www.eftours.com Open in urlscan Pro
52.7.127.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eftours.com/
Effective URL:
https://www.eftours.com/
Submission: On September 30 via manual (September 30th 2019, 1:44:13 pm UTC) from US

Summary HTTP 67 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 13 domains to perform 67 HTTP transactions. The main IP is 52.7.127.254, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.eftours.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on June 11th 2018. Valid for: 2 years.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.7.127.254 52.7.127.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	93.184.220.20 93.184.220.20	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
23	2a02:26f0:6c0... 2a02:26f0:6c00:288::25c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.102.227 147.75.102.227	54825 (PACKET) (PACKET - Packet Host)
11	2606:4700:20:... 2606:4700:20::6819:5365	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	143.204.214.86 143.204.214.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.247.224.65 72.247.224.65	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	147.75.204.174 147.75.204.174	54825 (PACKET) (PACKET - Packet Host)
1	147.75.204.150 147.75.204.150	54825 (PACKET) (PACKET - Packet Host)
1	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
67	18

4 52.7.127.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-127-254.compute-1.amazonaws.com

www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.20 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

fast.fonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:26f0:6c00:288::25c8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.227 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-7

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::6819:5365 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.86 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-86.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.224.65 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-65.deploy.static.akamaitechnologies.com

player.ooyala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.174 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.150 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-8

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	eftours.com 1 redirects www.eftours.com media.eftours.com landing.eftours.com Failed	1 MB
12	lytics.io c.lytics.io api.lytics.io	41 KB
8	google-analytics.com www.google-analytics.com	18 KB
3	facebook.com www.facebook.com	443 B
3	facebook.net connect.facebook.net	119 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	75 KB
2	driftt.com js.driftt.com	44 KB
2	bing.com bat.bing.com	8 KB
2	fonts.com fast.fonts.com	950 B
1	gstatic.com www.gstatic.com	92 KB
1	ooyala.com player.ooyala.com
1	googletagmanager.com www.googletagmanager.com	50 KB
1	google.com www.google.com	582 B
67	13

	Domain	Requested by
23	media.eftours.com	www.eftours.com media.eftours.com
11	c.lytics.io	www.googletagmanager.com c.lytics.io www.eftours.com
8	www.google-analytics.com	www.googletagmanager.com www.eftours.com
4	www.eftours.com	1 redirects www.eftours.com
3	www.facebook.com	www.eftours.com
3	connect.facebook.net	www.eftours.com connect.facebook.net
2	js.driftt.com	www.eftours.com js.driftt.com
2	bat.bing.com	www.googletagmanager.com www.eftours.com
2	fast.fonts.com	www.eftours.com
1	api.lytics.io	c.lytics.io
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	player.ooyala.com	media.eftours.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.eftours.com
1	www.google.com	www.eftours.com
0	landing.eftours.com Failed	media.eftours.com www.eftours.com
67	18

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
landing.eftours.com
www.efexploreamerica.com
careers.ef.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.efcollegestudytours.com
girltrips.eftours.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com
www.ef.edu

Subject Issuer	Validity	Valid
*.efvoyages.ca Trusted Secure Certificate Authority 5	`2018-06-11` - `2020-09-12`	2 years	crt.sh
gp1.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-01-29` - `2021-03-19`	2 years	crt.sh
www.englishtown.com GeoTrust RSA CA 2018	`2019-04-02` - `2020-07-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
ssl379818.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-26` - `2020-02-01`	6 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
drift.com Amazon	`2018-10-17` - `2019-11-17`	a year	crt.sh
*.ooyala.com DigiCert SHA2 Secure Server CA	`2019-05-09` - `2020-07-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.lytics.io RapidSSL TLS RSA CA G1	`2018-01-26` - `2020-01-06`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.eftours.com/
Frame ID: 4972DFDF58593ACB77117A80EAB5B226
Requests: 62 HTTP requests in this frame

Frame: https://player.ooyala.com/ooyala_storage.html
Frame ID: 2854301C8BCB287876298B8C55F6CA36
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: FF40DC383CC9DC03A85298F331C2DCE3
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: AEDF1BFA39B30F6D65CD95E3C9DFC526
Requests: 1 HTTP requests in this frame

Frame: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.187973544.1297463582.1569851036-1315323788.1569851036
Frame ID: 9675F1368D2F472E7B0B3F0BA858A543
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.eftours.com/ HTTP 302
https://www.eftours.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

97 %
HTTPS

53 %
IPv6

13
Domains

18
Subdomains

18
IPs

6
Countries

1586 kB
Transfer

4503 kB
Size

18
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://landing.eftours.com/hbox2?source=WWWMOHB&visit=94a3c64c-49e1-456d-bf73-9ef5bad5d369&visitor=c2de8abc-1012-42e1-9e12-5507ba531944
Title:

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/inspiration/stories/ef-student-spotlight-sam
Title:

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/educational-tour/washington-dc-williamsburg
Title: Washington, D.C.

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/journal
Title: EF Journal

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours
Title:

Search URL Search Domain Scan URL

URL: https://www.efcollegestudytours.com/
Title: EF College Study Tours

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girl Scouts

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/
Title:

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eftours.com/ HTTP 302
https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eftours.com/
Redirect Chain

http://www.eftours.com/
https://www.eftours.com/

47 KB
14 KB

532ms
333ms

Document
text/html

52.7.127.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.127.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-7-127-254.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

19434405dc491c227f469a6e1bde945132dad81575af94219080fea8e7f2c6f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.eftours.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: AWSALB=HlgABOBe9PTUgRTGVu+1qjLNnFqnng2mAQ2AO+pk4rlFyoWRRktD7Y1SIFMqR5kroj2uiZfQ3LoxJM79TC6hDKp23nySG30VrOrMibR80lQMl1wZJE1SjB+tfyPn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 30 Sep 2019 13:43:55 GMT
content-type: text/html; charset=utf-8
content-length: 14004
set-cookie: AWSALB=FDVKgD6R0Jl0rkBkc+iwlPks6fcbuxXxyz1+pJp2bF66/cIycWiFcy8/b96Xv3kUReXOBmo7X+tvVpYr6I+fq0qR++VXDrT/Y8j0beRBc0EL4sSJ5eNlzvs63zGw; Expires=Mon, 07 Oct 2019 13:43:55 GMT; Path=/ ASP.NET_SessionId=iie3ef3byblp1aijkmivpccn; path=/; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=c2de8abc101242e19e125507ba531944|False; expires=Sun, 30-Sep-2029 13:43:01 GMT; path=/; HttpOnly PriceDefault=e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=; domain=.eftours.com; path=/ recent=e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==; domain=.eftours.com; path=/
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN

Redirect headers

Date: Mon, 30 Sep 2019 13:43:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 147
Connection: keep-alive
Set-Cookie: AWSALB=HlgABOBe9PTUgRTGVu+1qjLNnFqnng2mAQ2AO+pk4rlFyoWRRktD7Y1SIFMqR5kroj2uiZfQ3LoxJM79TC6hDKp23nySG30VrOrMibR80lQMl1wZJE1SjB+tfyPn; Expires=Mon, 07 Oct 2019 13:43:55 GMT; Path=/
Location: https://www.eftours.com/
Server: Microsoft-IIS/8.5
X-UA-Compatible: IE=edge
X-Frame-Options: SAMEORIGIN

GET
H2 200 VisitorIdentification.js Show response
www.eftours.com/layouts/system/ 2 KB
1 KB 101ms
100ms Script
application/javascript 52.7.127.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/layouts/system/VisitorIdentification.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.127.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-7-127-254.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 20 Aug 2019 17:21:44 GMT
server: Microsoft-IIS/8.5
etag: "04f4bc7b57d51:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 922
x-ua-compatible: IE=edge

GET
H2 200 217e2b8a-1675-4def-b196-05880749e54c.css
fast.fonts.com/cssapi/ 4 KB
848 B 79ms
19ms Stylesheet
text/css 93.184.220.20
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.com/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6BCB) /
Resource Hash: 7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 15:32:56 GMT
server: ECS (amb/6BCB)
status: 200
etag: "4182405175+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 658
expires: Mon, 07 Oct 2019 13:43:56 GMT

GET
H/1.1 200
OK baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn
media.eftours.com/bundles/css/ 539 KB
86 KB 80ms
31ms Stylesheet
text/css 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2153692
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 87304
Expires: Fri, 25 Oct 2019 11:58:48 GMT

GET
H/1.1 200
OK modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
5 KB 76ms
28ms Script
text/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Sep 2019 16:30:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2515605
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 4810
Expires: Tue, 29 Oct 2019 16:30:41 GMT

GET
H/1.1 200
OK halftile-collections-popular_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/ 16 KB
17 KB 92ms
44ms Image
image/jpeg 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-popular_optimized.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Thu, 01 Mar 2018 17:21:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2515600
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="halftile-collections-popular_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16708
Expires: Tue, 29 Oct 2019 16:30:36 GMT

GET
H/1.1 200
OK halftile-collections-stem_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/ 28 KB
28 KB 79ms
31ms Image
image/jpeg 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-stem_optimized.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Wed, 31 Jan 2018 14:10:40 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2515679
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="halftile-collections-STEM_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28457
Expires: Tue, 29 Oct 2019 16:31:55 GMT

GET
H/1.1 200
OK collections-tile-vietnam.jpg
media.eftours.com/~/media/images/etus/collections/market-development-tours/ 146 KB
147 KB 18ms
18ms Image
image/jpeg 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/market-development-tours/collections-tile-vietnam.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Thu, 11 Oct 2018 14:11:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2515650
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Collections-Tile-Vietnam.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149797
Expires: Tue, 29 Oct 2019 16:31:26 GMT

GET
H/1.1 200
OK safety_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 24 KB
24 KB 10ms
8ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/safety_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Wed, 31 Jan 2018 16:39:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2515645
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Safety_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24139
Expires: Tue, 29 Oct 2019 16:31:21 GMT

GET
H/1.1 200
OK pre-tour-training-low.png
media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/ 21 KB
21 KB 64ms
63ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/pre-tour-training-low.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Mon, 05 Feb 2018 21:03:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2515680
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="pre-tour-training-low.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21009
Expires: Tue, 29 Oct 2019 16:31:56 GMT

GET
H/1.1 200
OK academics_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 25 KB
25 KB 18ms
10ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/academics_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Mon, 05 Feb 2018 21:17:40 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2515616
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Academics_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25360
Expires: Tue, 29 Oct 2019 16:30:52 GMT

GET
H/1.1 200
OK value_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 21 KB
22 KB 19ms
9ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/value_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Mon, 05 Feb 2018 20:38:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2515642
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Value_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21805
Expires: Tue, 29 Oct 2019 16:31:18 GMT

GET
H/1.1 200
OK sammm.jpg
media.eftours.com/~/media/images/etus/homepage/ 47 KB
47 KB 14ms
11ms Image
image/jpeg 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/sammm.jpg?h=307&w=460

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Mon, 28 Jan 2019 14:23:23 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2515682
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Sammm.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48196
Expires: Tue, 29 Oct 2019 16:31:58 GMT

GET
H/1.1 200
OK gls2.png
media.eftours.com/~/media/images/etus/homepage/ 62 KB
62 KB 16ms
14ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/gls2.png?h=370&w=360

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Mon, 05 Feb 2018 19:48:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2515604
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="gls2.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63021
Expires: Tue, 29 Oct 2019 16:30:40 GMT

GET
H/1.1 200
OK ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/ 6 KB
7 KB 15ms
13ms Image
image/png 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Wed, 26 Sep 2018 19:51:55 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=1978165
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="EF-logo-footer_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6326
Expires: Wed, 23 Oct 2019 11:13:21 GMT

GET
H/1.1 200
OK ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1 Show response
media.eftours.com/bundles/ 1 MB
289 KB 13ms
13ms Script
text/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Sep 2019 16:30:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2515599
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 295937
Expires: Tue, 29 Oct 2019 16:30:35 GMT

GET
H/1.1 200
OK ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn
media.eftours.com/bundles/css/ 102 KB
13 KB 7ms
7ms Stylesheet
text/css 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2153692
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 13017
Expires: Fri, 25 Oct 2019 11:58:48 GMT

GET
H/1.1 200
OK rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1 Show response
media.eftours.com/bundles/ 13 KB
4 KB 9ms
9ms Script
text/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Sep 2019 14:36:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2508753
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 3161
Expires: Tue, 29 Oct 2019 14:36:29 GMT

GET
H/1.1 200
OK requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
6 KB 15ms
15ms Script
text/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Sep 2019 16:30:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2515646
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 6108
Expires: Tue, 29 Oct 2019 16:31:22 GMT

GET
H/1.1 200
OK rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1 Show response
media.eftours.com/bundles/ 682 B
778 B 16ms
16ms Script
text/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Sep 2019 16:30:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2515612
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 347
Expires: Tue, 29 Oct 2019 16:30:48 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 789 B
582 B 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

e42d936a08c52f0a3895b075288430d23eaa4209bedb42d1a8d385b92a8063e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 485
x-xss-protection: 1; mode=block
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
50 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ab9768c053294d516e8ecf5493c08883fd9a246e72614620d2094788fe27a50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: br
last-modified: Mon, 30 Sep 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51355
x-xss-protection: 0
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H2 200 1.css
fast.fonts.com/t/ 0
102 B 19ms
19ms Stylesheet
text/css 93.184.220.20
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.com/t/1.css?apiType=css&projectid=217e2b8a-1675-4def-b196-05880749e54c
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (amb/6B75)
etag: "616070693"
status: 200
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H/1.1 200
OK test14_interlaced_optimized.jpg
media.eftours.com/~/media/images/etus/homepage/ 222 KB
223 KB 17ms
17ms Image
image/jpeg 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/test14_interlaced_optimized.jpg?mw=1600

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Last-Modified: Tue, 26 Jun 2018 19:31:05 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2515643
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="test14_interlaced_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 227453
Expires: Tue, 29 Oct 2019 16:31:19 GMT

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
24 KB 107ms
107ms Font
application/font-woff2 52.7.127.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.127.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-7-127-254.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.eftours.com/
Origin: https://www.eftours.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
last-modified: Tue, 20 Aug 2019 17:21:40 GMT
server: Microsoft-IIS/8.5
status: 200
etag: "0aa91ba7b57d51:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 23756
x-ua-compatible: IE=edge

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4678
date: Mon, 30 Sep 2019 12:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 30 Sep 2019 14:25:58 GMT

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 7 KB
2 KB 88ms
87ms Script
application/javascript 147.75.102.227
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.227 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-7

Software

openresty /

Resource Hash

5938d368291b6d8bb590efc4d250a11010793b864aee99be0949cce4235673c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 207
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2080
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/89118d1f83c7be22fbda7a4c637be543
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.074
section-io-id: 9c5007060df0c2eccbce7d33db149176
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/2858/ 45 KB
11 KB 249ms
189ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/2858/lio.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51e6a0f18b40cbbc-VIE
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Mon, 30 Sep 2019 15:43:56 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 76ms
47ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:55 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 0D95D93CAE2A4F86A4F4356243F8B5F0 Ref B: VIEEDGE0716 Ref C: 2019-09-30T13:43:56Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: v7VLU+FclFC1T0IzY8WVMWF1WriTUXQbySF5DHC8DRjU458kkErGXGCcHrwZiaem+od4bAyCJSxbwqO5QSH1Ew==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 30 Sep 2019 13:43:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1569851100000/ 132 KB
44 KB 212ms
150ms Script
application/javascript 143.204.214.86
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1569851100000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-86.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:41:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 25 Sep 2019 17:06:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -Ufmjy8ODQZ_3IKN_lFbZ6lRrOcnPKDUT_vuVFK6SjDU0O4CIf4aAw==

GET
H/1.1 200
OK ooyala_storage.html
player.ooyala.com/ Frame 2854 0
0 109ms
29ms Document
text/html 72.247.224.65
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ooyala.com/ooyala_storage.html
Requested by: Host: media.eftours.com
URL: https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.65 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: player.ooyala.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.eftours.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

x-amz-id-2: KYqBA5msGBBjRlqQEayVn7yoUrdGHcwDcyi9vZNbswrkfdCRLPyGKUV/1OLUGtSvM0UUMWePueI=
x-amz-request-id: B23E51000AD3D362
Last-Modified: Tue, 18 Jul 2017 21:57:32 GMT
ETag: "84f213d7453fbc34816c118bd5a4a70c"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 1211
Cache-Control: public, max-age=477277
Date: Mon, 30 Sep 2019 13:43:56 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK bootstrap.762a99f3.js Show response
media.eftours.com/content/js-build/ 33 KB
12 KB 21ms
20ms Script
application/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.762a99f3.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:40 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0aa91ba7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2515711
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11529
X-UA-Compatible: IE=edge

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/ 262 KB
92 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 18:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Sep 2019 00:09:51 GMT
server: sffe
age: 588079
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94031
x-xss-protection: 0
expires: Tue, 22 Sep 2020 18:22:37 GMT

GET
H2 200 1602422636701009 Show response
connect.facebook.net/signals/config/ 308 KB
78 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1602422636701009?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79816
x-xss-protection: 0
pragma: public
x-fb-debug: fnAaFbsKUSbZ8l/+BMj446AeDstw/T55prToogQLFibTANI6rxMlSLVLUwtPVSMr7hcnpa3gc1OoiPSjx0mrDA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 30 Sep 2019 13:43:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: ex+KJl5IWNBYSsl3ogGWR3W5EdGOhdUoPKEqBqr2dSEpc+mIwPe10PZhnKWc4Ha8qjeWDR/T/2oNrMFn2aedgQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 30 Sep 2019 13:43:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=c700fee1-5001-d9e7-0b1f-c8243596d615&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=1091&evt=pageLoad&msclkid=N&rn=428582
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 30 Sep 2019 13:43:55 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B78092BA6E424E90AFFA1CF11EA310A4 Ref B: VIEEDGE0716 Ref C: 2019-09-30T13:43:56Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jquery-2.1.1.min.js Show response
media.eftours.com/Content/js/libs/ 82 KB
29 KB 26ms
25ms Script
application/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-2.1.1.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:40 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0aa91ba7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2515713
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29548
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK hoverbox.1c6de06e.js Show response
media.eftours.com/content/js-build/core/modules/ 74 KB
22 KB 26ms
25ms Script
application/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/hoverbox.1c6de06e.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0d7c2bb7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2515706
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22397
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK carousel.03d23224.js Show response
media.eftours.com/content/js-build/core/modules/ 20 KB
6 KB 77ms
76ms Script
application/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/carousel.03d23224.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0d7c2bb7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2515687
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5756
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
2 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:288::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:288::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 13:43:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0d7c2bb7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2515614
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1795
X-UA-Compatible: IE=edge

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569851036423&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569851036423.767647807&it=1569851036389&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H2 200 modules.6aea76fcad17f98bd75d.js Show response
script.hotjar.com/ 431 KB
73 KB 139ms
139ms Script
application/javascript 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.6aea76fcad17f98bd75d.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash: e6798df5ccd72cf937ba8d54ecfa773673752f454a4346117f5728d2c649d2b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: br
last-modified: Thu, 26 Sep 2019 16:28:13 GMT
status: 200
etag: "767972bb05e43168de6c884c3cc14a3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.028
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 7f949a48bf8776c97dfbe718b04e85a1
content-length: 74033

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1524892339&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=homepageheader&_u=aEBAAEABE~&jid=612000127&gjid=1642419262&cid=1315323788.1569851036&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=1297463582.1569851036&_r=1&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=1315323788.1569851036&z=2025059975

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1524892339&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=Looking%20For%20Your%20Tour&_u=aEDAAEABE~&jid=&gjid=&cid=1315323788.1569851036&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=1297463582.1569851036&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=1315323788.1569851036&z=1882138443

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 15:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3191304
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame FF40 0
0 30ms
30ms Document
text/html 147.75.204.150
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.150 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-8
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.eftours.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

status: 200
date: Mon, 30 Sep 2019 13:43:56 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Aug 2019 14:18:56 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.057
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 198cb35b0b76f2f9f7ab15a8e31b415f

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 21ms
20ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51e6a0f2bf87cbbc-VIE
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2019 19:02:47 GMT
server: cloudflare
age: 3135
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Mon, 30 Sep 2019 15:43:56 GMT

GET
H2 200 71010.56192964168 Show response
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/ 127 B
370 B 166ms
128ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/71010.56192964168?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%22gtm.start%22%3A1569851036162%2C%22event%22%3A%22load%22%2C%22gtm.uniqueEventId%22%3A10%2C%22reference%22%3A%22Looking%20For%20Your%20Tour%22%2C%22orientation%22%3A%22landscape%22%2C%22_ts%22%3A1569851036613%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22_uid%22%3A%2271010.56192964168%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1569851036614
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io afbca1b0bd5468a6f7b9c99405e0c6c063368ebf /
Resource Hash: 7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
content-encoding: gzip
server: lytics.io afbca1b0bd5468a6f7b9c99405e0c6c063368ebf
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
alt-svc: clear
content-length: 126
via: 1.1 google

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 98 KB
20 KB 26ms
24ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51e6a0f3fbb1cbbc-VIE
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 2191
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Mon, 30 Sep 2019 15:43:56 GMT

GET
H2 200 2858
c.lytics.io/c/ 35 B
293 B 137ms
136ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?_ts=1569851036782&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f3fbb4cbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
94 B 143ms
142ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?gtm.start=1569851036162&event=gtm.js&gtm.uniqueEventId=0&_ts=1569851036782&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f3fbb8cbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
94 B 145ms
143ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?event=scroll&reference=homepageheader&gtm.uniqueEventId=4&_ts=1569851036783&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f3fbbbcbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
94 B 155ms
154ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?event=scroll&reference=Looking%20For%20Your%20Tour&gtm.uniqueEventId=7&_ts=1569851036783&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f3fbbecbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
94 B 141ms
140ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?event=load&orientation=landscape&gtm.uniqueEventId=10&_ts=1569851036783&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f3fbbfcbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569851036785&cd[notenrolled]=true&cd[unknown]=true&cd[no_tr]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569851036423.767647807&it=1569851036389&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1524892339&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHDAgEABF~&jid=&gjid=&cid=1315323788.1569851036&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=1297463582.1569851036&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=1315323788.1569851036&cd12=notenrolled%2Cunknown%2Cno_tr%2Csmt_new%2Call&cd11=71010.56192964168&z=564856028

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 15:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3191304
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
7ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 15:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3191304
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
3 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51e6a0f42c5fcbbc-VIE
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 3117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Mon, 30 Sep 2019 15:43:56 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
244 B 157ms
157ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51e6a0f42c60cbbc-VIE
date: Mon, 30 Sep 2019 13:43:56 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Mon, 30 Sep 2019 15:43:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=Microdata&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569851036925&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours%22%2C%22meta%3Adescription%22%3A%22EF%20Educational%20Tours%20offers%20student%20tours%20at%20the%20lowest%20prices%20guaranteed.%20Learn%20why%20teachers%20and%20parents%20choose%20EF%20for%20educational%20travel.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fwww.eftours.com%2F%22%2C%22logo%22%3A%22http%3A%2F%2Fwww.eftours.com%2Fimg%2Flogo-oneline.svg%22%2C%22name%22%3A%22EF%20Educational%20Tours%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22http%3A%2F%2Fwww.eftours.com%2Feducational-tours%2Fsearch%3Fquery%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Feftours%20%22%2C%22https%3A%2F%2Ftwitter.com%2Feftours%22%2C%22https%3A%2F%2Finstagram.com%2Feftours%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Feftours%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569851036423.767647807&it=1569851036389&coo=false&es=automatic&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 13:43:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 30 Sep 2019 13:43:56 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1524892339&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Personalization&ea=STEM%20-%20Homepage&el=STEM%20-%20Homepage%20-%20Standard&_u=aHDAAEABF~&jid=&gjid=&cid=1315323788.1569851036&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=1297463582.1569851036&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=1315323788.1569851036&z=694066085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 15:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3191304
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2858
c.lytics.io/c/ 35 B
116 B 142ms
142ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?SC_ANALYTICS_GLOBAL_COOKIE=c2de8abc-1012-42e1-9e12-5507ba531944&_ts=1569851036987&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=71010.56192964168&_v=2.0.0&_ca=jstag1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:43:57 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51e6a0f53fb7cbbc-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame AEDF 0
0 31ms
30ms Document
text/html 143.204.214.86
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1569851100000/5by59bm3fdyy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-86.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.eftours.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 938
server: nginx
last-modified: Wed, 25 Sep 2019 17:06:50 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Sep 2019 13:43:57 GMT
etag: "d206a06128bdad558a2d10ecc63f04d0"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: E4PUdWkG5gIJUPyFV6v2-YOPDJILXIIOoAmRd4bBAIulGGJA33ya5w==

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1524892339&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=aHDAAEABF~&jid=&gjid=&cid=1315323788.1569851036&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=1297463582.1569851036&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=1315323788.1569851036&z=2064643835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 15:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3191305
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET hbox2
landing.eftours.com/ Frame 9675 0
0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1524892339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dp=hoverbox&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAAEABF~&jid=541111345&gjid=1310270181&cid=730652047.1569851048&uid=c2de8abc-1012-42e1-9e12-5507ba531944&tid=UA-4293088-1&_gid=319287487.1569851048&_r=1&gtm=2wg9i15GND&cd1=c2de8abc-1012-42e1-9e12-5507ba531944&cd6=&cd7=&cd8=null&cd9=730652047.1569851048&z=349338816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 13:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET hbox2
landing.eftours.com/ Frame 9675 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB

Domain: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.187973544.1297463582.1569851036-1315323788.1569851036

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.eftours.com/	1970-01-19 12:49:47	Name: PathforaPageView Value: 1
www.eftours.com/	1970-01-19 04:04:11	Name: ly_segs Value: %7B%22notenrolled%22%3A%22notenrolled%22%2C%22unknown%22%3A%22unknown%22%2C%22no_tr%22%3A%22no_tr%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%7D
.www.eftours.com/	1970-01-19 06:13:47	Name: seerid Value: 71010.56192964168
.eftours.com/	1970-01-19 04:04:12	Name: seerses Value: e
.eftours.com/	1970-01-19 06:13:47	Name: _fbp Value: fb.1.1569851036423.767647807
www.eftours.com/	1970-01-19 21:36:49	Name: driftt_aid Value: 499bb68f-42f6-49f6-9af0-f10c9beb8e73
.eftours.com/	1970-01-19 04:04:11	Name: _gat_UA-4293088-1 Value: 1
.eftours.com/	1970-01-19 04:05:37	Name: _gid Value: GA1.2.1297463582.1569851036
.eftours.com/	1970-01-19 21:35:23	Name: _ga Value: GA1.2.1315323788.1569851036
www.eftours.com/	1970-01-19 04:14:15	Name: AWSALB Value: 5hc6XgHlctgJX0We46VHvU2TSZxBLth6uYBfzFHP0EPI6Mo/7KNrtU8rI5BFbFBrAHXpI5/4guQJwboPMsxwDlYqMZWTP1JxmtwjymuZMZRvlkbcbRam6FI72gyF
.eftours.com/	1970-01-19 06:13:47	Name: _gcl_au Value: 1.1.2033834589.1569851036
.eftours.com/	1969-12-31 23:59:59	Name: recent Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/	1970-01-19 12:36:49	Name: _hjid Value: e286c775-5d67-4612-8277-25b05db2fceb
.eftours.com/	1969-12-31 23:59:59	Name: PriceDefault Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.www.eftours.com/	1970-01-19 04:04:12	Name: seerses Value: e
www.eftours.com/	1970-01-22 19:44:30	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: c2de8abc101242e19e125507ba531944\|False
.eftours.com/	1970-01-19 06:13:47	Name: seerid Value: 71010.56192964168
www.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: iie3ef3byblp1aijkmivpccn

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lytics.io
bat.bing.com
c.lytics.io
connect.facebook.net
fast.fonts.com
js.driftt.com
landing.eftours.com
media.eftours.com
player.ooyala.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.eftours.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
landing.eftours.com
143.204.214.86
147.75.102.227
147.75.204.150
147.75.204.174
2606:4700:20::6819:5365
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:824::2003
2a02:26f0:6c00:288::25c8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.227.192.113
52.7.127.254
72.247.224.65
93.184.220.20
0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9
0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087
0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
19434405dc491c227f469a6e1bde945132dad81575af94219080fea8e7f2c6f3
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0
329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5
3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9
4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
5938d368291b6d8bb590efc4d250a11010793b864aee99be0949cce4235673c7
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1
7ab9768c053294d516e8ecf5493c08883fd9a246e72614620d2094788fe27a50
7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8
7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21
8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d
8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c
a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147
a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289
a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4
a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42d936a08c52f0a3895b075288430d23eaa4209bedb42d1a8d385b92a8063e5
e6798df5ccd72cf937ba8d54ecfa773673752f454a4346117f5728d2c649d2b3
e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

www.eftours.com Open in urlscan Pro 52.7.127.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

53 %IPv6

13 Domains

18 Subdomains

18 IPs

6 Countries

1586 kBTransfer

4503 kBSize

18 Cookies

19 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eftours.com Open in urlscan Pro
52.7.127.254 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

53 %
IPv6

13
Domains

18
Subdomains

18
IPs

6
Countries

1586 kB
Transfer

4503 kB
Size

18
Cookies

67 HTTP transactions
0 data transactions