransfer

7671 kBSize

30 Cookies

17 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eftours.com Open in urlscan Pro
2606:4700::6811:d648 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

59 %
IPv6

16
Domains

23
Subdomains

22
IPs

4
Countries

4317 kB
Transfer

7671 kB
Size

30
Cookies

74 HTTP transactions
1 data transactions