personal.eftours.com Open in urlscan Pro
23.20.139.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://personal.eftours.com/secure/make-donation/
Submission: On August 22 via manual (August 22nd 2020, 12:20:13 am UTC) from AR

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 51 HTTP transactions. The main IP is 23.20.139.57, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is personal.eftours.com.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on June 11th 2018. Valid for: 2 years.

This is the only time personal.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	23.20.139.57 23.20.139.57	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	76.8.204.12 76.8.204.12	29933 (OFF-CAMPU...) (OFF-CAMPUS-TELECOMMUNICATIONS)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.226.155.25 13.226.155.25	16509 (AMAZON-02) (AMAZON-02)
1	35.190.11.84 35.190.11.84	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
51	13

25 23.20.139.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-139-57.compute-1.amazonaws.com

personal.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.8.204.12 (Ogden, United States)

ASN29933 (OFF-CAMPUS-TELECOMMUNICATIONS, US)

www.securitymetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-25.dus51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.11.84 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 84.11.190.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	eftours.com personal.eftours.com	139 KB
8	lytics.io c.lytics.io api.lytics.io	42 KB
6	google-analytics.com 1 redirects www.google-analytics.com	37 KB
2	google.de www.google.de	1009 B
2	google.com 1 redirects www.google.com	889 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	driftt.com js.driftt.com	45 KB
2	bing.com bat.bing.com	8 KB
2	googleapis.com ajax.googleapis.com	37 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	googletagmanager.com www.googletagmanager.com	73 KB
1	securitymetrics.com www.securitymetrics.com	3 KB
51	12

	Domain	Requested by
25	personal.eftours.com	personal.eftours.com
7	c.lytics.io	www.googletagmanager.com c.lytics.io personal.eftours.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.google.de	personal.eftours.com
2	www.google.com	1 redirects personal.eftours.com
2	js.driftt.com	personal.eftours.com js.driftt.com
2	bat.bing.com	www.googletagmanager.com personal.eftours.com
2	ajax.googleapis.com	personal.eftours.com
1	stats.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.lytics.io	c.lytics.io
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	personal.eftours.com
1	www.securitymetrics.com	personal.eftours.com
51	14

This site contains links to these domains. Also see Links.

Domain
www.eftours.com

Subject Issuer	Validity	Valid
*.efvoyages.ca Trusted Secure Certificate Authority 5	`2018-06-11` - `2020-09-12`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
dk-prod1-v-edgenginx-1.secmet.co Let's Encrypt Authority X3	`2020-06-25` - `2020-09-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
*.lytics.io DigiCert ECC Secure Server CA	`2019-10-22` - `2020-10-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://personal.eftours.com/secure/make-donation/
Frame ID: 8E9201EB05E0C6ADE8E4DAB9D60C394E
Requests: 50 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: E731F07B9A3EAFDA5F8CFF4186AE4DE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

399 kB
Transfer

1238 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.eftours.com/teacher-travel/site-guide-teachers-faq.aspx
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=97309877&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&ul=en-us&de=UTF-8&dt=EF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aFBAAEABE~&jid=1567059777&gjid=2146971214&cid=603164951.1598055580&tid=UA-4293088-1&_gid=2096919567.1598055580&_r=1&gtm=2wg8c05GND&cd8=null&cd9=603164951.1598055580&z=2018322598 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_gid=2096919567.1598055580&gjid=2146971214&_v=j83&z=2018322598 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598&slf_rd=1&random=1622019747

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
personal.eftours.com/secure/make-donation/ 8 KB
5 KB 313ms
103ms Document
text/html 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50809d68e476580a38a0bce4b569751915af23ceeb54f20a8df16eec60f6e610

Request headers

:method: GET
:authority: personal.eftours.com
:scheme: https
:path: /secure/make-donation/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 22 Aug 2020 00:19:38 GMT
content-type: text/html; charset=utf-8
content-length: 4216
set-cookie: AWSALB=PACvwh2WMZu3Bmj4RIo13woyzaOoFP1pTxgT6QRUdDHFq3kgt9EUrRvVqP6PkFIvSfHHTdcAEFZ18S0B8SJofUOoLcnXM9u6hjLCydSy2NY6cpWnOUbBgdvO+pJK; Expires=Sat, 29 Aug 2020 00:19:38 GMT; Path=/ AWSALBCORS=PACvwh2WMZu3Bmj4RIo13woyzaOoFP1pTxgT6QRUdDHFq3kgt9EUrRvVqP6PkFIvSfHHTdcAEFZ18S0B8SJofUOoLcnXM9u6hjLCydSy2NY6cpWnOUbBgdvO+pJK; Expires=Sat, 29 Aug 2020 00:19:38 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=mlzfqh4qxg30n2giusx3nx4v; path=/; HttpOnly ASP.NET_SessionId=mlzfqh4qxg30n2giusx3nx4v; path=/; HttpOnly __AntiXsrfToken=07f94617eeb6435099031b0daa8eb306; path=/; HttpOnly
cache-control: no-cache, no-store
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 base.css
personal.eftours.com/includes/css/ 69 KB
21 KB 123ms
109ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/base.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: eab855d5ad7d8046c589a207c1f28e2005409aea7c9ae9510250df018d9e4b74

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "8cba7440f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 20543

GET
H2 200 colorbox.css
personal.eftours.com/includes/css/ 7 KB
3 KB 198ms
184ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/colorbox.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f7286b7004b28b36a9ff031874946fd9195996224551a7d2a39df985f0f2d116

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "8cba7440f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2214

GET
H2 200 HemingwayEtus.fpv-637316409602112698.css
personal.eftours.com/includes/css/ 63 KB
19 KB 280ms
267ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/HemingwayEtus.fpv-637316409602112698.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ae39b54e9fcf0e9f8bcba208aa65f3fab8740f0678d3f10105742b024b11bb6e

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "ba1c7740f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 18812

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 23:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 865853
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 23:48:45 GMT

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 06:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840757
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 06:47:01 GMT

GET
H2 200 Global.fpv-637316409602581426.js Show response
personal.eftours.com/includes/js/ 71 KB
23 KB 277ms
264ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/Global.fpv-637316409602581426.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9be8c5bf74edb53c1286caa0cad1b99919907a1f63ed2bc8ac7473533bdda6ce

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "b2437e40f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 22765

GET
H2 200 colorbox.js Show response
personal.eftours.com/includes/js/compressed/ 15 KB
7 KB 197ms
186ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/compressed/colorbox.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ad9f1080e51e38ac8f42ecd580ebb5b9caa23127ee63d2d15a528b886b53674d

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "25a68040f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 6312

GET
H2 200 ZeroClipboard.js Show response
personal.eftours.com/includes/js/ 12 KB
5 KB 199ms
188ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/ZeroClipboard.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3a588f18a132b763f3aaba5d5ce64fab9abc547c3b22fd569af9a3a372105cd2

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "25a68040f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4158

GET
H2 200 jquery.printElement.min.js Show response
personal.eftours.com/includes/js/ 4 KB
3 KB 276ms
267ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/jquery.printElement.min.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e9f09ba67a7a23a1aa69b08a52fede217a8c110211b808ff359486ca91224752

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "25a68040f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2144

GET
H2 200 makedonation.js Show response
personal.eftours.com/includes/js/ 11 KB
4 KB 271ms
263ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/makedonation.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7fd0e84ee3327f5ef66e31ff94e5b5a6828a45cbb237f23d35a021944a91b337

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "25a68040f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3604

GET
H2 200 MakeDonationPage.css
personal.eftours.com/includes/css/ 10 KB
3 KB 192ms
184ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/MakeDonationPage.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c6c0315cde817829a165d7a703bc2590b867d765e99bfa21209d06711a514ae8

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "ba1c7740f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2958

GET
H2 200 grid.css
personal.eftours.com/includes/css/ 6 KB
2 KB 194ms
187ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/grid.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e3e9340f86bed80baaf2027da974c367767a1b3f8351ad15e5232d3496c420a

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "ba1c7740f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1488

GET
H2 200 FormElements.css
personal.eftours.com/includes/css/ 3 KB
2 KB 190ms
184ms Stylesheet
text/css 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/css/FormElements.css
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d8f297dca2b6080d080b714c19f59972bc00c77ff95c3e0faba39218d7364604

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "ba1c7740f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1241

GET
H2 200 ContactUsTab.js Show response
personal.eftours.com/includes/js/ 443 B
832 B 193ms
188ms Script
application/javascript 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://personal.eftours.com/includes/js/ContactUsTab.js
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93a137b12aacb22c7aad7c4fb4e0c4b39cb1334e0a3e430b44452627d3a05db0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
etag: "b2437e40f065d61:0"
last-modified: Wed, 29 Jul 2020 21:36:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 285

GET
H2 200 ET-lockup-2019.ashx
personal.eftours.com/~/media/ETUS/Global/ 5 KB
6 KB 99ms
97ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/~/media/ETUS/Global/ET-lockup-2019.ashx
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c094dbbb4a2a49d634d7a5e15a8c1f74b3cba60d97db005f76b5ab2ba9769521

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: b6f3f450835d436b8251d365eeb19dfb
last-modified: Tue, 02 Apr 2019 16:21:05 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: inline; filename="ET-lockup-2019.png"
accept-ranges: bytes
content-length: 5478
expires: Sat, 29 Aug 2020 00:19:20 GMT

GET
H/1.1 200
OK sm_tested4.gif
www.securitymetrics.com/images/ 3 KB
3 KB 421ms
138ms Image
image/gif 76.8.204.12
OFF-CAMPUS-TELECO...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.securitymetrics.com/images/sm_tested4.gif

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

76.8.204.12 Ogden, United States, ASN29933 (OFF-CAMPUS-TELECOMMUNICATIONS, US),

Reverse DNS

Software

nginx /

Resource Hash

53dc9082444aa2c4f603b9a01cc0e9531b8e9ce739da7bc5d61465c85ab3c165

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 22 Aug 2020 00:19:39 GMT
Last-Modified: Wed, 19 Aug 2020 22:49:04 GMT
Server: nginx
ETag: "5f3dac60-a1f"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2591

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
73 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12d3c0cdd8fdc2e6985de80dac1cfda829973305ac3bb3de329127edc500baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74856
x-xss-protection: 0
last-modified: Sat, 22 Aug 2020 00:00:50 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Aug 2020 00:19:39 GMT

GET
H2 200 contactus_arrow_down.png
personal.eftours.com/includes/images/ 530 B
1 KB 94ms
94ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/contactus_arrow_down.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/HemingwayEtus.fpv-637316409602112698.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9c7d7444a587f99b8065ad7f87942e35aea5ede0e814cbf02dd15e40b750760a

Request headers

Referer: https://personal.eftours.com/includes/css/HemingwayEtus.fpv-637316409602112698.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 530

GET
H2 200 fancy_shadow_nw.png
personal.eftours.com/includes/images/colorbox/ 2 KB
2 KB 100ms
97ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_nw.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3bceb44019291d0190c3301c3e99505d9245f492f23e1298d5e65468bdb85052

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1753

GET
H2 200 fancy_shadow_n.png
personal.eftours.com/includes/images/colorbox/ 3 KB
4 KB 98ms
96ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_n.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1df6e4df849a211e7af6551ad83d455f9d88a4152b103cc2b055fe49443fc12a

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3258

GET
H2 200 fancy_shadow_w.png
personal.eftours.com/includes/images/colorbox/ 3 KB
4 KB 99ms
96ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_w.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d2a9b09e31c32335ab8f4c50bf0fefe3ca7ba433e4af42767589abe33c711b06

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3570

GET
H2 200 loading-white.gif
personal.eftours.com/includes/images/colorbox/ 7 KB
8 KB 102ms
100ms Image
image/gif 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/loading-white.gif
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ec80bea1355db7f5c5bf4f88741f7afe90a744f652f9358ba761da2783495ba2

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7364

GET
H2 200 controls.png
personal.eftours.com/includes/images/colorbox/ 2 KB
2 KB 103ms
101ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/controls.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1633

GET
H2 200 fancy_shadow_ne.png
personal.eftours.com/includes/images/colorbox/ 4 KB
5 KB 100ms
98ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_ne.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9de65e766439ec5ecca9004e07dde04041c46c718b7d28687c7d2f4176d7b243

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4524

GET
H2 200 fancy_shadow_e.png
personal.eftours.com/includes/images/colorbox/ 2 KB
2 KB 102ms
100ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_e.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 031548c5eb5bead31f7161d457de43cf670259c512e17e249ba31fc040e925b3

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1691

GET
H2 200 fancy_shadow_sw.png
personal.eftours.com/includes/images/colorbox/ 2 KB
2 KB 99ms
97ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_sw.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2f237ebb01624c0fb540f84c696beecbc1ae93ea891940f068ca441bb1c7b4c2

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1812

GET
H2 200 fancy_shadow_s.png
personal.eftours.com/includes/images/colorbox/ 3 KB
4 KB 103ms
101ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_s.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 31ee0f734783560ea94d85a7be2fc451b25c3c5af1104fb5fdee998e8dbabd76

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3231

GET
H2 200 fancy_shadow_se.png
personal.eftours.com/includes/images/colorbox/ 3 KB
4 KB 104ms
102ms Image
image/png 23.20.139.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://personal.eftours.com/includes/images/colorbox/fancy_shadow_se.png
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/includes/css/colorbox.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.139.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-139-57.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b017e701b2d331ced25f953e0255c767e6d86dfb58b897d7f08ed3640e1671dc

Request headers

Referer: https://personal.eftours.com/includes/css/colorbox.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "0d52c9df12d41:0"
last-modified: Tue, 03 Jul 2018 15:09:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3571

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6358
date: Fri, 21 Aug 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 22 Aug 2020 00:33:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 69ms
30ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

d792ed2286a3f10ce01ed2c144ef1db80a8273d049b111589539c435ce908f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11318
x-xss-protection: 0
server: cafe
etag: 16467492975000070780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Aug 2020 00:19:39 GMT

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/2858/ 45 KB
11 KB 35ms
18ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/2858/lio.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af62728ea7e37b54e809ccf8966f3a98c83f4e6edc43159b093b426908cb25a8

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c686c6a3e6216ee-FRA
date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 255
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=7200
content-encoding: br
access-control-allow-origin: *
cf-request-id: 04b5221661000016eee7917200000001

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 41ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:38 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: F4ACC5101941464C8BD5960268F4FFA9 Ref B: FRAEDGE1311 Ref C: 2020-08-22T00:19:39Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1598055600000/ 137 KB
45 KB 216ms
168ms Script
application/javascript 13.226.155.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1598055600000/5by59bm3fdyy.js

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-25.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 19:02:41 GMT
server: nginx
etag: W/"c0ffecccae38fb92e490ef3de88a7ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6pfvGJDnGpy3lln5Hb250Kb7ft3oWOrrW2pXOncwIS9WIYHaUWo7SQ==

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 13ms
12ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c686c6a5e8d16ee-FRA
date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 29 Apr 2020 21:03:39 GMT
server: cloudflare
age: 2639
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=7200
content-encoding: br
cf-request-id: 04b5221677000016eee7918200000001

GET
H2 204 0
bat.bing.com/action/ 0
148 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13007618&Ver=2&mid=a4a0dac6-5d0d-1a1c-401f-f401d35276f7&sid=e00029a99a2b8ce1b78f9871502e66f7&vid=81dd0ed53bd5483bf7a5b664f78069b5&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=EF&kw=Tour&p=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&r=&lt=729&evt=pageLoad&msclkid=N&sv=1&rn=750182
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 22 Aug 2020 00:19:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 957E7DE6D19F4647BD2A53E105D07412 Ref B: FRAEDGE1311 Ref C: 2020-08-22T00:19:39Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 114698.05062896719 Show response
api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/ 165 B
388 B 169ms
122ms Script
application/json 35.190.11.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/425e1a929aeafe7bc5b2d0647603e35a/_uid/114698.05062896719?segments=true&mergestate=true&callback=window.lio.segmentscb&state=%7B%22gtm.start%22%3A1598055579097%2C%22event%22%3A%22gtm.js%22%2C%22gtm.uniqueEventId%22%3A1%2C%22_ts%22%3A1598055579276%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22personal.eftours.com%2Fsecure%2Fmake-donation%2F%22%2C%22_uid%22%3A%22114698.05062896719%22%2C%22_v%22%3A%222.0.0%22%2C%22_e%22%3A%22pv%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_ca%22%3A%22jstag1%22%7D&ts=1598055579280
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.11.84 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 84.11.190.35.bc.googleusercontent.com
Software: lytics.io 90e8fd1c01b206bf1f8591334dcda085e7a0167c /
Resource Hash: b329bd5cec71c7855cbdb9a6ca1085f7e3c8fd2699faf12c1442000a16b802e0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
content-encoding: gzip
server: lytics.io 90e8fd1c01b206bf1f8591334dcda085e7a0167c
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
status: 200
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
alt-svc: clear
content-length: 147
via: 1.1 google

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068160719/?random=1598055579298&cv=9&fst=1598055579298&num=1&label=4C_MCOLvg2MQz62r_QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&tiba=EF&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7bbf5348959b6a30aa7672b3a0b632e0e15635bb6845d02d6ae29e2ed9abe37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 00:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1068160719/ 42 B
326 B 21ms
21ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068160719/?random=1598055579298&cv=9&fst=1598054400000&num=1&label=4C_MCOLvg2MQz62r_QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&tiba=EF&async=1&fmt=3&is_vtc=1&random=811095490&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 00:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1068160719/ 42 B
539 B 32ms
20ms Image
image/gif 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068160719/?random=1598055579298&cv=9&fst=1598054400000&num=1&label=4C_MCOLvg2MQz62r_QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&tiba=EF&async=1&fmt=3&is_vtc=1&random=811095490&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 00:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 100 KB
20 KB 17ms
15ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d168ba515a51b5718ba8f51cc423e6458094e282e9426f9cbc03ed09166bd09a

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c686c6bb90516ee-FRA
date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 19:10:40 GMT
server: cloudflare
age: 2641
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=7200
content-encoding: br
cf-request-id: 04b5221754000016eee7921200000001

GET
H2 200 2858
c.lytics.io/c/ 35 B
344 B 121ms
119ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858?_ts=1598055579456&_nmob=t&_device=desktop&url=personal.eftours.com%2Fsecure%2Fmake-donation%2F&_uid=114698.05062896719&_v=2.0.0&_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ca=jstag1
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
status: 200
content-length: 35
cf-request-id: 04b5221755000016eee7922200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5c686c6bb90816ee-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 default
c.lytics.io/c/2858/ 35 B
121 B 122ms
121ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2858/default?gtm.start=1598055579097&event=gtm.js&gtm.uniqueEventId=1&_ts=1598055579465&_nmob=t&_device=desktop&url=personal.eftours.com%2Fsecure%2Fmake-donation%2F&_uid=114698.05062896719&_v=2.0.0&_ca=jstag1
Requested by: Host: personal.eftours.com
URL: https://personal.eftours.com/secure/make-donation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
status: 200
content-length: 35
cf-request-id: 04b5221755000016eee7923200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5c686c6bb90916ee-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
3 KB 10ms
10ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c686c6c096116ee-FRA
date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 12 Jun 2020 19:10:39 GMT
server: cloudflare
age: 2638
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=7200
content-encoding: br
cf-request-id: 04b5221787000016eee7925200000001

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
275 B 12ms
11ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2858/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5c686c6c096216ee-FRA
date: Sat, 22 Aug 2020 00:19:39 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 254
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=7200
content-encoding: br
access-control-allow-origin: *
cf-request-id: 04b5221787000016eee7926200000001

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame E731 0
0 130ms
130ms Document
text/html 13.226.155.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1598055600000/5by59bm3fdyy.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-25.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://personal.eftours.com/secure/make-donation/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://personal.eftours.com/secure/make-donation/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Thu, 20 Aug 2020 19:02:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Aug 2020 00:19:39 GMT
etag: "b13284702efd899472f8f97f71011462"
cache-control: max-age=10
x-cache: RefreshHit from cloudfront
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: zE1awGsP8D4AVGmwwzJNp3b4wBsJKOt6P37fL453sj9_29FP3pHhXg==

GET
H/2+Q/46 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GND

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6358
date: Fri, 21 Aug 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 22 Aug 2020 00:33:41 GMT

GET
H/2+Q/46

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=97309877&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&ul=en-us&de=UTF-8&dt=EF&sd=24-bit&sr=1600x1200&v...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_gid=2096919567.1598055580&gjid=2146971214&_v=j83&z=2018322598
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598&slf_rd=1&random=1622019747

42 B
470 B

39ms
23ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598&slf_rd=1&random=1622019747

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Aug 2020 00:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Aug 2020 00:19:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4293088-1&cid=603164951.1598055580&jid=1567059777&_v=j83&z=2018322598&slf_rd=1&random=1622019747
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=97309877&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&ul=en-us&de=UTF-8&dt=EF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&_u=aFDAAEABE~&jid=&gjid=&cid=603164951.1598055580&tid=UA-4293088-1&_gid=2096919567.1598055580&gtm=2wg8c05GND&cd8=null&cd9=603164951.1598055580&z=23391846

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 944335
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/ 35 B
57 B 7ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=97309877&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&ul=en-us&de=UTF-8&dt=EF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75%25&_u=aFDAAEABE~&jid=&gjid=&cid=603164951.1598055580&tid=UA-4293088-1&_gid=2096919567.1598055580&gtm=2wg8c05GND&cd8=null&cd9=603164951.1598055580&z=1108792642

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 944335
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=97309877&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpersonal.eftours.com%2Fsecure%2Fmake-donation%2F&ul=en-us&de=UTF-8&dt=EF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Widget%20Ready&el=Drift%3EWidget%20Ready%20on%20Page&_u=aFDAAEABF~&jid=&gjid=&cid=603164951.1598055580&tid=UA-4293088-1&_gid=2096919567.1598055580&gtm=2wg8c05GND&cd8=null&cd9=603164951.1598055580&z=939918628

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://personal.eftours.com/secure/make-donation/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 02:00:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 944336
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
personal.eftours.com/	1970-01-20 05:25:27	Name: driftt_aid Value: 3e10a4cb-b208-4fd7-99cf-615823eae6c8
personal.eftours.com/	1970-01-19 12:37:27	Name: ly_segs Value: %7B%22default_anon_seg%22%3A%22default_anon_seg%22%2C%22notenrolled%22%3A%22notenrolled%22%2C%22unknown%22%3A%22unknown%22%2C%22no_tr%22%3A%22no_tr%22%2C%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22smt_new%22%3A%22smt_new%22%2C%22all%22%3A%22all%22%7D
personal.eftours.com/	1970-01-19 12:04:20	Name: AWSALB Value: ESb4Z42an9MWo9qyMBiLxZmJGcR5CdtGQUnqIWuQmSe4o4SP+dh1WGJllGMgDZeL+xE2WoBKqrwqf+h88v1Nd9M/LHdHUKfho7cmPwoxT9JbNHWKi8Adi7lgR748
.eftours.com/	1970-01-19 11:55:41	Name: _uetsid Value: e00029a99a2b8ce1b78f9871502e66f7
.personal.eftours.com/	1970-01-19 11:54:17	Name: seerses Value: e
.personal.eftours.com/	1970-01-19 14:03:51	Name: seerid Value: 114698.05062896719
personal.eftours.com/	1969-12-31 23:59:59	Name: __AntiXsrfToken Value: 07f94617eeb6435099031b0daa8eb306
.eftours.com/	1970-01-19 14:03:51	Name: seerid Value: 114698.05062896719
.eftours.com/	1970-01-19 11:54:17	Name: seerses Value: e
personal.eftours.com/	1970-01-19 12:04:20	Name: AWSALBCORS Value: ESb4Z42an9MWo9qyMBiLxZmJGcR5CdtGQUnqIWuQmSe4o4SP+dh1WGJllGMgDZeL+xE2WoBKqrwqf+h88v1Nd9M/LHdHUKfho7cmPwoxT9JbNHWKi8Adi7lgR748
personal.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mlzfqh4qxg30n2giusx3nx4v
.eftours.com/	1970-01-19 14:03:51	Name: _gcl_au Value: 1.1.2061916294.1598055579
.eftours.com/	1970-01-19 12:17:39	Name: _uetvid Value: 81dd0ed53bd5483bf7a5b664f78069b5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.lytics.io
bat.bing.com
c.lytics.io
googleads.g.doubleclick.net
js.driftt.com
personal.eftours.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.securitymetrics.com
13.226.155.25
172.217.18.162
23.20.139.57
2606:4700:20::681a:316
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:809::2004
2a00:1450:4001:814::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:820::2008
2a00:1450:4001:824::2002
2a00:1450:400c:c04::9a
35.190.11.84
76.8.204.12
031548c5eb5bead31f7161d457de43cf670259c512e17e249ba31fc040e925b3
12d3c0cdd8fdc2e6985de80dac1cfda829973305ac3bb3de329127edc500baa5
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
1df6e4df849a211e7af6551ad83d455f9d88a4152b103cc2b055fe49443fc12a
2f237ebb01624c0fb540f84c696beecbc1ae93ea891940f068ca441bb1c7b4c2
31ee0f734783560ea94d85a7be2fc451b25c3c5af1104fb5fdee998e8dbabd76
3a588f18a132b763f3aaba5d5ce64fab9abc547c3b22fd569af9a3a372105cd2
3bceb44019291d0190c3301c3e99505d9245f492f23e1298d5e65468bdb85052
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
50809d68e476580a38a0bce4b569751915af23ceeb54f20a8df16eec60f6e610
53dc9082444aa2c4f603b9a01cc0e9531b8e9ce739da7bc5d61465c85ab3c165
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7fd0e84ee3327f5ef66e31ff94e5b5a6828a45cbb237f23d35a021944a91b337
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
93a137b12aacb22c7aad7c4fb4e0c4b39cb1334e0a3e430b44452627d3a05db0
9be8c5bf74edb53c1286caa0cad1b99919907a1f63ed2bc8ac7473533bdda6ce
9c7d7444a587f99b8065ad7f87942e35aea5ede0e814cbf02dd15e40b750760a
9de65e766439ec5ecca9004e07dde04041c46c718b7d28687c7d2f4176d7b243
9e3e9340f86bed80baaf2027da974c367767a1b3f8351ad15e5232d3496c420a
a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
ad9f1080e51e38ac8f42ecd580ebb5b9caa23127ee63d2d15a528b886b53674d
ae39b54e9fcf0e9f8bcba208aa65f3fab8740f0678d3f10105742b024b11bb6e
af62728ea7e37b54e809ccf8966f3a98c83f4e6edc43159b093b426908cb25a8
b017e701b2d331ced25f953e0255c767e6d86dfb58b897d7f08ed3640e1671dc
b329bd5cec71c7855cbdb9a6ca1085f7e3c8fd2699faf12c1442000a16b802e0
c094dbbb4a2a49d634d7a5e15a8c1f74b3cba60d97db005f76b5ab2ba9769521
c6c0315cde817829a165d7a703bc2590b867d765e99bfa21209d06711a514ae8
c7bbf5348959b6a30aa7672b3a0b632e0e15635bb6845d02d6ae29e2ed9abe37
d168ba515a51b5718ba8f51cc423e6458094e282e9426f9cbc03ed09166bd09a
d2a9b09e31c32335ab8f4c50bf0fefe3ca7ba433e4af42767589abe33c711b06
d792ed2286a3f10ce01ed2c144ef1db80a8273d049b111589539c435ce908f9c
d8f297dca2b6080d080b714c19f59972bc00c77ff95c3e0faba39218d7364604
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f09ba67a7a23a1aa69b08a52fede217a8c110211b808ff359486ca91224752
eab855d5ad7d8046c589a207c1f28e2005409aea7c9ae9510250df018d9e4b74
ec80bea1355db7f5c5bf4f88741f7afe90a744f652f9358ba761da2783495ba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7286b7004b28b36a9ff031874946fd9195996224551a7d2a39df985f0f2d116
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

personal.eftours.com Open in urlscan Pro 23.20.139.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

64 %IPv6

12 Domains

14 Subdomains

13 IPs

3 Countries

399 kBTransfer

1238 kBSize

13 Cookies

1 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

personal.eftours.com Open in urlscan Pro
23.20.139.57 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

399 kB
Transfer

1238 kB
Size

13
Cookies

51 HTTP transactions
0 data transactions