www.eftours.com Open in urlscan Pro
34.197.185.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eftours.com/
Effective URL:
https://www.eftours.com/
Submission: On September 25 via manual (September 25th 2019, 11:59:16 am UTC) from US

Summary HTTP 112 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 112 HTTP transactions. The main IP is 34.197.185.221, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.eftours.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on June 11th 2018. Valid for: 2 years.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.197.185.221 34.197.185.221	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	93.184.220.20 93.184.220.20	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
23	2a02:26f0:6c0... 2a02:26f0:6c00:29d::25c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	147.75.83.163 147.75.83.163	54825 (PACKET) (PACKET - Packet Host)
19	2606:4700:20:... 2606:4700:20::6819:5365	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	99.84.151.36 99.84.151.36	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.232.110 2.18.232.110	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	147.75.204.174 147.75.204.174	54825 (PACKET) (PACKET - Packet Host)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
8	52.23.55.224 52.23.55.224	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:2800:234... 2606:2800:234:660:118e:28f:1d8a:2522	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
112	25

4 34.197.185.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-185-221.compute-1.amazonaws.com

www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.20 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

fast.fonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:26f0:6c00:29d::25c8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.83.163 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::6819:5365 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.151.36 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-151-36.txl52.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.110 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-110.deploy.static.akamaitechnologies.com

player.ooyala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.204.174 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.23.55.224 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-23-55-224.compute-1.amazonaws.com

landing.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:660:118e:28f:1d8a:2522 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	eftours.com 1 redirects www.eftours.com media.eftours.com landing.eftours.com Failed	1 MB
21	lytics.io c.lytics.io api.lytics.io	82 KB
10	google-analytics.com www.google-analytics.com	36 KB
6	facebook.com www.facebook.com	987 B
6	facebook.net connect.facebook.net	238 KB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	150 KB
4	driftt.com js.driftt.com	87 KB
4	bing.com bat.bing.com	15 KB
3	fonts.net fast.fonts.net	34 KB
3	googletagmanager.com www.googletagmanager.com	127 KB
2	jquery.com code.jquery.com	66 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.com www.google.com	795 B
2	fonts.com fast.fonts.com	950 B
1	google.de www.google.de	110 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	gstatic.com www.gstatic.com	92 KB
1	ooyala.com player.ooyala.com
112	20

	Domain	Requested by
23	media.eftours.com	www.eftours.com media.eftours.com
19	c.lytics.io	www.googletagmanager.com c.lytics.io www.eftours.com landing.eftours.com
10	www.google-analytics.com	www.googletagmanager.com www.eftours.com
8	landing.eftours.com	media.eftours.com www.eftours.com landing.eftours.com code.jquery.com
6	www.facebook.com	www.eftours.com landing.eftours.com
6	connect.facebook.net	www.eftours.com connect.facebook.net
4	js.driftt.com	www.eftours.com js.driftt.com
4	bat.bing.com	www.googletagmanager.com www.eftours.com landing.eftours.com
4	www.eftours.com	1 redirects www.eftours.com
3	fast.fonts.net	landing.eftours.com code.jquery.com
3	www.googletagmanager.com	www.eftours.com landing.eftours.com
2	code.jquery.com	landing.eftours.com
2	fonts.googleapis.com	landing.eftours.com
2	api.lytics.io	c.lytics.io
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	static.hotjar.com	www.googletagmanager.com
2	www.google.com	www.eftours.com landing.eftours.com
2	fast.fonts.com	www.eftours.com
1	www.google.de	landing.eftours.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	landing.eftours.com
1	www.gstatic.com	www.google.com
1	player.ooyala.com	media.eftours.com
112	25

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
landing.eftours.com
www.efexploreamerica.com
careers.ef.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.efcollegestudytours.com
girltrips.eftours.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com
www.ef.edu

Subject Issuer	Validity	Valid
*.efvoyages.ca Trusted Secure Certificate Authority 5	`2018-06-11` - `2020-09-12`	2 years	crt.sh
gp1.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-01-29` - `2021-03-19`	2 years	crt.sh
www.englishtown.com GeoTrust RSA CA 2018	`2019-04-02` - `2020-07-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
ssl379818.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-26` - `2020-02-01`	6 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
drift.com Amazon	`2018-10-17` - `2019-11-17`	a year	crt.sh
*.ooyala.com DigiCert SHA2 Secure Server CA	`2019-05-09` - `2020-07-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-08-07` - `2019-11-05`	3 months	crt.sh
*.lytics.io RapidSSL TLS RSA CA G1	`2018-01-26` - `2020-01-06`	2 years	crt.sh
landing.eftours.com Trusted Secure Certificate Authority 5	`2019-01-03` - `2020-01-03`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
s9.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-01-16` - `2021-02-03`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.eftours.com/
Frame ID: 55C7589C5512801DE93EF54C593D0AC3
Requests: 59 HTTP requests in this frame

Frame: https://player.ooyala.com/ooyala_storage.html
Frame ID: CDC19C6C6CA3A692CE4537706DB58B46
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 9A4699048502E79EF528D20D4AEB06B1
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: CC46AF9C8A3E40C56A2534C0996061C4
Requests: 1 HTTP requests in this frame

Frame: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Frame ID: 734F8997FBEC9CD5BC6D8423780BC4A3
Requests: 48 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 24B693FA817CD96F1FC71814D28A9A0A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 99F066045B4E30FFE4BA57C0BA085A4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.eftours.com/ HTTP 302
https://www.eftours.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

112
Requests

99 %
HTTPS

63 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

2143 kB
Transfer

6857 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://landing.eftours.com/hbox2?source=WWWMOHB&visit=59173ac7-0ec7-4ddc-9983-07708a423b68&visitor=78f9c18c-3dcf-4825-a04f-05b324d318dd
Title:

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/inspiration/stories/ef-student-spotlight-sam
Title:

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/educational-tour/washington-dc-williamsburg
Title: Washington, D.C.

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/journal
Title: EF Journal

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours
Title:

Search URL Search Domain Scan URL

URL: https://www.efcollegestudytours.com/
Title: EF College Study Tours

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girl Scouts

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/
Title:

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eftours.com/ HTTP 302
https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eftours.com/
Redirect Chain

http://www.eftours.com/
https://www.eftours.com/

47 KB
14 KB

625ms
425ms

Document
text/html

34.197.185.221
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-197-185-221.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

d0c951f5768c3f9ffac2b3142af425cc1ddc6990f11e302f267cd5a3964f57db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.eftours.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: AWSALB=vrCwz3nROSKkn6otMYPIJmA8CMAIuoROSQkXaT234BmryxF5w3SdGUGJqvEeWR9RCFf5ooaboJRpz3HcQTfihuK8EGP8mzbbV+rhcWkHJrEKcnKKBb+4p/67RsAD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 25 Sep 2019 11:58:56 GMT
content-type: text/html; charset=utf-8
content-length: 14002
set-cookie: AWSALB=EpZscJVZV6y12Imp0W7aBX6G3NcCUtrZuHJzRl6In+lfpTdoyhxwHW0iTajLAwWKZBKj0xjvhK3MZ+fH3E4E/nOsK40/MSTLU00SXu0SaqG4HZg/ZT94rfReXDbZ; Expires=Wed, 02 Oct 2019 11:58:56 GMT; Path=/ ASP.NET_SessionId=xap1tpjs3xzihqcreoutu1ps; path=/; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=78f9c18c3dcf4825a04f05b324d318dd|False; expires=Tue, 25-Sep-2029 11:58:12 GMT; path=/; HttpOnly PriceDefault=e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=; domain=.eftours.com; path=/ recent=e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==; domain=.eftours.com; path=/
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN

Redirect headers

Date: Wed, 25 Sep 2019 11:58:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 147
Connection: keep-alive
Set-Cookie: AWSALB=vrCwz3nROSKkn6otMYPIJmA8CMAIuoROSQkXaT234BmryxF5w3SdGUGJqvEeWR9RCFf5ooaboJRpz3HcQTfihuK8EGP8mzbbV+rhcWkHJrEKcnKKBb+4p/67RsAD; Expires=Wed, 02 Oct 2019 11:58:55 GMT; Path=/
Location: https://www.eftours.com/
Server: Microsoft-IIS/8.5
X-UA-Compatible: IE=edge
X-Frame-Options: SAMEORIGIN

GET
H2 200 VisitorIdentification.js Show response
www.eftours.com/layouts/system/ 2 KB
1 KB 102ms
100ms Script
application/javascript 34.197.185.221
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/layouts/system/VisitorIdentification.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-197-185-221.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 20 Aug 2019 17:21:44 GMT
server: Microsoft-IIS/8.5
etag: "04f4bc7b57d51:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 922
x-ua-compatible: IE=edge

GET
H2 200 217e2b8a-1675-4def-b196-05880749e54c.css
fast.fonts.com/cssapi/ 4 KB
848 B 76ms
25ms Stylesheet
text/css 93.184.220.20
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.com/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6BCB) /
Resource Hash: 7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 15:32:56 GMT
server: ECS (amb/6BCB)
status: 200
etag: "4182405175+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 658
expires: Wed, 02 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn
media.eftours.com/bundles/css/ 539 KB
86 KB 58ms
19ms Stylesheet
text/css 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2591946
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 87304
Expires: Fri, 25 Oct 2019 11:58:02 GMT

GET
H/1.1 200
OK modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
5 KB 65ms
25ms Script
text/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 4810
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK halftile-collections-popular_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/ 16 KB
17 KB 64ms
25ms Image
image/jpeg 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-popular_optimized.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Thu, 01 Mar 2018 17:21:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="halftile-collections-popular_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16708
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK halftile-collections-stem_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/ 28 KB
28 KB 61ms
22ms Image
image/jpeg 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-stem_optimized.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Wed, 31 Jan 2018 14:10:40 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="halftile-collections-STEM_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28457
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK collections-tile-vietnam.jpg
media.eftours.com/~/media/images/etus/collections/market-development-tours/ 146 KB
147 KB 28ms
26ms Image
image/jpeg 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/market-development-tours/collections-tile-vietnam.jpg?h=264&w=310

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Thu, 11 Oct 2018 14:11:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Collections-Tile-Vietnam.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149797
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK safety_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 24 KB
24 KB 32ms
19ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/safety_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Wed, 31 Jan 2018 16:39:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Safety_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24139
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK pre-tour-training-low.png
media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/ 21 KB
21 KB 20ms
7ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/pre-tour-training-low.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Mon, 05 Feb 2018 21:03:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="pre-tour-training-low.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21009
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK academics_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 25 KB
25 KB 22ms
9ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/academics_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Mon, 05 Feb 2018 21:17:40 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2591993
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Academics_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25360
Expires: Fri, 25 Oct 2019 11:58:49 GMT

GET
H/1.1 200
OK value_optimized.png
media.eftours.com/~/media/images/etus/homepage/ 21 KB
22 KB 32ms
19ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/value_optimized.png?h=204&w=204

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Mon, 05 Feb 2018 20:38:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2591979
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Value_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21805
Expires: Fri, 25 Oct 2019 11:58:35 GMT

GET
H/1.1 200
OK sammm.jpg
media.eftours.com/~/media/images/etus/homepage/ 47 KB
47 KB 31ms
9ms Image
image/jpeg 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/sammm.jpg?h=307&w=460

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Mon, 28 Jan 2019 14:23:23 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="Sammm.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48196
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK gls2.png
media.eftours.com/~/media/images/etus/homepage/ 62 KB
62 KB 20ms
10ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/gls2.png?h=370&w=360

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Mon, 05 Feb 2018 19:48:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2592000
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="gls2.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63021
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/ 6 KB
7 KB 10ms
10ms Image
image/png 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Wed, 26 Sep 2018 19:51:55 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=2416438
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="EF-logo-footer_optimized.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6326
Expires: Wed, 23 Oct 2019 11:12:54 GMT

GET
H/1.1 200
OK ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1 Show response
media.eftours.com/bundles/ 1 MB
289 KB 16ms
15ms Script
text/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2591945
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 295937
Expires: Fri, 25 Oct 2019 11:58:01 GMT

GET
H/1.1 200
OK ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn
media.eftours.com/bundles/css/ 102 KB
13 KB 12ms
11ms Stylesheet
text/css 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2592000
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 13017
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1 Show response
media.eftours.com/bundles/ 13 KB
4 KB 9ms
7ms Script
text/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2592000
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 3161
Expires: Fri, 25 Oct 2019 11:58:56 GMT

GET
H/1.1 200
OK requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
6 KB 11ms
9ms Script
text/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2591972
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 6108
Expires: Fri, 25 Oct 2019 11:58:28 GMT

GET
H/1.1 200
OK rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1 Show response
media.eftours.com/bundles/ 682 B
778 B 16ms
12ms Script
text/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Sep 2019 11:58:05 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=2591974
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 347
Expires: Fri, 25 Oct 2019 11:58:30 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 774 B
644 B 29ms
17ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2d5fb61429c2642bb935c6545492d94208df669a089909a4107de79bb83b0f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 474
x-xss-protection: 1; mode=block
expires: Wed, 25 Sep 2019 11:58:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
50 KB 32ms
20ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43"
content-length: 51301
x-xss-protection: 0
expires: Wed, 25 Sep 2019 11:58:56 GMT

GET
H2 200 1.css
fast.fonts.com/t/ 0
102 B 16ms
15ms Stylesheet
text/css 93.184.220.20
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.com/t/1.css?apiType=css&projectid=217e2b8a-1675-4def-b196-05880749e54c
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (amb/6B9D)
etag: "616070693"
status: 200
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Wed, 25 Sep 2019 11:58:56 GMT

GET
H/1.1 200
OK test14_interlaced_optimized.jpg
media.eftours.com/~/media/images/etus/homepage/ 222 KB
223 KB 15ms
14ms Image
image/jpeg 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/test14_interlaced_optimized.jpg?mw=1600

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified: Tue, 26 Jun 2018 19:31:05 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=2591989
X-UA-Compatible: IE=edge
Content-Disposition: inline; filename="test14_interlaced_optimized.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 227453
Expires: Fri, 25 Oct 2019 11:58:45 GMT

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
24 KB 116ms
104ms Font
application/font-woff2 34.197.185.221
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-197-185-221.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.eftours.com/
Origin: https://www.eftours.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
last-modified: Tue, 20 Aug 2019 17:21:40 GMT
server: Microsoft-IIS/8.5
status: 200
etag: "0aa91ba7b57d51:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 23756
x-ua-compatible: IE=edge

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5578
date: Wed, 25 Sep 2019 10:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 25 Sep 2019 12:25:58 GMT

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 7 KB
2 KB 22ms
22ms Script
application/javascript 147.75.83.163
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-1

Software

openresty /

Resource Hash

3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 5
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2072
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/40b8e0ca9cfcdc2621dbd956479ab49e
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.075
section-io-id: 0d57efb1339d08d96f0663784bfb4faa
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/2858/ 45 KB
11 KB 79ms
25ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/2858/lio.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd4462d89cb9c-VIE
date: Wed, 25 Sep 2019 11:58:56 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:58:56 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 101ms
48ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 5458C38FEAFF45A693E06C146C923CDE Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:58:56Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: spU5eCBwshJeP+uFkRpw7yvxoA4pE/4ZBd9JW0Gxh1glBtc4sr1XrAktO6uGCLCg4oi+9Noh08ht+8meaisY1A==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:58:56 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1569412800000/ 132 KB
44 KB 128ms
45ms Script
application/javascript 99.84.151.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-99-84-151-36.txl52.r.cloudfront.net

Software

nginx /

Resource Hash

8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:51 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 24 Sep 2019 18:19:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
x-amz-cf-pop: TXL52-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1AZM-D0KvnOYY7izhSOUkC9LwpcFZjlOKrgikUoqSNTBqq5TP9WpKQ==

GET
H/1.1 200
OK ooyala_storage.html
player.ooyala.com/ Frame CDC1 0
0 92ms
22ms Document
text/html 2.18.232.110
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ooyala.com/ooyala_storage.html
Requested by: Host: media.eftours.com
URL: https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.110 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-110.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: player.ooyala.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.eftours.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

x-amz-id-2: AB4gJpvIin35asy+zXsFeXUnsMbfmqJvcrq8rSW8V34vHBgtmR9tqknQ13poRuqKHyA+cBa6OXg=
x-amz-request-id: DBD439D75C805A9B
Last-Modified: Tue, 18 Jul 2017 21:57:32 GMT
ETag: "84f213d7453fbc34816c118bd5a4a70c"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 1211
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: public, max-age=221727
Date: Wed, 25 Sep 2019 11:58:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Sep 2019 11:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 88440
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94196
x-xss-protection: 0
expires: Wed, 23 Sep 2020 11:24:56 GMT

GET
H/1.1 200
OK bootstrap.762a99f3.js Show response
media.eftours.com/content/js-build/ 33 KB
12 KB 12ms
11ms Script
application/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.762a99f3.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:40 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0aa91ba7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11529
X-UA-Compatible: IE=edge

GET
H2 200 1602422636701009 Show response
connect.facebook.net/signals/config/ 308 KB
78 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1602422636701009?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79816
x-xss-protection: 0
pragma: public
x-fb-debug: 0MkhqbIvDqeRX8ZUQKHQCH+QEHiHTCHB+Hve6JiVIp0ewo6M7V5I9ITwhkBhWeknDP7PRXuosGAikegA+wnsNA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:58:57 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 22ms
22ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd446ef63cb9c-VIE
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2019 19:02:47 GMT
server: cloudflare
age: 4775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:58:57 GMT

GET
H2 200 modules.4f876666ed6a672b12bd.js Show response
script.hotjar.com/ 430 KB
73 KB 51ms
50ms Script
application/javascript 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.4f876666ed6a672b12bd.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash: 6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:56 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 07:58:28 GMT
status: 200
etag: "d48423d7c3ea8bac1d5de0ed00d914de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 6568a7f825c42e692f1c981706cf7e6e
content-length: 73892

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: BB8Gd18OhdIANNCXYT6bzOZ2+7h6p1uf3dM4cINSjjlPMeWUnHOuVJ8//X/AXpKY02IAoHG74oRfjhTKr+hPlQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:58:57 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK jquery-2.1.1.min.js Show response
media.eftours.com/Content/js/libs/ 82 KB
29 KB 17ms
17ms Script
application/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-2.1.1.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:40 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0aa91ba7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2591971
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29548
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK hoverbox.1c6de06e.js Show response
media.eftours.com/content/js-build/core/modules/ 74 KB
22 KB 16ms
12ms Script
application/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/hoverbox.1c6de06e.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0d7c2bb7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22397
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK carousel.03d23224.js Show response
media.eftours.com/content/js-build/core/modules/ 20 KB
6 KB 20ms
17ms Script
application/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/carousel.03d23224.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
ETag: "0d7c2bb7b57d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5756
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
3 KB 275ms
272ms Script
application/javascript 2a02:26f0:6c00:29d::25c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 20 Aug 2019 17:21:42 GMT
Server: Microsoft-IIS/8.5
ETag: "0d7c2bb7b57d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1795
X-UA-Compatible: IE=edge

GET
H2 204 0
bat.bing.com/action/ 0
148 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=c631f45a-77e8-5778-61f5-f68d030d5e9b&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=1407&evt=pageLoad&msclkid=N&rn=200196
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 25 Sep 2019 11:58:56 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: FE2E5FF1BF304BB39D824E7E16064220 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:58:57Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 9A46 0
0 49ms
43ms Document
text/html 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.eftours.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

status: 200
date: Wed, 25 Sep 2019 11:58:56 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Wed, 14 Aug 2019 14:14:11 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.051
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 551dd7150871a4371161bb49d08a7cfe

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 14ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737290&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:58:57 GMT

GET
H2 200 68183.66065257284 Show response
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/ 127 B
369 B 210ms
129ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/68183.66065257284?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%22gtm.start%22%3A1569412736512%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A0%2C%22_ts%22%3A1569412737409%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22_uid%22%3A%2268183.66065257284%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1569412737412
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a /
Resource Hash: 7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:57 GMT
content-encoding: gzip
server: lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
alt-svc: clear
content-length: 126
via: 1.1 google

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 18ms
15ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=homepageheader&_u=aEBAAEABE~&jid=1995015215&gjid=1057420808&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=2088202652

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 10ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=Looking%20For%20Your%20Tour&_u=aEDAAEABE~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=1785007196

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2898929
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 98 KB
20 KB 23ms
22ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd44a3f8dcb9c-VIE
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 4160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:58:57 GMT

GET
H2 200 2858
c.lytics.io/c/ 35 B
294 B 147ms
146ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?_ts=1569412737625&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd44a3f90cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
94 B 147ms
147ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?gtm.start=1569412736512&event=gtm.js&gtm.uniqueEventId=0&_ts=1569412737626&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_ca=jstag1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd44a3f93cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737627&cd[notenrolled]=true&cd[unknown]=true&cd[no_tr]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:58:57 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHDAgEABF~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&cd12=notenrolled%2Cunknown%2Cno_tr%2Csmt_new%2Call&cd11=68183.66065257284&z=9131853

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2898929
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2898929
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
3 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd44a883fcb9c-VIE
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 4659
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:58:57 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
253 B 154ms
154ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd44a8842cb9c-VIE
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:58:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 9ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=Microdata&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours%22%2C%22meta%3Adescription%22%3A%22EF%20Educational%20Tours%20offers%20student%20tours%20at%20the%20lowest%20prices%20guaranteed.%20Learn%20why%20teachers%20and%20parents%20choose%20EF%20for%20educational%20travel.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fwww.eftours.com%2F%22%2C%22logo%22%3A%22http%3A%2F%2Fwww.eftours.com%2Fimg%2Flogo-oneline.svg%22%2C%22name%22%3A%22EF%20Educational%20Tours%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22http%3A%2F%2Fwww.eftours.com%2Feducational-tours%2Fsearch%3Fquery%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Feftours%20%22%2C%22https%3A%2F%2Ftwitter.com%2Feftours%22%2C%22https%3A%2F%2Finstagram.com%2Feftours%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Feftours%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&es=automatic&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:58:57 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Personalization&ea=STEM%20-%20Homepage&el=STEM%20-%20Homepage%20-%20Standard&_u=aHDAAEABF~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=1126658506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2898929
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2858
c.lytics.io/c/ 35 B
93 B 151ms
151ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?SC_ANALYTICS_GLOBAL_COOKIE=78f9c18c-3dcf-4825-a04f-05b324d318dd&_ts=1569412737846&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_ca=jstag1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:58:57 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd44b9ac2cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame CC46 0
0 35ms
34ms Document
text/html 99.84.151.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-99-84-151-36.txl52.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.eftours.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 938
server: nginx
last-modified: Tue, 24 Sep 2019 18:19:46 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Sep 2019 11:58:57 GMT
etag: "f65bd41c763276a02f81de1efe1eb428"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: L_qSAf4P06wNODcPCneZGxeyhKVi1niKkXlJSayapSEYM-fkjQnR0w==

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 17ms
17ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=aHDAAEABF~&jid=1157665564&gjid=1099614045&cid=1801475789.1569412739&tid=UA-4293088-1&_gid=544388212.1569412739&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=1801475789.1569412739&z=900840440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:58:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET hbox2
landing.eftours.com/ Frame 734F 0
0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
104 B 14ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dp=hoverbox&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAAEABF~&jid=1698584921&gjid=863359174&cid=1925994676.1569412749&tid=UA-4293088-1&_gid=995736922.1569412749&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=1925994676.1569412749&z=1856809635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbox2 Show response
landing.eftours.com/ Frame 734F 47 KB
14 KB 380ms
167ms Document
text/html 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: /
Resource Hash: 315ca5beeb15a70f7f4ae41b51ee7dd3d8c40c314e1da25faab41fdf8e28ced2

Request headers

:method: GET
:authority: landing.eftours.com
:scheme: https
:path: /hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-site
referer: https://www.eftours.com/
accept-encoding: gzip, deflate, br
cookie: _ga=GA1.2.1925994676.1569412749; _gid=GA1.2.995736922.1569412749; _gat_UA-4293088-1=1; disruptedThisSession=true; EFFEDCK=Count=1&Disable=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.eftours.com/

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=yefynjtex13qba4023wvfa34; path=/; HttpOnly LiveBall=uid=15547310&uky=6NNJEDRO&rid=22144772; domain=eftours.com; expires=Thu, 24-Sep-2020 05:00:00 GMT; path=/
x-request-id: 45027292-4c2a-4edb-891c-f70fb325a553
date: Wed, 25 Sep 2019 11:59:08 GMT
content-length: 13572

GET
H2 200 css
fonts.googleapis.com/ Frame 734F 7 KB
700 B 25ms
19ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 25 Sep 2019 11:59:09 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 25 Sep 2019 11:59:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 25 Sep 2019 11:59:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 734F 372 B
352 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ovo

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 25 Sep 2019 11:59:09 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 25 Sep 2019 11:59:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 25 Sep 2019 11:59:09 GMT

GET
H2 200 217e2b8a-1675-4def-b196-05880749e54c.css
fast.fonts.net/cssapi/ Frame 734F 4 KB
843 B 43ms
9ms Stylesheet
text/css 2606:2800:234:660:118e:28f:1d8a:2522
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:09 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 15:32:56 GMT
server: ECS (fcn/41AF)
status: 200
etag: "4182405175"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 658
expires: Wed, 02 Oct 2019 11:59:09 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 734F 30 KB
7 KB 19ms
14ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:09 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 ixp-runtime.min.js Show response
landing.eftours.com/Scripts/ Frame 734F 42 KB
18 KB 187ms
181ms Script
application/javascript 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.eftours.com/Scripts/ixp-runtime.min.js?r=80.7201
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 5964a91b1d456eb6691783fcc741121a6ff9c99256feae247560f796171be939

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:08 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 18:46:10 GMT
server: Microsoft-IIS/10.0
etag: "0c5ea801a6fd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 18726

GET
H2 200 ixp-microthemes.min.css
landing.eftours.com/Templates/ Frame 734F 187 KB
12 KB 104ms
98ms Stylesheet
text/css 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.eftours.com/Templates/ixp-microthemes.min.css?r=80.7201
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 5e145770d239ddb7c6001eb9d39b94b62999b4fb9728b011f77c45cba6748541

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:08 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 18:46:36 GMT
server: Microsoft-IIS/10.0
etag: "0e6a901a6fd51:0"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 11813

GET
H2 200 theme.css
landing.eftours.com/Templates/ion/ion_Framework_v4.0/themes/EFT_ThemeKit/ Frame 734F 144 KB
10 KB 116ms
110ms Stylesheet
text/css 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.eftours.com/Templates/ion/ion_Framework_v4.0/themes/EFT_ThemeKit/theme.css
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 37aa5b4cbea0116cbcbc4f9436f37ffb97c62cef17db9a55649e71c4e941c341

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:08 GMT
content-encoding: gzip
last-modified: Mon, 19 Aug 2019 19:00:29 GMT
server: Microsoft-IIS/10.0
etag: "80841d5ec056d51:0"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 10477

GET
H2 200 themeform.css
landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/ Frame 734F 20 KB
3 KB 121ms
116ms Stylesheet
text/css 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/themeform.css
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ab40b0a5533b98d9234a038ff2ebe1fc93f51016b7424c010f61fe2efe31f268

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:08 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2016 22:04:39 GMT
server: Microsoft-IIS/10.0
etag: "87a64dd7187bd11:0"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 3424

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 734F 69 KB
27 KB 27ms
22ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1068160719

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

edd1940db300d86737f0fa15ad1bd51c616cceb09a014a8a18d7169dccaad9af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:09 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43"
content-length: 27154
x-xss-protection: 0
expires: Wed, 25 Sep 2019 11:59:09 GMT

GET
H2 200 spacer.gif
landing.eftours.com/ Frame 734F 43 B
127 B 120ms
115ms Image
image/gif 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.eftours.com/spacer.gif
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:08 GMT
last-modified: Thu, 19 Sep 2019 18:34:18 GMT
server: Microsoft-IIS/10.0
etag: "03188d8186fd51:0"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 43

GET
H2 200 KeyGrip.ashx
landing.eftours.com/ Frame 734F 70 B
159 B 149ms
132ms Image
image/gif 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.eftours.com/KeyGrip.ashx?lb3id=15547310$6NNJEDRO$22144772
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: /
Resource Hash: 96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 70
x-request-id: 1cdd5c3b-ad42-4a07-9605-ac8402daf275
expires: -1

GET
H2 200 1.css
fast.fonts.net/t/ Frame 734F 0
102 B 16ms
11ms Stylesheet
text/css 2606:2800:234:660:118e:28f:1d8a:2522
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=217e2b8a-1675-4def-b196-05880749e54c
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:09 GMT
last-modified: Wed, 21 Feb 2018 12:55:22 GMT
server: ECS (fcn/41AE)
etag: "616070693"
status: 200
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Wed, 25 Sep 2019 11:59:09 GMT

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
code.jquery.com/ Frame 734F 94 KB
33 KB 36ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/Scripts/ixp-runtime.min.js?r=80.7201
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:59:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-1762a"
Vary: Accept-Encoding
X-HW: 1569412750.dop011.fr8.shc,1569412750.dop011.fr8.t,1569412750.cds022.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33202

GET
H/1.1 200
OK jquery-1.11.2.min.js Show response
code.jquery.com/ Frame 734F 94 KB
33 KB 17ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.2.min.js
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Sep 2019 11:59:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Dec 2014 16:05:21 GMT
Server: nginx
ETag: W/"5491a9c1-176bb"
Vary: Accept-Encoding
X-HW: 1569412750.dop011.fr8.shc,1569412750.dop011.fr8.t,1569412750.cds022.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33262

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 734F 281 KB
50 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43"
content-length: 51301
x-xss-protection: 0
expires: Wed, 25 Sep 2019 11:59:10 GMT

GET
H2 200 iconSelect.png
landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/ Frame 734F 232 B
317 B 102ms
99ms Image
image/png 52.23.55.224
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/iconSelect.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-55-224.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 10435bddeb1acf8eada063170b77d51df3463e7f02f9939f22e3ccf985c62545

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/themeform.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
last-modified: Fri, 20 Jun 2014 13:08:20 GMT
server: Microsoft-IIS/10.0
etag: "907490b5888ccf1:0"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 232

GET
H2 200 ab23c239-fb66-406e-bce6-f0f260f5a217.woff2
fast.fonts.net/dv2/14/ Frame 734F 33 KB
33 KB 29ms
8ms Font
application/octet-stream 2606:2800:234:660:118e:28f:1d8a:2522
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/ab23c239-fb66-406e-bce6-f0f260f5a217.woff2?d44f19a684109620e484167ba390e81828d829f18470286fcbb8d3252b39580cd386369c8e38b3aac42b3977435f17076c76aa93816825b839c03e7a671abe4026bb436f7b104ad4832176a8cdf600e3a27bc6994ea2045b22d22523a60081d21829da6fb8ef4125c5b223d3cd0577157b1cdfc66f364b867c5f135d13c742cec0bda3275cec8138f937f5f0d5f52443faf8b5651c1f5a23a8cf41b35634154d4a2ded4b9c1eafcc2efeda824e471284dad1e13ae150ab1106ab6869347330c918c9f7e19b4b806ee8ff5b73460ae303965d2649c370bdb3160f39d3f8dfdebe&projectId=217e2b8a-1675-4def-b196-05880749e54c
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E8) /
Resource Hash: c958d32df1af73006519766c40d7f57d71d0c1c96584a3fa6ced8a4929bc52b4

Request headers

Sec-Fetch-Mode: cors
Referer: https://fast.fonts.net/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Origin: https://landing.eftours.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
last-modified: Wed, 17 Dec 2014 02:01:34 GMT
server: ECS (fcn/40E8)
etag: "3629546902"
status: 200
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 33396
expires: Tue, 24 Dec 2019 11:59:10 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 734F 24 KB
9 KB 40ms
38ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1068160719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9149
x-xss-protection: 0
server: cafe
etag: 5022999136154715131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Sep 2019 11:59:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 734F 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5592
date: Wed, 25 Sep 2019 10:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 25 Sep 2019 12:25:58 GMT

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ Frame 734F 7 KB
2 KB 43ms
41ms Script
application/javascript 147.75.83.163
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-1

Software

openresty /

Resource Hash

3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 19
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 2072
server: openresty
cache-control: max-age=60
x-frame-options: SAMEORIGIN
etag: W/40b8e0ca9cfcdc2621dbd956479ab49e
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.075
section-io-id: c60b8e984fd6b2e7988aafba035ab17d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/2858/ Frame 734F 45 KB
11 KB 20ms
19ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/2858/lio.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd4998b6acb9c-VIE
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:59:10 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 734F 23 KB
7 KB 50ms
50ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:09 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 083F83C1E5624168AFF6837CA64A55F2 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:59:10Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 734F 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: spU5eCBwshJeP+uFkRpw7yvxoA4pE/4ZBd9JW0Gxh1glBtc4sr1XrAktO6uGCLCg4oi+9Noh08ht+8meaisY1A==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:59:10 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1569412800000/ Frame 734F 132 KB
44 KB 157ms
156ms Script
application/javascript 99.84.151.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-99-84-151-36.txl52.r.cloudfront.net

Software

nginx /

Resource Hash

8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:58:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 24 Sep 2019 18:19:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HXBHXtEWo7NAhpl_ugDkKerfXq59jHimFa1GqBQAfXiP90oYxJOnRA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/ Frame 734F 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/?random=1569412750335&cv=9&fst=1569412750335&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

690bfd727deefe17e7e722e19cde7aad337f19179dfd1e69914aab17074bf9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1602422636701009 Show response
connect.facebook.net/signals/config/ Frame 734F 308 KB
78 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1602422636701009?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79816
x-xss-protection: 0
pragma: public
x-fb-debug: 0MkhqbIvDqeRX8ZUQKHQCH+QEHiHTCHB+Hve6JiVIp0ewo6M7V5I9ITwhkBhWeknDP7PRXuosGAikegA+wnsNA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:59:10 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ Frame 734F 13 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd499abd9cb9c-VIE
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2019 19:02:47 GMT
server: cloudflare
age: 4788
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:59:10 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ Frame 734F 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: BB8Gd18OhdIANNCXYT6bzOZ2+7h6p1uf3dM4cINSjjlPMeWUnHOuVJ8//X/AXpKY02IAoHG74oRfjhTKr+hPlQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 25 Sep 2019 11:59:10 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 89335.0898046573 Show response
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/ Frame 734F 127 B
191 B 126ms
125ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/89335.0898046573?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%220%22%3A%22config%22%2C%221%22%3A%22AW-1068160719%22%2C%22gtm.start%22%3A1569412750191%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A2%2C%22LiveBall%22%3A%22uid%3D15547310%26uky%3D6NNJEDRO%26rid%3D22144772%22%2C%22_ts%22%3A1569412750406%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737%22%2C%22_if%22%3A%22t%22%2C%22_uid%22%3A%2289335.0898046573%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_ref%22%3A%22www.eftours.com%2F%22%2C%22_sesref%22%3A%22www.eftours.com%2F%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1569412750408
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a /
Resource Hash: 7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: gzip
server: lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
alt-svc: clear
content-length: 126
via: 1.1 google

GET
H2 200 modules.4f876666ed6a672b12bd.js Show response
script.hotjar.com/ Frame 734F 430 KB
73 KB 57ms
57ms Script
application/javascript 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.4f876666ed6a672b12bd.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash: 6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
content-encoding: br
last-modified: Wed, 25 Sep 2019 07:58:28 GMT
status: 200
etag: "d48423d7c3ea8bac1d5de0ed00d914de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 7bf47367e6552df3457a7d600ca55b91
content-length: 73892

GET
H2 200 /
www.google.com/pagead/1p-user-list/1068160719/ Frame 734F 42 B
151 B 26ms
25ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068160719/?random=1569412750335&cv=9&fst=1569409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&fmt=3&is_vtc=1&random=2514117126&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1068160719/ Frame 734F 42 B
110 B 51ms
50ms Image
image/gif 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068160719/?random=1569412750335&cv=9&fst=1569409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&fmt=3&is_vtc=1&random=2514117126&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame 734F 0
94 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=332ec2c6-4b16-8b1f-9a27-829105d48adc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=797&evt=pageLoad&ifm=1&msclkid=N&rn=286305
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 25 Sep 2019 11:59:09 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F7D8499D5ECA48D0B99661B4FBE07FF4 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:59:10Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 734F 44 B
245 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=PageView&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750415&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:59:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 734F 44 B
199 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=LogAttribution&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750415&cd[log_type]=click&cd[log_id]=1925994676.1569412750317&cd[channel]=&cd[sub_channel]=&cd[channel_marketing_id]=&cd[is_organic]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:59:10 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 24B6 0
0 38ms
37ms Document
text/html 147.75.204.174
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Response headers

status: 200
date: Wed, 25 Sep 2019 11:59:10 GMT
content-type: text/html
content-length: 787
cache-control: max-age=31536000
content-encoding: br
last-modified: Mon, 12 Aug 2019 16:41:40 GMT
etag: "5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.052
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 750ce15c62e229293112816c320b56ec

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ Frame 734F 98 KB
19 KB 24ms
23ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd49aff44cb9c-VIE
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 4173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:59:10 GMT

GET
H2 200 2858
c.lytics.io/c/ Frame 734F 35 B
94 B 152ms
151ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?_ts=1569412750538&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_e=pv&_sesstart=1&_ref=www.eftours.com%2F&_sesref=www.eftours.com%2F&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49aff45cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ Frame 734F 35 B
94 B 160ms
159ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?0=js&1=Wed%20Sep%2025%202019%2013%3A59%3A10%20GMT%2B0200%20(Central%20European%20Summer%20Time)&_ts=1569412750539&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49aff46cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ Frame 734F 35 B
94 B 154ms
154ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?0=config&1=AW-1068160719&_ts=1569412750539&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49aff47cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ Frame 734F 35 B
94 B 164ms
163ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?gtm.start=1569412750191&event=gtm.js&gtm.uniqueEventId=2&_ts=1569412750540&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49aff4acb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ Frame 734F 35 B
144 B 147ms
146ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?LiveBall=uid%3D15547310%26uky%3D6NNJEDRO%26rid%3D22144772&_ts=1569412750540&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by: Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49aff4bcb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 734F 44 B
99 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602422636701009&ev=Lytics%20Audiences&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750541&cd[notenrolled]=true&cd[unknown]=true&cd[no_tr]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET

Requested by

Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 11:59:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 25 Sep 2019 11:59:10 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ Frame 734F 20 KB
3 KB 24ms
24ms Stylesheet
text/css 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd49b3ff9cb9c-VIE
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:03:58 GMT
server: cloudflare
age: 4672
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:59:10 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ Frame 734F 327 B
248 B 16ms
15ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 51bcd49b5879cb9c-VIE
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 13
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
content-encoding: br
expires: Wed, 25 Sep 2019 13:59:10 GMT

GET
H2 200 2858
c.lytics.io/c/ Frame 734F 35 B
93 B 141ms
141ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?_ts=1569412750716&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Sep 2019 11:59:10 GMT
via: 1.1 google
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 51bcd49c0a64cb9c-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 99F0 0
0 32ms
32ms Document
text/html 99.84.151.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-99-84-151-36.txl52.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 938
server: nginx
last-modified: Tue, 24 Sep 2019 18:19:46 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 25 Sep 2019 11:59:10 GMT
etag: "f65bd41c763276a02f81de1efe1eb428"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: XQIGCTZN1s6VoHgT9OzowDXe5fol31JCH7rJj7s_D9Du3LyyJH4W_Q==

GET
H2 200 collect
www.google-analytics.com/ Frame 734F 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=739665729&t=event&ni=0&_s=1&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&dr=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=325x760&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=WhCAAEABE~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd8=null&cd9=2068228210.1569412737&z=810749113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2898943
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lytics.io
bat.bing.com
c.lytics.io
code.jquery.com
connect.facebook.net
fast.fonts.com
fast.fonts.net
fonts.googleapis.com
googleads.g.doubleclick.net
js.driftt.com
landing.eftours.com
maxcdn.bootstrapcdn.com
media.eftours.com
player.ooyala.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.eftours.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
landing.eftours.com
147.75.204.174
147.75.83.163
172.217.23.98
2.18.232.110
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1a
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700:20::6819:5365
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:817::2002
2a00:1450:4001:817::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2008
2a02:26f0:6c00:29d::25c8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.197.185.221
35.227.192.113
52.23.55.224
93.184.220.20
99.84.151.36
0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087
0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162
10435bddeb1acf8eada063170b77d51df3463e7f02f9939f22e3ccf985c62545
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0
2d5fb61429c2642bb935c6545492d94208df669a089909a4107de79bb83b0f8e
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
315ca5beeb15a70f7f4ae41b51ee7dd3d8c40c314e1da25faab41fdf8e28ced2
329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
37aa5b4cbea0116cbcbc4f9436f37ffb97c62cef17db9a55649e71c4e941c341
3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5
3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9
3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75
4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
5964a91b1d456eb6691783fcc741121a6ff9c99256feae247560f796171be939
5e145770d239ddb7c6001eb9d39b94b62999b4fb9728b011f77c45cba6748541
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
690bfd727deefe17e7e722e19cde7aad337f19179dfd1e69914aab17074bf9cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c
7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8
7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21
8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d
8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c
96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d
a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147
a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289
a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4
a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c
ab40b0a5533b98d9234a038ff2ebe1fc93f51016b7424c010f61fe2efe31f268
ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f
c958d32df1af73006519766c40d7f57d71d0c1c96584a3fa6ced8a4929bc52b4
d0c951f5768c3f9ffac2b3142af425cc1ddc6990f11e302f267cd5a3964f57db
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231
edd1940db300d86737f0fa15ad1bd51c616cceb09a014a8a18d7169dccaad9af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712

www.eftours.com Open in urlscan Pro 34.197.185.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

99 %HTTPS

63 %IPv6

20 Domains

25 Subdomains

25 IPs

6 Countries

2143 kBTransfer

6857 kBSize

0 Cookies

19 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eftours.com Open in urlscan Pro
34.197.185.221 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

99 %
HTTPS

63 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

2143 kB
Transfer

6857 kB
Size

0
Cookies

112 HTTP transactions
0 data transactions