Submitted URL: http://www.eftours.com/
Effective URL: https://www.eftours.com/
Submission: On September 25 via manual from US

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 112 HTTP transactions. The main IP is 34.197.185.221, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.eftours.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on June 11th 2018. Valid for: 2 years.
This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 34.197.185.221 14618 (AMAZON-AES)
2 93.184.220.20 15133 (EDGECAST)
23 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 147.75.83.163 54825 (PACKET)
19 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
6 2a03:2880:f02... 32934 (FACEBOOK)
4 99.84.151.36 16509 (AMAZON-02)
1 2.18.232.110 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 147.75.204.174 54825 (PACKET)
6 2a03:2880:f12... 32934 (FACEBOOK)
2 35.227.192.113 15169 (GOOGLE)
8 52.23.55.224 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:234... 15133 (EDGECAST)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
112 25
Domain Requested by
23 media.eftours.com www.eftours.com
media.eftours.com
19 c.lytics.io www.googletagmanager.com
c.lytics.io
www.eftours.com
landing.eftours.com
10 www.google-analytics.com www.googletagmanager.com
www.eftours.com
8 landing.eftours.com media.eftours.com
www.eftours.com
landing.eftours.com
code.jquery.com
6 www.facebook.com www.eftours.com
landing.eftours.com
6 connect.facebook.net www.eftours.com
connect.facebook.net
4 js.driftt.com www.eftours.com
js.driftt.com
4 bat.bing.com www.googletagmanager.com
www.eftours.com
landing.eftours.com
4 www.eftours.com 1 redirects www.eftours.com
3 fast.fonts.net landing.eftours.com
code.jquery.com
3 www.googletagmanager.com www.eftours.com
landing.eftours.com
2 code.jquery.com landing.eftours.com
2 fonts.googleapis.com landing.eftours.com
2 api.lytics.io c.lytics.io
2 vars.hotjar.com static.hotjar.com
2 script.hotjar.com static.hotjar.com
2 static.hotjar.com www.googletagmanager.com
2 www.google.com www.eftours.com
landing.eftours.com
2 fast.fonts.com www.eftours.com
1 www.google.de landing.eftours.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com landing.eftours.com
1 www.gstatic.com www.google.com
1 player.ooyala.com media.eftours.com
112 25
Subject Issuer Validity Valid
*.efvoyages.ca
Trusted Secure Certificate Authority 5
2018-06-11 -
2020-09-12
2 years crt.sh
gp1.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-01-29 -
2021-03-19
2 years crt.sh
www.englishtown.com
GeoTrust RSA CA 2018
2019-04-02 -
2020-07-01
a year crt.sh
www.google.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
ssl379818.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-07-26 -
2020-02-01
6 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months crt.sh
drift.com
Amazon
2018-10-17 -
2019-11-17
a year crt.sh
*.ooyala.com
DigiCert SHA2 Secure Server CA
2019-05-09 -
2020-07-07
a year crt.sh
*.google.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2019-08-07 -
2019-11-05
3 months crt.sh
*.lytics.io
RapidSSL TLS RSA CA G1
2018-01-26 -
2020-01-06
2 years crt.sh
landing.eftours.com
Trusted Secure Certificate Authority 5
2019-01-03 -
2020-01-03
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
s9.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-01-16 -
2021-02-03
2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh
www.google.de
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.eftours.com/
Frame ID: 55C7589C5512801DE93EF54C593D0AC3
Requests: 59 HTTP requests in this frame

Frame: https://player.ooyala.com/ooyala_storage.html
Frame ID: CDC19C6C6CA3A692CE4537706DB58B46
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 9A4699048502E79EF528D20D4AEB06B1
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: CC46AF9C8A3E40C56A2534C0996061C4
Requests: 1 HTTP requests in this frame

Frame: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Frame ID: 734F8997FBEC9CD5BC6D8423780BC4A3
Requests: 48 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 24B693FA817CD96F1FC71814D28A9A0A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 99F066045B4E30FFE4BA57C0BA085A4C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.eftours.com/ HTTP 302
    https://www.eftours.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

112
Requests

99 %
HTTPS

63 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

2143 kB
Transfer

6857 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.eftours.com/ HTTP 302
    https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

112 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.eftours.com/
Redirect Chain
  • http://www.eftours.com/
  • https://www.eftours.com/
47 KB
14 KB
Document
General
Full URL
https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-185-221.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d0c951f5768c3f9ffac2b3142af425cc1ddc6990f11e302f267cd5a3964f57db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.eftours.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
AWSALB=vrCwz3nROSKkn6otMYPIJmA8CMAIuoROSQkXaT234BmryxF5w3SdGUGJqvEeWR9RCFf5ooaboJRpz3HcQTfihuK8EGP8mzbbV+rhcWkHJrEKcnKKBb+4p/67RsAD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 25 Sep 2019 11:58:56 GMT
content-type
text/html; charset=utf-8
content-length
14002
set-cookie
AWSALB=EpZscJVZV6y12Imp0W7aBX6G3NcCUtrZuHJzRl6In+lfpTdoyhxwHW0iTajLAwWKZBKj0xjvhK3MZ+fH3E4E/nOsK40/MSTLU00SXu0SaqG4HZg/ZT94rfReXDbZ; Expires=Wed, 02 Oct 2019 11:58:56 GMT; Path=/ ASP.NET_SessionId=xap1tpjs3xzihqcreoutu1ps; path=/; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=78f9c18c3dcf4825a04f05b324d318dd|False; expires=Tue, 25-Sep-2029 11:58:12 GMT; path=/; HttpOnly PriceDefault=e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=; domain=.eftours.com; path=/ recent=e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==; domain=.eftours.com; path=/
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/8.5
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-ua-compatible
IE=edge
x-frame-options
SAMEORIGIN

Redirect headers

Date
Wed, 25 Sep 2019 11:58:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
147
Connection
keep-alive
Set-Cookie
AWSALB=vrCwz3nROSKkn6otMYPIJmA8CMAIuoROSQkXaT234BmryxF5w3SdGUGJqvEeWR9RCFf5ooaboJRpz3HcQTfihuK8EGP8mzbbV+rhcWkHJrEKcnKKBb+4p/67RsAD; Expires=Wed, 02 Oct 2019 11:58:55 GMT; Path=/
Location
https://www.eftours.com/
Server
Microsoft-IIS/8.5
X-UA-Compatible
IE=edge
X-Frame-Options
SAMEORIGIN
VisitorIdentification.js
www.eftours.com/layouts/system/
2 KB
1 KB
Script
General
Full URL
https://www.eftours.com/layouts/system/VisitorIdentification.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-185-221.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 20 Aug 2019 17:21:44 GMT
server
Microsoft-IIS/8.5
etag
"04f4bc7b57d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
922
x-ua-compatible
IE=edge
217e2b8a-1675-4def-b196-05880749e54c.css
fast.fonts.com/cssapi/
4 KB
848 B
Stylesheet
General
Full URL
https://fast.fonts.com/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (amb/6BCB) /
Resource Hash
7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2019 15:32:56 GMT
server
ECS (amb/6BCB)
status
200
etag
"4182405175+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
658
expires
Wed, 02 Oct 2019 11:58:56 GMT
baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn
media.eftours.com/bundles/css/
539 KB
86 KB
Stylesheet
General
Full URL
https://media.eftours.com/bundles/css/baseccq6LFdB8CWk0XEDdQXAN7qaqRszksZOo2bWT-Wfipw1cdn
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=2591946
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
87304
Expires
Fri, 25 Oct 2019 11:58:02 GMT
modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
media.eftours.com/bundles/
11 KB
5 KB
Script
General
Full URL
https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=2592000
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
4810
Expires
Fri, 25 Oct 2019 11:58:56 GMT
halftile-collections-popular_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/
16 KB
17 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-popular_optimized.jpg?h=264&w=310
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Thu, 01 Mar 2018 17:21:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="halftile-collections-popular_optimized.jpg"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16708
Expires
Fri, 25 Oct 2019 11:58:56 GMT
halftile-collections-stem_optimized.jpg
media.eftours.com/~/media/images/etus/collections/tiles/
28 KB
28 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/collections/tiles/halftile-collections-stem_optimized.jpg?h=264&w=310
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Wed, 31 Jan 2018 14:10:40 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="halftile-collections-STEM_optimized.jpg"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28457
Expires
Fri, 25 Oct 2019 11:58:56 GMT
collections-tile-vietnam.jpg
media.eftours.com/~/media/images/etus/collections/market-development-tours/
146 KB
147 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/collections/market-development-tours/collections-tile-vietnam.jpg?h=264&w=310
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Thu, 11 Oct 2018 14:11:24 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="Collections-Tile-Vietnam.jpg"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149797
Expires
Fri, 25 Oct 2019 11:58:56 GMT
safety_optimized.png
media.eftours.com/~/media/images/etus/homepage/
24 KB
24 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/safety_optimized.png?h=204&w=204
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Wed, 31 Jan 2018 16:39:57 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="Safety_optimized.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24139
Expires
Fri, 25 Oct 2019 11:58:56 GMT
pre-tour-training-low.png
media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/
21 KB
21 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/tiles/image-link-list/homepage/pre-tour-training-low.png?h=204&w=204
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Mon, 05 Feb 2018 21:03:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="pre-tour-training-low.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21009
Expires
Fri, 25 Oct 2019 11:58:56 GMT
academics_optimized.png
media.eftours.com/~/media/images/etus/homepage/
25 KB
25 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/academics_optimized.png?h=204&w=204
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Mon, 05 Feb 2018 21:17:40 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2591993
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="Academics_optimized.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25360
Expires
Fri, 25 Oct 2019 11:58:49 GMT
value_optimized.png
media.eftours.com/~/media/images/etus/homepage/
21 KB
22 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/value_optimized.png?h=204&w=204
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Mon, 05 Feb 2018 20:38:11 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2591979
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="Value_optimized.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21805
Expires
Fri, 25 Oct 2019 11:58:35 GMT
sammm.jpg
media.eftours.com/~/media/images/etus/homepage/
47 KB
47 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/sammm.jpg?h=307&w=460
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Mon, 28 Jan 2019 14:23:23 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="Sammm.jpg"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48196
Expires
Fri, 25 Oct 2019 11:58:56 GMT
gls2.png
media.eftours.com/~/media/images/etus/homepage/
62 KB
62 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/gls2.png?h=370&w=360
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Mon, 05 Feb 2018 19:48:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2592000
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="gls2.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63021
Expires
Fri, 25 Oct 2019 11:58:56 GMT
ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/
6 KB
7 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/ef-logo-footer_optimized.png
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Wed, 26 Sep 2018 19:51:55 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
private, max-age=2416438
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="EF-logo-footer_optimized.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6326
Expires
Wed, 23 Oct 2019 11:12:54 GMT
ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1
media.eftours.com/bundles/
1 MB
289 KB
Script
General
Full URL
https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=2591945
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
295937
Expires
Fri, 25 Oct 2019 11:58:01 GMT
ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn
media.eftours.com/bundles/css/
102 KB
13 KB
Stylesheet
General
Full URL
https://media.eftours.com/bundles/css/ooyalaJTgCv_W7GunnGGcpwyJpjOMmi0ZzSb66epW7PZFxOy41cdn
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=2592000
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
13017
Expires
Fri, 25 Oct 2019 11:58:56 GMT
rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1
media.eftours.com/bundles/
13 KB
4 KB
Script
General
Full URL
https://media.eftours.com/bundles/rq-fingerprintsU5DkRBuORGvYT6ruUMxmwC26eXvdOD5u1OSNVubORVM1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=2592000
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
3161
Expires
Fri, 25 Oct 2019 11:58:56 GMT
requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
media.eftours.com/bundles/
15 KB
6 KB
Script
General
Full URL
https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=2591972
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
6108
Expires
Fri, 25 Oct 2019 11:58:28 GMT
rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1
media.eftours.com/bundles/
682 B
778 B
Script
General
Full URL
https://media.eftours.com/bundles/rq-app20vvncSfIJbKXoPRbm-k3NsKBDPwYxD1bzfiVlW-pFA1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 11:58:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=2591974
X-UA-Compatible
IE=edge
Connection
keep-alive
Content-Length
347
Expires
Fri, 25 Oct 2019 11:58:30 GMT
api.js
www.google.com/recaptcha/
774 B
644 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
2d5fb61429c2642bb935c6545492d94208df669a089909a4107de79bb83b0f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
474
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2019 11:58:56 GMT
gtm.js
www.googletagmanager.com/
281 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43"
content-length
51301
x-xss-protection
0
expires
Wed, 25 Sep 2019 11:58:56 GMT
1.css
fast.fonts.com/t/
0
102 B
Stylesheet
General
Full URL
https://fast.fonts.com/t/1.css?apiType=css&projectid=217e2b8a-1675-4def-b196-05880749e54c
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (amb/6B9D)
etag
"616070693"
status
200
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
content-length
0
expires
Wed, 25 Sep 2019 11:58:56 GMT
test14_interlaced_optimized.jpg
media.eftours.com/~/media/images/etus/homepage/
222 KB
223 KB
Image
General
Full URL
https://media.eftours.com/~/media/images/etus/homepage/test14_interlaced_optimized.jpg?mw=1600
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Last-Modified
Tue, 26 Jun 2018 19:31:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=2591989
X-UA-Compatible
IE=edge
Content-Disposition
inline; filename="test14_interlaced_optimized.jpg"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
227453
Expires
Fri, 25 Oct 2019 11:58:45 GMT
_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/
23 KB
24 KB
Font
General
Full URL
https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-185-221.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.eftours.com/
Origin
https://www.eftours.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
last-modified
Tue, 20 Aug 2019 17:21:40 GMT
server
Microsoft-IIS/8.5
status
200
etag
"0aa91ba7b57d51:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
23756
x-ua-compatible
IE=edge
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5578
date
Wed, 25 Sep 2019 10:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 25 Sep 2019 12:25:58 GMT
hotjar-157276.js
static.hotjar.com/c/
7 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-157276.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-1
Software
openresty /
Resource Hash
3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
5
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
2072
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/40b8e0ca9cfcdc2621dbd956479ab49e
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.075
section-io-id
0d57efb1339d08d96f0663784bfb4faa
accept-ranges
bytes
content-type
application/javascript
lio.js
c.lytics.io/api/tag/2858/
45 KB
11 KB
Script
General
Full URL
https://c.lytics.io/api/tag/2858/lio.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd4462d89cb9c-VIE
date
Wed, 25 Sep 2019 11:58:56 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:58:56 GMT
bat.js
bat.bing.com/
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 5458C38FEAFF45A693E06C146C923CDE Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:58:56Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
fbevents.js
connect.facebook.net/en_US/
121 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
spU5eCBwshJeP+uFkRpw7yvxoA4pE/4ZBd9JW0Gxh1glBtc4sr1XrAktO6uGCLCg4oi+9Noh08ht+8meaisY1A==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:58:56 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
5by59bm3fdyy.js
js.driftt.com/include/1569412800000/
132 KB
44 KB
Script
General
Full URL
https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-84-151-36.txl52.r.cloudfront.net
Software
nginx /
Resource Hash
8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:51 GMT
content-encoding
gzip
vary
Accept-Encoding
age
6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 24 Sep 2019 18:19:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
x-amz-cf-pop
TXL52-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1AZM-D0KvnOYY7izhSOUkC9LwpcFZjlOKrgikUoqSNTBqq5TP9WpKQ==
ooyala_storage.html
player.ooyala.com/ Frame CDC1
0
0
Document
General
Full URL
https://player.ooyala.com/ooyala_storage.html
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/ooyalaExMu-iyXQpNvjO3nAzDC2PgBycdtPh4PXimsVBRMywE1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.110 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-110.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
player.ooyala.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.eftours.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.eftours.com/

Response headers

x-amz-id-2
AB4gJpvIin35asy+zXsFeXUnsMbfmqJvcrq8rSW8V34vHBgtmR9tqknQ13poRuqKHyA+cBa6OXg=
x-amz-request-id
DBD439D75C805A9B
Last-Modified
Tue, 18 Jul 2017 21:57:32 GMT
ETag
"84f213d7453fbc34816c118bd5a4a70c"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Encoding
gzip
Content-Length
1211
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Cache-Control
public, max-age=221727
Date
Wed, 25 Sep 2019 11:58:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1566858990656/
264 KB
92 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit&hl=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Sep 2019 11:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 23:45:00 GMT
server
sffe
age
88440
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94196
x-xss-protection
0
expires
Wed, 23 Sep 2020 11:24:56 GMT
bootstrap.762a99f3.js
media.eftours.com/content/js-build/
33 KB
12 KB
Script
General
Full URL
https://media.eftours.com/content/js-build/bootstrap.762a99f3.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2019 17:21:40 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"0aa91ba7b57d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11529
X-UA-Compatible
IE=edge
1602422636701009
connect.facebook.net/signals/config/
308 KB
78 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1602422636701009?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79816
x-xss-protection
0
pragma
public
x-fb-debug
0MkhqbIvDqeRX8ZUQKHQCH+QEHiHTCHB+Hve6JiVIp0ewo6M7V5I9ITwhkBhWeknDP7PRXuosGAikegA+wnsNA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:58:57 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
io.min.js
c.lytics.io/static/v2/
13 KB
6 KB
Script
General
Full URL
https://c.lytics.io/static/v2/io.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd446ef63cb9c-VIE
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2019 19:02:47 GMT
server
cloudflare
age
4775
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:58:57 GMT
modules.4f876666ed6a672b12bd.js
script.hotjar.com/
430 KB
73 KB
Script
General
Full URL
https://script.hotjar.com/modules.4f876666ed6a672b12bd.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash
6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:56 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 07:58:28 GMT
status
200
etag
"d48423d7c3ea8bac1d5de0ed00d914de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
6568a7f825c42e692f1c981706cf7e6e
content-length
73892
inferredEvents.js
connect.facebook.net/signals/plugins/
35 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
BB8Gd18OhdIANNCXYT6bzOZ2+7h6p1uf3dM4cINSjjlPMeWUnHOuVJ8//X/AXpKY02IAoHG74oRfjhTKr+hPlQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:58:57 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery-2.1.1.min.js
media.eftours.com/Content/js/libs/
82 KB
29 KB
Script
General
Full URL
https://media.eftours.com/Content/js/libs/jquery-2.1.1.min.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2019 17:21:40 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"0aa91ba7b57d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2591971
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29548
X-UA-Compatible
IE=edge
hoverbox.1c6de06e.js
media.eftours.com/content/js-build/core/modules/
74 KB
22 KB
Script
General
Full URL
https://media.eftours.com/content/js-build/core/modules/hoverbox.1c6de06e.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2019 17:21:42 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"0d7c2bb7b57d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22397
X-UA-Compatible
IE=edge
carousel.03d23224.js
media.eftours.com/content/js-build/core/modules/
20 KB
6 KB
Script
General
Full URL
https://media.eftours.com/content/js-build/core/modules/carousel.03d23224.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2019 17:21:42 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"0d7c2bb7b57d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5756
X-UA-Compatible
IE=edge
nav.f0038006.js
media.eftours.com/content/js-build/core/modules/
6 KB
3 KB
Script
General
Full URL
https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29d::25c8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:58:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 20 Aug 2019 17:21:42 GMT
Server
Microsoft-IIS/8.5
ETag
"0d7c2bb7b57d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1795
X-UA-Compatible
IE=edge
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=c631f45a-77e8-5778-61f5-f68d030d5e9b&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=1407&evt=pageLoad&msclkid=N&rn=200196
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 25 Sep 2019 11:58:56 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: FE2E5FF1BF304BB39D824E7E16064220 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:58:57Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 9A46
0
0
Document
General
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.eftours.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.eftours.com/

Response headers

status
200
date
Wed, 25 Sep 2019 11:58:56 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Wed, 14 Aug 2019 14:14:11 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.051
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
551dd7150871a4371161bb49d08a7cfe
/
www.facebook.com/tr/
44 B
246 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737290&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:58:57 GMT
68183.66065257284
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/
127 B
369 B
Script
General
Full URL
https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/68183.66065257284?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%22gtm.start%22%3A1569412736512%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A0%2C%22_ts%22%3A1569412737409%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22_uid%22%3A%2268183.66065257284%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1569412737412
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
113.192.227.35.bc.googleusercontent.com
Software
lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a /
Resource Hash
7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:57 GMT
content-encoding
gzip
server
lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
alt-svc
clear
content-length
126
via
1.1 google
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=homepageheader&_u=aEBAAEABE~&jid=1995015215&gjid=1057420808&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=2088202652
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=Looking%20For%20Your%20Tour&_u=aEDAAEABE~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=1785007196
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2898929
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pathfora.min.js
c.lytics.io/static/
98 KB
20 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd44a3f8dcb9c-VIE
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 23:03:58 GMT
server
cloudflare
age
4160
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:58:57 GMT
2858
c.lytics.io/c/
35 B
294 B
Image
General
Full URL
https://c.lytics.io/c/2858?_ts=1569412737625&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd44a3f90cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/2858/
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/2858/default?gtm.start=1569412736512&event=gtm.js&gtm.uniqueEventId=0&_ts=1569412737626&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_ca=jstag1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd44a3f93cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
/
www.facebook.com/tr/
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737627&cd[notenrolled]=true&cd[unknown]=true&cd[no_tr]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:58:57 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHDAgEABF~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&cd12=notenrolled%2Cunknown%2Cno_tr%2Csmt_new%2Call&cd11=68183.66065257284&z=9131853
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2898929
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHDAgEABF~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&cd12=notenrolled%2Cunknown%2Cno_tr%2Csmt_new%2Call&cd11=68183.66065257284&z=2142033837
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2898929
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pathfora.min.css
c.lytics.io/static/
20 KB
3 KB
Stylesheet
General
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd44a883fcb9c-VIE
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 23:03:58 GMT
server
cloudflare
age
4659
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:58:57 GMT
config.js
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/
327 B
253 B
Script
General
Full URL
https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd44a8842cb9c-VIE
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:58:57 GMT
/
www.facebook.com/tr/
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=Microdata&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1569412737795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours%22%2C%22meta%3Adescription%22%3A%22EF%20Educational%20Tours%20offers%20student%20tours%20at%20the%20lowest%20prices%20guaranteed.%20Learn%20why%20teachers%20and%20parents%20choose%20EF%20for%20educational%20travel.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fwww.eftours.com%2F%22%2C%22logo%22%3A%22http%3A%2F%2Fwww.eftours.com%2Fimg%2Flogo-oneline.svg%22%2C%22name%22%3A%22EF%20Educational%20Tours%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22http%3A%2F%2Fwww.eftours.com%2Feducational-tours%2Fsearch%3Fquery%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Feftours%20%22%2C%22https%3A%2F%2Ftwitter.com%2Feftours%22%2C%22https%3A%2F%2Finstagram.com%2Feftours%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Feftours%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569412737288.532847818&it=1569412737000&coo=false&es=automatic&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:58:57 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1302343722&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Personalization&ea=STEM%20-%20Homepage&el=STEM%20-%20Homepage%20-%20Standard&_u=aHDAAEABF~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=2068228210.1569412737&z=1126658506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2898929
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2858
c.lytics.io/c/
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/2858?SC_ANALYTICS_GLOBAL_COOKIE=78f9c18c-3dcf-4825-a04f-05b324d318dd&_ts=1569412737846&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=68183.66065257284&_v=2.0.0&_ca=jstag1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:58:57 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd44b9ac2cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
index.html
js.driftt.com/deploy/assets/ Frame CC46
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-84-151-36.txl52.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.eftours.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.eftours.com/

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
938
server
nginx
last-modified
Tue, 24 Sep 2019 18:19:46 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 25 Sep 2019 11:58:57 GMT
etag
"f65bd41c763276a02f81de1efe1eb428"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
L_qSAf4P06wNODcPCneZGxeyhKVi1niKkXlJSayapSEYM-fkjQnR0w==
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=aHDAAEABF~&jid=1157665564&gjid=1099614045&cid=1801475789.1569412739&tid=UA-4293088-1&_gid=544388212.1569412739&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=1801475789.1569412739&z=900840440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbox2
landing.eftours.com/ Frame 734F
0
0

collect
www.google-analytics.com/r/
35 B
104 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1302343722&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dp=hoverbox&ul=en-us&de=UTF-8&dt=Student%20Tours%20and%20Educational%20Travel%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAAEABF~&jid=1698584921&gjid=863359174&cid=1925994676.1569412749&tid=UA-4293088-1&_gid=995736922.1569412749&_r=1&gtm=2wg9b05GND&cd1=78f9c18c-3dcf-4825-a04f-05b324d318dd&cd6=&cd7=&cd8=null&cd9=1925994676.1569412749&z=1856809635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.eftours.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbox2
landing.eftours.com/ Frame 734F
47 KB
14 KB
Document
General
Full URL
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
/
Resource Hash
315ca5beeb15a70f7f4ae41b51ee7dd3d8c40c314e1da25faab41fdf8e28ced2

Request headers

:method
GET
:authority
landing.eftours.com
:scheme
https
:path
/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
referer
https://www.eftours.com/
accept-encoding
gzip, deflate, br
cookie
_ga=GA1.2.1925994676.1569412749; _gid=GA1.2.995736922.1569412749; _gat_UA-4293088-1=1; disruptedThisSession=true; EFFEDCK=Count=1&Disable=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.eftours.com/

Response headers

status
200
cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=yefynjtex13qba4023wvfa34; path=/; HttpOnly LiveBall=uid=15547310&uky=6NNJEDRO&rid=22144772; domain=eftours.com; expires=Thu, 24-Sep-2020 05:00:00 GMT; path=/
x-request-id
45027292-4c2a-4edb-891c-f70fb325a553
date
Wed, 25 Sep 2019 11:59:08 GMT
content-length
13572
css
fonts.googleapis.com/ Frame 734F
7 KB
700 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Sep 2019 11:59:09 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 25 Sep 2019 11:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 25 Sep 2019 11:59:09 GMT
css
fonts.googleapis.com/ Frame 734F
372 B
352 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ovo
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Sep 2019 11:59:09 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 25 Sep 2019 11:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 25 Sep 2019 11:59:09 GMT
217e2b8a-1675-4def-b196-05880749e54c.css
fast.fonts.net/cssapi/ Frame 734F
4 KB
843 B
Stylesheet
General
Full URL
https://fast.fonts.net/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AF) /
Resource Hash
7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:09 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2019 15:32:56 GMT
server
ECS (fcn/41AF)
status
200
etag
"4182405175"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
658
expires
Wed, 02 Oct 2019 11:59:09 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 734F
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:09 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
ixp-runtime.min.js
landing.eftours.com/Scripts/ Frame 734F
42 KB
18 KB
Script
General
Full URL
https://landing.eftours.com/Scripts/ixp-runtime.min.js?r=80.7201
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5964a91b1d456eb6691783fcc741121a6ff9c99256feae247560f796171be939

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:08 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 18:46:10 GMT
server
Microsoft-IIS/10.0
etag
"0c5ea801a6fd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
18726
ixp-microthemes.min.css
landing.eftours.com/Templates/ Frame 734F
187 KB
12 KB
Stylesheet
General
Full URL
https://landing.eftours.com/Templates/ixp-microthemes.min.css?r=80.7201
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5e145770d239ddb7c6001eb9d39b94b62999b4fb9728b011f77c45cba6748541

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:08 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 18:46:36 GMT
server
Microsoft-IIS/10.0
etag
"0e6a901a6fd51:0"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
11813
theme.css
landing.eftours.com/Templates/ion/ion_Framework_v4.0/themes/EFT_ThemeKit/ Frame 734F
144 KB
10 KB
Stylesheet
General
Full URL
https://landing.eftours.com/Templates/ion/ion_Framework_v4.0/themes/EFT_ThemeKit/theme.css
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
37aa5b4cbea0116cbcbc4f9436f37ffb97c62cef17db9a55649e71c4e941c341

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:08 GMT
content-encoding
gzip
last-modified
Mon, 19 Aug 2019 19:00:29 GMT
server
Microsoft-IIS/10.0
etag
"80841d5ec056d51:0"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
10477
themeform.css
landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/ Frame 734F
20 KB
3 KB
Stylesheet
General
Full URL
https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/themeform.css
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ab40b0a5533b98d9234a038ff2ebe1fc93f51016b7424c010f61fe2efe31f268

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2016 22:04:39 GMT
server
Microsoft-IIS/10.0
etag
"87a64dd7187bd11:0"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
3424
js
www.googletagmanager.com/gtag/ Frame 734F
69 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1068160719
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edd1940db300d86737f0fa15ad1bd51c616cceb09a014a8a18d7169dccaad9af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:09 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43"
content-length
27154
x-xss-protection
0
expires
Wed, 25 Sep 2019 11:59:09 GMT
spacer.gif
landing.eftours.com/ Frame 734F
43 B
127 B
Image
General
Full URL
https://landing.eftours.com/spacer.gif
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:08 GMT
last-modified
Thu, 19 Sep 2019 18:34:18 GMT
server
Microsoft-IIS/10.0
etag
"03188d8186fd51:0"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
KeyGrip.ashx
landing.eftours.com/ Frame 734F
70 B
159 B
Image
General
Full URL
https://landing.eftours.com/KeyGrip.ashx?lb3id=15547310$6NNJEDRO$22144772
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
/
Resource Hash
96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
content-type
image/gif
status
200
cache-control
no-cache
content-length
70
x-request-id
1cdd5c3b-ad42-4a07-9605-ac8402daf275
expires
-1
1.css
fast.fonts.net/t/ Frame 734F
0
102 B
Stylesheet
General
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=217e2b8a-1675-4def-b196-05880749e54c
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:09 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (fcn/41AE)
etag
"616070693"
status
200
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
content-length
0
expires
Wed, 25 Sep 2019 11:59:09 GMT
jquery-1.11.1.min.js
code.jquery.com/ Frame 734F
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/Scripts/ixp-runtime.min.js?r=80.7201
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:59:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-1762a"
Vary
Accept-Encoding
X-HW
1569412750.dop011.fr8.shc,1569412750.dop011.fr8.t,1569412750.cds022.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33202
jquery-1.11.2.min.js
code.jquery.com/ Frame 734F
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 11:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 16:05:21 GMT
Server
nginx
ETag
W/"5491a9c1-176bb"
Vary
Accept-Encoding
X-HW
1569412750.dop011.fr8.shc,1569412750.dop011.fr8.t,1569412750.cds022.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33262
gtm.js
www.googletagmanager.com/ Frame 734F
281 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43"
content-length
51301
x-xss-protection
0
expires
Wed, 25 Sep 2019 11:59:10 GMT
iconSelect.png
landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/ Frame 734F
232 B
317 B
Image
General
Full URL
https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/iconSelect.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.23.55.224 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-23-55-224.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
10435bddeb1acf8eada063170b77d51df3463e7f02f9939f22e3ccf985c62545

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/templates/ion/ion_framework_v4.0/themes/eft_themekit/themeform.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
last-modified
Fri, 20 Jun 2014 13:08:20 GMT
server
Microsoft-IIS/10.0
etag
"907490b5888ccf1:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
232
ab23c239-fb66-406e-bce6-f0f260f5a217.woff2
fast.fonts.net/dv2/14/ Frame 734F
33 KB
33 KB
Font
General
Full URL
https://fast.fonts.net/dv2/14/ab23c239-fb66-406e-bce6-f0f260f5a217.woff2?d44f19a684109620e484167ba390e81828d829f18470286fcbb8d3252b39580cd386369c8e38b3aac42b3977435f17076c76aa93816825b839c03e7a671abe4026bb436f7b104ad4832176a8cdf600e3a27bc6994ea2045b22d22523a60081d21829da6fb8ef4125c5b223d3cd0577157b1cdfc66f364b867c5f135d13c742cec0bda3275cec8138f937f5f0d5f52443faf8b5651c1f5a23a8cf41b35634154d4a2ded4b9c1eafcc2efeda824e471284dad1e13ae150ab1106ab6869347330c918c9f7e19b4b806ee8ff5b73460ae303965d2649c370bdb3160f39d3f8dfdebe&projectId=217e2b8a-1675-4def-b196-05880749e54c
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E8) /
Resource Hash
c958d32df1af73006519766c40d7f57d71d0c1c96584a3fa6ced8a4929bc52b4

Request headers

Sec-Fetch-Mode
cors
Referer
https://fast.fonts.net/cssapi/217e2b8a-1675-4def-b196-05880749e54c.css
Origin
https://landing.eftours.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
last-modified
Wed, 17 Dec 2014 02:01:34 GMT
server
ECS (fcn/40E8)
etag
"3629546902"
status
200
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
33396
expires
Tue, 24 Dec 2019 11:59:10 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 734F
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1068160719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9149
x-xss-protection
0
server
cafe
etag
5022999136154715131
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Sep 2019 11:59:10 GMT
analytics.js
www.google-analytics.com/ Frame 734F
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5592
date
Wed, 25 Sep 2019 10:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 25 Sep 2019 12:25:58 GMT
hotjar-157276.js
static.hotjar.com/c/ Frame 734F
7 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-157276.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.163 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-1
Software
openresty /
Resource Hash
3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
19
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
2072
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/40b8e0ca9cfcdc2621dbd956479ab49e
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.075
section-io-id
c60b8e984fd6b2e7988aafba035ab17d
accept-ranges
bytes
content-type
application/javascript
lio.js
c.lytics.io/api/tag/2858/ Frame 734F
45 KB
11 KB
Script
General
Full URL
https://c.lytics.io/api/tag/2858/lio.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd4998b6acb9c-VIE
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:59:10 GMT
bat.js
bat.bing.com/ Frame 734F
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 083F83C1E5624168AFF6837CA64A55F2 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:59:10Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
fbevents.js
connect.facebook.net/en_US/ Frame 734F
121 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
spU5eCBwshJeP+uFkRpw7yvxoA4pE/4ZBd9JW0Gxh1glBtc4sr1XrAktO6uGCLCg4oi+9Noh08ht+8meaisY1A==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:59:10 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
5by59bm3fdyy.js
js.driftt.com/include/1569412800000/ Frame 734F
132 KB
44 KB
Script
General
Full URL
https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-84-151-36.txl52.r.cloudfront.net
Software
nginx /
Resource Hash
8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:58:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
TXL52-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 24 Sep 2019 18:19:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HXBHXtEWo7NAhpl_ugDkKerfXq59jHimFa1GqBQAfXiP90oYxJOnRA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/ Frame 734F
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/?random=1569412750335&cv=9&fst=1569412750335&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
690bfd727deefe17e7e722e19cde7aad337f19179dfd1e69914aab17074bf9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1007
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1602422636701009
connect.facebook.net/signals/config/ Frame 734F
308 KB
78 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1602422636701009?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79816
x-xss-protection
0
pragma
public
x-fb-debug
0MkhqbIvDqeRX8ZUQKHQCH+QEHiHTCHB+Hve6JiVIp0ewo6M7V5I9ITwhkBhWeknDP7PRXuosGAikegA+wnsNA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:59:10 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
io.min.js
c.lytics.io/static/v2/ Frame 734F
13 KB
6 KB
Script
General
Full URL
https://c.lytics.io/static/v2/io.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd499abd9cb9c-VIE
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 13 Sep 2019 19:02:47 GMT
server
cloudflare
age
4788
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:59:10 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ Frame 734F
35 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
BB8Gd18OhdIANNCXYT6bzOZ2+7h6p1uf3dM4cINSjjlPMeWUnHOuVJ8//X/AXpKY02IAoHG74oRfjhTKr+hPlQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 25 Sep 2019 11:59:10 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
89335.0898046573
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/ Frame 734F
127 B
191 B
Script
General
Full URL
https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/89335.0898046573?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%220%22%3A%22config%22%2C%221%22%3A%22AW-1068160719%22%2C%22gtm.start%22%3A1569412750191%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A2%2C%22LiveBall%22%3A%22uid%3D15547310%26uky%3D6NNJEDRO%26rid%3D22144772%22%2C%22_ts%22%3A1569412750406%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737%22%2C%22_if%22%3A%22t%22%2C%22_uid%22%3A%2289335.0898046573%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_ref%22%3A%22www.eftours.com%2F%22%2C%22_sesref%22%3A%22www.eftours.com%2F%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1569412750408
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
113.192.227.35.bc.googleusercontent.com
Software
lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a /
Resource Hash
7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
gzip
server
lytics.io c4df2726b6dc30060bd104ba32a875bedb96e68a
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
alt-svc
clear
content-length
126
via
1.1 google
modules.4f876666ed6a672b12bd.js
script.hotjar.com/ Frame 734F
430 KB
73 KB
Script
General
Full URL
https://script.hotjar.com/modules.4f876666ed6a672b12bd.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash
6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
content-encoding
br
last-modified
Wed, 25 Sep 2019 07:58:28 GMT
status
200
etag
"d48423d7c3ea8bac1d5de0ed00d914de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
7bf47367e6552df3457a7d600ca55b91
content-length
73892
/
www.google.com/pagead/1p-user-list/1068160719/ Frame 734F
42 B
151 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1068160719/?random=1569412750335&cv=9&fst=1569409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&fmt=3&is_vtc=1&random=2514117126&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1068160719/ Frame 734F
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1068160719/?random=1569412750335&cv=9&fst=1569409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9i1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&ref=https%3A%2F%2Fwww.eftours.com%2F&async=1&fmt=3&is_vtc=1&random=2514117126&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ Frame 734F
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=332ec2c6-4b16-8b1f-9a27-829105d48adc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=797&evt=pageLoad&ifm=1&msclkid=N&rn=286305
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 25 Sep 2019 11:59:09 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: F7D8499D5ECA48D0B99661B4FBE07FF4 Ref B: VIEEDGE1008 Ref C: 2019-09-25T11:59:10Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 734F
44 B
245 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=PageView&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750415&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:59:10 GMT
/
www.facebook.com/tr/ Frame 734F
44 B
199 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=LogAttribution&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750415&cd[log_type]=click&cd[log_id]=1925994676.1569412750317&cd[channel]=&cd[sub_channel]=&cd[channel_marketing_id]=&cd[is_organic]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:59:10 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 24B6
0
0
Document
General
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.174 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Response headers

status
200
date
Wed, 25 Sep 2019 11:59:10 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Mon, 12 Aug 2019 16:41:40 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.052
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
750ce15c62e229293112816c320b56ec
pathfora.min.js
c.lytics.io/static/ Frame 734F
98 KB
19 KB
Script
General
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd49aff44cb9c-VIE
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 23:03:58 GMT
server
cloudflare
age
4173
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:59:10 GMT
2858
c.lytics.io/c/ Frame 734F
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/2858?_ts=1569412750538&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_e=pv&_sesstart=1&_ref=www.eftours.com%2F&_sesref=www.eftours.com%2F&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49aff45cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/2858/ Frame 734F
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/2858/default?0=js&1=Wed%20Sep%2025%202019%2013%3A59%3A10%20GMT%2B0200%20(Central%20European%20Summer%20Time)&_ts=1569412750539&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49aff46cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/2858/ Frame 734F
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/2858/default?0=config&1=AW-1068160719&_ts=1569412750539&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49aff47cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/2858/ Frame 734F
35 B
94 B
Image
General
Full URL
https://c.lytics.io/c/2858/default?gtm.start=1569412750191&event=gtm.js&gtm.uniqueEventId=2&_ts=1569412750540&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49aff4acb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
default
c.lytics.io/c/2858/ Frame 734F
35 B
144 B
Image
General
Full URL
https://c.lytics.io/c/2858/default?LiveBall=uid%3D15547310%26uky%3D6NNJEDRO%26rid%3D22144772&_ts=1569412750540&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49aff4bcb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
/
www.facebook.com/tr/ Frame 734F
44 B
99 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1602422636701009&ev=Lytics%20Audiences&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&rl=https%3A%2F%2Fwww.eftours.com%2F&if=true&ts=1569412750541&cd[notenrolled]=true&cd[unknown]=true&cd[no_tr]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1569412750414.585594346&it=1569412750340&coo=false&rqm=GET
Requested by
Host: landing.eftours.com
URL: https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 11:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 25 Sep 2019 11:59:10 GMT
pathfora.min.css
c.lytics.io/static/ Frame 734F
20 KB
3 KB
Stylesheet
General
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd49b3ff9cb9c-VIE
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 23:03:58 GMT
server
cloudflare
age
4672
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:59:10 GMT
config.js
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ Frame 734F
327 B
248 B
Script
General
Full URL
https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
51bcd49b5879cb9c-VIE
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
13
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Wed, 25 Sep 2019 13:59:10 GMT
2858
c.lytics.io/c/ Frame 734F
35 B
93 B
Image
General
Full URL
https://c.lytics.io/c/2858?_ts=1569412750716&_nmob=t&_device=desktop&url=landing.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&_if=t&_uid=89335.0898046573&_v=2.0.0&_ca=jstag1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Sep 2019 11:59:10 GMT
via
1.1 google
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
51bcd49c0a64cb9c-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length
35
expires
0
index.html
js.driftt.com/deploy/assets/ Frame 99F0
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1569412800000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.151.36 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-84-151-36.txl52.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
938
server
nginx
last-modified
Tue, 24 Sep 2019 18:19:46 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 25 Sep 2019 11:59:10 GMT
etag
"f65bd41c763276a02f81de1efe1eb428"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
XQIGCTZN1s6VoHgT9OzowDXe5fol31JCH7rJj7s_D9Du3LyyJH4W_Q==
collect
www.google-analytics.com/ Frame 734F
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=739665729&t=event&ni=0&_s=1&dl=https%3A%2F%2Flanding.eftours.com%2Fhbox2%3Fsource%3DWWWMOHB%26_ga%3D2.116411202.598817328.1569412737-2068228210.1569412737&dr=https%3A%2F%2Fwww.eftours.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=325x760&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=WhCAAEABE~&jid=&gjid=&cid=2068228210.1569412737&tid=UA-4293088-1&_gid=598817328.1569412737&gtm=2wg9b05GND&cd8=null&cd9=2068228210.1569412737&z=810749113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://landing.eftours.com/hbox2?source=WWWMOHB&_ga=2.116411202.598817328.1569412737-2068228210.1569412737
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 22:43:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2898943
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
landing.eftours.com
URL
https://landing.eftours.com/hbox2?source=WWWMOHB

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent object| dataLayer object| EFTOURS object| html5 object| Modernizr function| yepnope function| SwiperOO object| OO function| _ function| $ function| jQuery undefined| Hazmat function| jsSHA object| LZW object| base64 object| callbackQueue function| generateDeviceId object| Ooyala object| global object| google_tag_manager function| require function| GetEmailQueryString function| GetHash function| RotateLeft function| AddUnsigned function| F function| G function| H function| I function| FF function| GG function| HH function| II function| ConvertToWordArray function| WordToHex string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| liosetup object| jstag object| uetq function| fbq function| _fbq function| readCookie function| getParameterByName object| log_id object| d string| expires number| clientId undefined| source undefined| medium undefined| campaign undefined| is_organic undefined| gclid string| url string| keyToFind undefined| valueFound function| drift function| driftt function| requirejs function| define object| google_tag_data object| gaplugins object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha function| __jstag_onload undefined| initObj string| ly_cid object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| enquire object| subscriptions object| amplify boolean| __DRIFTT_WIDGET_INCLUDED__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ function| UET object| opts object| Handlebars object| handlebars object| lio object| gaGlobal object| gaData function| Swipe number| bpDoc number| bpInner object| optimizely object| pathfora undefined| adobeCampaignCookie string| CustNum string| SCVisitorID undefined| individualIDCookieValue object| lytics_data undefined| callback

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lytics.io
bat.bing.com
c.lytics.io
code.jquery.com
connect.facebook.net
fast.fonts.com
fast.fonts.net
fonts.googleapis.com
googleads.g.doubleclick.net
js.driftt.com
landing.eftours.com
maxcdn.bootstrapcdn.com
media.eftours.com
player.ooyala.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.eftours.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
landing.eftours.com
147.75.204.174
147.75.83.163
172.217.23.98
2.18.232.110
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1a
2606:2800:234:660:118e:28f:1d8a:2522
2606:4700:20::6819:5365
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:817::2002
2a00:1450:4001:817::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2008
2a02:26f0:6c00:29d::25c8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.197.185.221
35.227.192.113
52.23.55.224
93.184.220.20
99.84.151.36
0a76f91b0852427afdceabf247192c9a33da4876e6dcb67f9adbf6784f37c9b9
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
0e2964880ea02473ed39773e1a3060e2438dd41701936bba00f5bc59757ed087
0eb5e7b48d89d368c0ded27220e92562eb114c714edc845cd43e06b626256162
10435bddeb1acf8eada063170b77d51df3463e7f02f9939f22e3ccf985c62545
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
14a36af17d9ee52a860783ca7b83b24bfe5e06b6fdee5ae6d85968fb115e8fa9
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
26e3cbc98aed50540286d43d0599c7685231327b878b60a82cc81fb8f9b1f3a0
2d5fb61429c2642bb935c6545492d94208df669a089909a4107de79bb83b0f8e
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
315ca5beeb15a70f7f4ae41b51ee7dd3d8c40c314e1da25faab41fdf8e28ced2
329d425ac76fa93f3a977216ba7620ab6022fe7bd34bfe9b028b14c9f49e82ea
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
37aa5b4cbea0116cbcbc4f9436f37ffb97c62cef17db9a55649e71c4e941c341
3c3a1215c5180d8d58a9b8477b20d5c8a1c2e502cf3893004d85fd1971d8c6d5
3e72a4321973fdf0197ff545c2d3ffc7c68f94e791b5f4772e57379676d564c9
3e954c6997dbead88e782ffa6b5a2ab9abd1968f2f6b1851d64f37bc26bede75
4215e6200c04a4874f3d23c78af23fcd22b5bc3bc916237fd95c108aaae38735
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4be77b3f1ca66a3059df7bc88b81dc3655b1d897a737a8151929d7cbece1e872
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c8e1392cd74bf54057a9282ecc138eca4f8d637c56b15f28f25fee12971a24
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
5964a91b1d456eb6691783fcc741121a6ff9c99256feae247560f796171be939
5e145770d239ddb7c6001eb9d39b94b62999b4fb9728b011f77c45cba6748541
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
690bfd727deefe17e7e722e19cde7aad337f19179dfd1e69914aab17074bf9cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c052550d0cbc748df432653984d4d7f3f47dc693ecafae9cbb724d4b36f296c
7165be0c73cfa36c86a70f47d2165a7b3f71968b0f7f08fea47eff323d4d4ad1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8c179820b2955b3712e08953b610e2326efe8554ef1b4f050a74ac4d06cdb8
7e6094910aabfc64a2b2b7a8cab6a73f554ca7ac7444e2aee04bfcc58db9bd34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84219a9210af22d56351f402c30bdd5e655acd3940f7b7e9db914b75a2227a21
8bfc10f52a88db2b9548f9cc4dbc460b0570b6f795e84b0f4e429c421ea2b03d
8ec9fe39809471363504b1ca3a221a45d5070e835c0981a5a6777a713f94488c
96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d
a21a0d624b3379a1202f89f48e1221a8caa9aca09dbe98bc082ba48ffd07e147
a63d5706341c70468c158c913b2783a80e2a0433ca5be907ef49e08519931289
a6bd8ffd9bc3743628bab7a700dae32679caf2307e40a37a1be0a067686395f4
a80c0a240f7443919a5e7da7b8b4ddff7f4f779d0c70c5a6d98483940193cf2c
ab40b0a5533b98d9234a038ff2ebe1fc93f51016b7424c010f61fe2efe31f268
ad0b46eed8ff39f76a92e6ad0863bdec0ac66e3e8282040043f1f1cdeb7c5917
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
c1b60c3423c64822ca011fa79590a84885f9aa2ac3f54e296fc472845366da3f
c958d32df1af73006519766c40d7f57d71d0c1c96584a3fa6ced8a4929bc52b4
d0c951f5768c3f9ffac2b3142af425cc1ddc6990f11e302f267cd5a3964f57db
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e34707e8c4e41cac0dc3e370bb340741a90895dbbd76183afe56d3827494f095
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96c60102c3329894ee7a3c6c730fd04654b983a6c9157f8a321d2072db65231
edd1940db300d86737f0fa15ad1bd51c616cceb09a014a8a18d7169dccaad9af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a
f871ea640b390fb63955568f537fe736c5fd9d12600eaff29990183ed3d17712