urlscan.io logo urlscan.io
SecurityTrails logo

www.eftours.com Open in urlscan Pro
2606:4700::6810:a7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.eftours.com/
Effective URL: https://www.eftours.com/
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 18 domains to perform 89 HTTP transactions. The main IP is 2606:4700::6810:a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 232860.
TLS certificate: Issued by GTS CA 1P5 on April 12th 2024. Valid for: 3 months.
This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::644 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.102.51 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 142.250.185.168 15169 (GOOGLE)
1 52.222.236.107 16509 (AMAZON-02)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
6 95.100.146.16 20940 (AKAMAI-ASN1)
1 108.156.2.69 16509 (AMAZON-02)
1 2.23.78.22 16625 (AKAMAI-AS)
1 18.245.86.87 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
1 52.222.236.94 16509 (AMAZON-02)
6 95.101.196.187 16625 (AKAMAI-AS)
6 2a03:2880:f17... 32934 (FACEBOOK)
1 18.66.112.79 16509 (AMAZON-02)
1 52.18.113.55 16509 (AMAZON-02)
2 34.111.140.246 396982 (GOOGLE-CL...)
1 216.58.212.162 15169 (GOOGLE)
1 216.239.32.36 ()
2 18.245.86.73 ()
89 27
32    2606:4700::6810:a7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.eftours.com
media.eftours.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
2    2a02:26f0:3500:892::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2a02:26f0:480:58b::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
1    52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net
widget.trustpilot.com
10    2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
6    95.100.146.16 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-16.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    108.156.2.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-69.mxp63.r.cloudfront.net
script.hotjar.com
1    2.23.78.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-22.deploy.static.akamaitechnologies.com
a24099230963.cdn.optimizely.com
1    18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net
js.driftt.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
www.google.de
1    52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net
widget.trustpilot.com
6    95.101.196.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-187.deploy.static.akamaitechnologies.com
ct.pinterest.com
6    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
1    52.18.113.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-113-55.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com
logx.optimizely.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
1    216.239.32.36 (None, )

ASN- ()
region1.analytics.google.com
2    18.245.86.73 (None, )

ASN- ()
js.driftt.com
Apex Domain
Subdomains		 Transfer
32 eftours.com
www.eftours.com — Cisco Umbrella Rank: 232860
media.eftours.com — Cisco Umbrella Rank: 247345
18 MB
10 lytics.io
c.lytics.io — Cisco Umbrella Rank: 11562
52 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
5 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 902
3 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 712
156 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 923
a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 185769
logx.optimizely.com — Cisco Umbrella Rank: 1587
88 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
316 B
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 5864
62 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
319 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2775
content.hotjar.io — Cisco Umbrella Rank: 6388
404 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
cm.g.doubleclick.net — Cisco Umbrella Rank: 272
663 B
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5554
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
73 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 911
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 988
59 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4396
134 KB
89 18
Domain Requested by
26 media.eftours.com www.eftours.com
media.eftours.com
10 c.lytics.io www.eftours.com
c.lytics.io
6 www.facebook.com www.eftours.com
6 ct.pinterest.com s.pinimg.com
6 analytics.tiktok.com www.eftours.com
analytics.tiktok.com
6 www.eftours.com 1 redirects www.eftours.com
3 region1.analytics.google.com www.googletagmanager.com
3 js.driftt.com www.eftours.com
js.driftt.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.eftours.com
3 www.googletagmanager.com www.eftours.com
www.googletagmanager.com
2 logx.optimizely.com cdn.optimizely.com
js.driftt.com
2 widget.trustpilot.com www.googletagmanager.com
widget.trustpilot.com
2 connect.facebook.net www.eftours.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
1 cm.g.doubleclick.net www.eftours.com
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 www.google.de www.eftours.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 a24099230963.cdn.optimizely.com cdn.optimizely.com
1 script.hotjar.com static.hotjar.com
1 cdn.optimizely.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 fast.wistia.com www.eftours.com
89 24
Subject Issuer Validity Valid
eftours.com
GTS CA 1P5		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
lytics.io
E1		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
drift.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-11		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
logx.optimizely.com
GTS CA 1D4		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.eftours.com/
Frame ID: D7F016A0B5429ADC9C6D3A0433A8A70C
Requests: 82 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: 6FF59E08B12B9525502F25F5F77861BA
Requests: 1 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 7ACBE67EB211A5DB5603065F0FD70B82
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Frame ID: 14B45571250022B1E2AEB95166EB74FA
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B0866E7B03193C311433F41A4F97264C
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=6b15f0f5-2d29-43e3-9ed3-b772edd4d1e0&sessionStarted=1715894654.557&campaignRefreshToken=3cdbefd9-d036-4303-87a0-d881554f0020&hideController=false&pageLoadStartTime=1715894645122&mode=CHAT&driftEnableLog=false&loadStrategy=ON_INTERACTIVE&secureIframe=false&u=https%3A%2F%2Fwww.eftours.com%2F
Frame ID: 4F47C0DE741B1B161768EFF06C980BA5
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1715894645122
Frame ID: A2254A7AFB597DCA0F8361C4C1BCDF3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Student travel programs | Educational tours for students | EF Tours

Page URL History Show full URLs

  1. http://www.eftours.com/ HTTP 307
    https://www.eftours.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

99 %
HTTPS

41 %
IPv6

18
Domains

24
Subdomains

27
IPs

5
Countries

19139 kB
Transfer

22458 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.eftours.com/ HTTP 307
    https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eftours.com/
Redirect Chain
  • http://www.eftours.com/
  • https://www.eftours.com/
61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956a7a695a06b71162dff8279d6f0887b2c0412f799e62f97394f097e90c4680
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

apigw-requestid
X4fqQiZECYcEMWg=
cache-control
private, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
884e6eb69ccfa03a-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 21:24:04 GMT
expires
-1
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
all
x-ua-compatible
IE=edge

Redirect headers

Location
https://www.eftours.com/
Non-Authoritative-Reason
HttpsUpgrades
gtm.js
www.googletagmanager.com/ 		413 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0afb2e02df5f4a725d01cfec711a9285f48987fcdb67e54822e155629dd853e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122271
x-xss-protection
0
last-modified
Thu, 16 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 May 2024 21:24:05 GMT
baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
media.eftours.com/bundles/css/ 		568 KB
129 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/css/baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 10:47:03 GMT
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 16 May 2024 10:47:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=2553767
cf-ray
884e6ebb8a90a03a-FRA
x-ua-compatible
IE=edge
modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
media.eftours.com/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 10:03:14 GMT
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 16 May 2024 10:03:14 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2551149
cf-ray
884e6ebb8a95a03a-FRA
content-length
5776
x-ua-compatible
IE=edge
ET_Desktop_Stage_864.jpg
www.eftours.com/~/media/Images/ETUS/test/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eftours.com/~/media/Images/ETUS/test/ET_Desktop_Stage_864.jpg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
MISS
content-disposition
inline; filename="ET_Desktop_Stage_864.jpg"
content-length
61270
apigw-requestid
X4fqYjSViYcEMgw=
x-ua-compatible
IE=edge
last-modified
Wed, 30 Mar 2022 15:07:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
private, max-age=3600
accept-ranges
bytes
x-robots-tag
all
cf-ray
884e6ebb7a7aa03a-FRA
expires
Sat, 15 Jun 2024 21:24:05 GMT
popular_collection_paris.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/popular_collection_paris.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:43 GMT
server
cloudflare
age
407798
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Popular_Collection_Paris.webp"
accept-ranges
bytes
cf-ray
884e6ebc3b51a03a-FRA
content-length
86480
expires
Sat, 15 Jun 2024 21:24:05 GMT
stem_homepage-1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/stem_homepage-1.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 19:50:04 GMT
server
cloudflare
age
179841
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="stem_homepage-1.webp"
accept-ranges
bytes
cf-ray
884e6ebcfc22a03a-FRA
content-length
60840
expires
Sat, 15 Jun 2024 21:24:05 GMT
new%20tours%20webp.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/new%20tours%20webp.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:41 GMT
server
cloudflare
age
660726
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="New Tours webp.webp"
accept-ranges
bytes
cf-ray
884e6ebd6cb0a03a-FRA
content-length
52236
expires
Sat, 15 Jun 2024 21:24:05 GMT
responsible_travel_hp_card.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/responsible_travel_hp_card.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 16:57:52 GMT
server
cloudflare
age
134889
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Responsible_Travel_HP_card.webp"
accept-ranges
bytes
cf-ray
884e6ebdcd3da03a-FRA
content-length
49404
expires
Sat, 15 Jun 2024 21:24:05 GMT
important_2.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/important_2.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:41 GMT
server
cloudflare
age
921343
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Important_2.webp"
accept-ranges
bytes
cf-ray
884e6ec0d939a03a-FRA
content-length
43748
expires
Sat, 15 Jun 2024 21:24:05 GMT
seal.svg
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		45 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/seal.svg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Aug 2020 21:35:13 GMT
server
cloudflare
age
134887
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Seal.svg"
cf-ray
884e6ec0d93ca03a-FRA
expires
Sat, 15 Jun 2024 21:24:05 GMT
et-homepg-blogslice-1on1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/et-homepg-blogslice-1on1.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 17:40:31 GMT
server
cloudflare
age
179841
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-1on1.webp"
accept-ranges
bytes
cf-ray
884e6ec0d93fa03a-FRA
content-length
39942
expires
Sat, 15 Jun 2024 21:24:05 GMT
clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 		624 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 18:18:12 GMT
server
cloudflare
age
179841
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Clock.svg"
cf-ray
884e6ec149c8a03a-FRA
expires
Sat, 15 Jun 2024 21:24:05 GMT
ET-HomePg-BlogSlice-Tokyo.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Tokyo.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 17:45:30 GMT
server
cloudflare
age
660726
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Tokyo.webp"
accept-ranges
bytes
cf-ray
884e6ec149caa03a-FRA
content-length
3628
expires
Sat, 15 Jun 2024 21:24:05 GMT
ET-HomePg-BlogSlice-Summit.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Summit.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 15:25:05 GMT
server
cloudflare
age
179840
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Summit.webp"
accept-ranges
bytes
cf-ray
884e6ec149cba03a-FRA
content-length
3478
expires
Sat, 15 Jun 2024 21:24:05 GMT
ET-HomePg-BlogSlice-Carlos.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Carlos.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 15:25:06 GMT
server
cloudflare
age
1603841
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Carlos.webp"
accept-ranges
bytes
cf-ray
884e6ec19a1aa03a-FRA
content-length
2400
expires
Sat, 15 Jun 2024 21:24:06 GMT
bottom-cta-collage.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/bottom-cta-collage.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:36 GMT
server
cloudflare
age
660725
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="bottom-cta-collage.webp"
accept-ranges
bytes
cf-ray
884e6ec1aa24a03a-FRA
content-length
37290
expires
Sat, 15 Jun 2024 21:24:06 GMT
ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Aug 2022 20:40:33 GMT
server
cloudflare
age
175753
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
content-disposition
inline; filename="EF-logo-footer_optimized.png"
accept-ranges
bytes
cf-ray
884e6ec1ba28a03a-FRA
content-length
6326
expires
Sat, 15 Jun 2024 21:24:06 GMT
E-v1.js
fast.wistia.com/assets/external/ 		787 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
244b4362c18e6ed69525eec73cd3eb56cbb7c3ffb9bb6bae4c9f68463d902039
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1304
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
136469
x-served-by
cache-iad-kjyo7100072-IAD, cache-cph2320029-CPH
x-browser-version
125
last-modified
Thu, 16 May 2024 16:01:18 GMT
server
AmazonS3
x-timer
S1715894646.982049,VS0,VE0
etag
"542b6a13cfaee98b715c5f2e61c7335b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
8c7f379ef3847b504251da99d90e10a806c35782
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41, 26
rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1
media.eftours.com/bundles/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 11:11:03 GMT
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 16 May 2024 11:11:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2555207
cf-ray
884e6ebe3db2a03a-FRA
content-length
2463
x-ua-compatible
IE=edge
requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
media.eftours.com/bundles/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 10:47:03 GMT
date
Thu, 16 May 2024 21:24:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 16 May 2024 10:47:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2553767
cf-ray
884e6ec0d934a03a-FRA
content-length
7510
x-ua-compatible
IE=edge
rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1
media.eftours.com/bundles/ 		654 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 16 May 2025 10:47:03 GMT
date
Thu, 16 May 2024 21:24:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 16 May 2024 10:47:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2553767
cf-ray
884e6ec0d937a03a-FRA
content-length
476
x-ua-compatible
IE=edge
js
www.googletagmanager.com/gtag/ 		294 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05c6e47429c24cf4effc22484c7165adbe1a0af132b0c1719280597c57b6f36a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101688
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:24:05 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 16 May 2024 21:24:05 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3C5715E724B84FFD8C906CDA81B3ABD1 Ref B: FRA31EDGE0521 Ref C: 2024-05-16T21:24:05Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
hotjar-157276.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-157276.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
3199f8eecd6cd8fb70cabab6e56276cf43ca217f55c817eed05f56d1a58e4822
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 16 May 2024 21:24:05 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
59
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3dd8e0db434a0c02d1c9bb5dbc70b213
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
HFxmZdsFOFi0PC5FyG00z6ign41tTWcdVp28gKzEM4A72e4N89WjSw==
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1881
24439131089.js
cdn.optimizely.com/js/ 		284 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/24439131089.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:58b::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
CE_xma4TKhYXMd10oaeyKzZ9OzVCGXve
content-encoding
gzip
date
Thu, 16 May 2024 21:24:06 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
PH0PW49EKE2K2VSP
x-amz-server-side-encryption
AES256
x-amz-meta-revision
186
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="40";dur=0,cdnip;desc="2a02:26f0:480:58b::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0, ak_p; desc="1715894646017_35115186_1412218557_726_1691_40_48_146";dur=1
content-length
88803
x-amz-id-2
fk838dRsfobd+YSM7p/O0uc9y4KgUGse4L5iS8XVj2jR8C5X3dG9kM/c7J1JHU/KVINrqVpSwa4=
last-modified
Tue, 02 Apr 2024 21:02:09 GMT
server
AmazonS3
etag
"a4589c74ed12532b2277b5784194be64"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 21:24:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
m0W1P9290ieacEJgXYq9z1H5mAnHCAPFqhEmfcWXOwghQx7KY5V80XXais5OeU5GhW2Z5SFtUSHhftonYyjLpA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ET_1700_Frame1.jpg
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700_Frame1.jpg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
age
71861
content-disposition
inline; filename="ET_1700_Frame1.jpg"
content-length
127330
x-ua-compatible
IE=edge
cf-bgj
h2pri
last-modified
Wed, 18 May 2022 17:38:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
884e6ec1da50a03a-FRA
expires
Sat, 15 Jun 2024 21:24:06 GMT
clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 		624 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 18:18:12 GMT
server
cloudflare
age
179841
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Clock.svg"
cf-ray
884e6ec149c8a03a-FRA
expires
Sat, 15 Jun 2024 21:24:05 GMT
ET_1700.webm
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700.webm
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://www.eftours.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
last-modified
Wed, 18 May 2022 17:38:29 GMT
server
cloudflare
age
71861
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
Content-Range
bytes 0-7624351/7624352
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET_1700.webm"
cf-ray
884e6ec5ff18a03a-FRA
Content-Length
7624352
expires
Sat, 15 Jun 2024 21:24:06 GMT
_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Origin
https://www.eftours.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
age
10857
content-length
23756
apigw-requestid
X4FKJgCjiYcEMuw=
x-ua-compatible
IE=edge
last-modified
Thu, 25 Apr 2024 17:50:58 GMT
server
cloudflare
etag
"0adcb203997da1:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-robots-tag
all
cf-ray
884e6ec6d80ea03a-FRA
expires
Sat, 15 Jun 2024 21:24:06 GMT
ET-People-556px-2023-v2.mp4
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		10 MB
10 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ET-People-556px-2023-v2.mp4
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://www.eftours.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:06 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 20:31:36 GMT
server
cloudflare
age
179839
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-10078971/10078972
cache-control
public, max-age=2592000
content-disposition
inline; filename="ET-People-556px-2023-v2.mp4"
cf-ray
884e6ec64f6fa03a-FRA
Content-Length
10078972
expires
Sat, 15 Jun 2024 21:24:06 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
68b44eb1ecdc416f192a10f8d7cc5b1ca1360e966d458ee0ae99a23f647235a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101641
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 21:24:06 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 01:14:07 GMT
content-encoding
gzip
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P4
age
72600
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
DvpcFv3KfuUeqs7xmZRXZv-CeYbmGq0zLx6pqXwkpFY1rXnNkATAaQ==
latest.min.js
c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4749
content-encoding
br
last-modified
Thu, 16 May 2024 20:04:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1DPlSS9sTZ%2BnfGBrzCEsZenakpjXYhW%2FIxJB3A9tKyzsBfLO%2Bay1OJS7KMHvIVTMhTlET4B1hQkKhQ1FOtPyXF6Ly2w1KU29UGm4LQZuumXxxlTbSpT2Q0lkGs4AyB4OeW36tdCfK5O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
6f5b4fd54c6367ffd99e3905acb1fdb9
cf-ray
884e6ec8fba591e4-FRA
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a62707cf4b5deb7b005684725b9de62e12a698bce8fbc58b1a72425dec57adec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
945d7c2b.90bf0c
date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240516212407419E19D5BA160BDF39F0-26E859EF3B721D11-00
x-cache
TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
117,95.100.146.12
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=8, inner; dur=4
content-length
2013
pragma
no-cache
server
nginx
x-tt-logid
20240516212407419E19D5BA160BDF39F0
x-cache-remote
TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.48.200.133
x-tt-trace-host
0199848b5aec2e06eba3c270de162375a2b991a9745b418151a7f30cc5b26b27e13cbc94d34ddda17cf9327a11415f2f30c24393dded14e1f423c54c23f24d6edd4a6cdca6aecdec72e3e25d8d7267a30a1b4847fceb5085be5cd22cfc73829e4faead1d0c5c30c947ecd0dc14193b0775
expires
Thu, 16 May 2024 21:24:07 GMT
modules.4d9dd1518dc89987e57a.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4d9dd1518dc89987e57a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-69.mxp63.r.cloudfront.net
Software
/
Resource Hash
3c5d222399d9fa649c99361cbea1348c558f3352ec919729c7ce513e3c7ad792
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 20079c2d495cc9848700dcb580b19332.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
36901
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55996
last-modified
Thu, 16 May 2024 11:08:55 GMT
etag
"636b49be2c6aeeba0435fad0a63d2313"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
YST7-0bNchdEsu3PolUXcP2PSELqSOBWQJRFbvPPf127AAkboJNv2g==
main.2bdc3040.js
s.pinimg.com/ct/lib/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
19942
a24099230963.html
a24099230963.cdn.optimizely.com/client_storage/ Frame 6FF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.78.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-78-22.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1093
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 21:24:07 GMT
etag
"02fb11d5bca2cc7a8fca31336a062ccd"
last-modified
Thu, 16 May 2024 13:19:04 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=14 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="50";dur=0,cdnip;desc="2.23.78.22";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1715894647437_386904460_1091436479_1397_1991_50_59_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
VSSU23dsI1+LMOr830mstAVDvwj1IO2lz2hKkogkNa5P6CJSU07YkQiZrLqrm4cH8u5gGQBk9z8=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
T9M7PPH38QVAF1GW
x-amz-server-side-encryption
AES256
x-amz-version-id
L3DL2L.RhZ4O_nw5BboyjjwbemOVhFa0
5by59bm3fdyy.js
js.driftt.com/include/1715894700000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1715894700000/5by59bm3fdyy.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-87.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b5ef7dd34cf17eb441a01a651d089e520dff86ae2337ff95ee079f46a394880a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Z_PrOFTRMvL4O0aYU62zlt9FokvO7ucK
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 16 May 2024 21:24:07 GMT
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
32
last-modified
Fri, 03 May 2024 15:33:08 GMT
server
istio-envoy
etag
W/"cb9fee71607daf9b9d3bb7b3d5abc6da"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6I07lV_eQyhEsalz4OBB2Pg2Tqv5zYsH4YCFLuQdfNmW_rSJu88tGA==
302935565346434
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/302935565346434?v=2.9.156&r=stable&domain=www.eftours.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e03afb7bfc9b59a5e1f05180069669b4f8c29c2ceae38eefaabc04b698e4b49
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 21:24:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13800
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=63, mss=1294, tbw=63331, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
No5/oFmeEz/2cweR0cwrxswW4yRkdjhiKngf9YbN414E38wNkHeWXsv/zfwBXRB6/UlWaKPw0i5+qNifmPsv6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je45f0v877811556z8867853431za200&_p=1715894644923&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=191613237.1715894647&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1715894647&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group&tfd=3183
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=191613237.1715894647&gtm=45je45f0v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=191613237.1715894647&gtm=45je45f0v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1723359046
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.25043c26.js
media.eftours.com/content/js-build/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/content/js-build/bootstrap.25043c26.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
184968
content-length
14899
x-ua-compatible
IE=edge
last-modified
Thu, 25 Apr 2024 17:51:00 GMT
server
cloudflare
etag
"0dafc213997da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
884e6ec98bd6a03a-FRA
expires
Sat, 15 Jun 2024 21:24:07 GMT
13007618.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13007618.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 16 May 2024 21:24:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2DF18B9D7EB4AA1959BDCDCC4F87EF7 Ref B: FRA31EDGE0521 Ref C: 2024-05-16T21:24:07Z
x-cache
CONFIG_NOCACHE
main.js
www.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 7ACB
Redirect Chain
  • https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c38228705c31ff698e202524360f36e20e2c0122d74d4773ec556670a267a77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=3600
cf-ray
884e6ecaed80a03a-FRA

Redirect headers

date
Thu, 16 May 2024 21:24:07 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
access-control-allow-origin
*
cache-control
private, max-age=3600
cf-ray
884e6eca1c78a03a-FRA
content-length
0
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=1b7511ff-af2f-4c1d-91c6-e400cb44f9bd&sid=a0c97d2013ca11efb2fe21ba8c3a3d61&vid=a0c99f1013ca11efbee9d3f3e946eed6&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=3293&evt=pageLoad&sv=1&rn=852242
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 May 2024 21:24:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF658F8B84564691A4624F95F2616380 Ref B: FRA31EDGE0521 Ref C: 2024-05-16T21:24:07Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 14B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
55330
cache-control
max-age=86400
content-encoding
gzip
content-length
3267
content-type
text/html
date
Thu, 16 May 2024 06:01:58 GMT
etag
"2922a85ce6caf46f828c097bf7aa1036"
last-modified
Mon, 30 Oct 2023 13:11:24 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-id
ATbHmFeRgZ60t3PT2sPVtinjMQ--4sBy5DzMbfF_9Xo_lhZ4UWBL_g==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
ct.pinterest.com/user/ 		320 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1715894647414&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.0e771302.1715894647.1a598b1e
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=600
content-length
186
x-pinterest-rid
6116186763550751
pin-unauth
dWlkPVpXTTVPR1ZpWldNdE1UQmhNUzAwTWpBeExUa3pabVV0Wm1WaU9URmhOVFprT0RRMg
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
5c8bfc366c53ef4acca5f606987646193351b3ab
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		320 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%223f917753-83c7-46a4-8149-eb8e25b3791a%22%7D&tid=2620473989394&cb=1715894647416&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.0e771302.1715894647.1a598b29
x-envoy-upstream-service-time
1
content-length
186
x-pinterest-rid
4866807551919472
pin-unauth
dWlkPU9UTTVPRFV3TlRFdE9HVm1aUzAwWXpjekxXRXdNR0l0T1dOallUWmhaRGs0WmpNMw
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
5c8bfc366c53ef4acca5f606987646193351b3ab
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MWNkMWZjOGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
90c332
date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240509122012C8965AC91BDCD3927E7C
x-tt-trace-id
00-240509122012C8965AC91BDCD3927E7C-3EFCE0F588ABF6D0-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01fe8e1c4608944745a71ea425f7ce0ca07d5b0a9f463a2ba4ffc88a75097f39e88fb2f7de7bd5f8fbf1e348aa218743904622dead69370c5982daff71ab93932006123b735d5f4262ae6285ad593ccfca18d63bdbd67c9532ce58cfd840e29bb9
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=19
content-length
116189
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894647459&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715894647450.1151221478&cs_est=true&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1294, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 21:24:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894647459&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715894647450.1151221478&cs_est=true&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=FGET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc35d6a6f6e04939a","source_keys":["1","2"]},{"key_piece":"0x2b730784a7e8f52c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 16 May 2024 21:24:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=3111, tp=-1, tpl=-1, uplat=203, ullat=0
pragma
no-cache
x-fb-debug
HXfSfwRk4FXhg/M5Z0JsGglMx4OZZOiYfKFqI1OgbsV77F/VulqKa5T2vAEiHmcgi5xdllcQAHwBqAaTN8OXNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.60%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1715894647469
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.0e771302.1715894647.1a598b2a
content-type
image/gif
access-control-allow-origin
https://www.eftours.com
pinterest-version
5c8bfc366c53ef4acca5f606987646193351b3ab
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
3079031162293952
expires
Sat, 01 Jan 2000 00:00:00 GMT
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1715894647438&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.191613237.1715894647&optimizelyid=oeu1715894647043r0.4134087522861316&_v=3.0.35&_uid=c604a649-d939-458d-96fc-dc735933f4b5&_getid=t
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72MxI36MT7jXtaru2HueecMcnnVRU7sSudC1pDxP%2BGE%2FzFUOQLNUbx463UfxQ2HdLIBfCHYKj%2FqUMpXopIxmaeiU6uP9L%2BbxkQ2LCpwd6lDNhUOUmcMhVXdp7tCiAQ2t%2FD32oBrnSYVO"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
1616e01de8e1cfe0be91645a200bf707
cf-ray
884e6ecaee0791e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
157276
vc.hotjar.io/sessions/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/157276?s=0.25&r=0.23280411300339887
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4d9dd1518dc89987e57a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 16 May 2024 21:24:07 GMT
cache-control
no-store
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ztnCw-o3gDpq7O3JWZhlRBXDgwKumqEoKGRoGvji_SCSCtRlyBqSBQ==
x-cache
Miss from cloudfront
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=157276&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4d9dd1518dc89987e57a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.18.113.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-113-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab398c292d7018d0565ab79ac5a4de8e4da6206f2dc30e11ddcb0a5b83225004

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 16 May 2024 21:24:07 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?gtm.start=1715894644923&event=gtm.js&gtm.uniqueEventId=1&_ts=1715894647481&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.191613237.1715894647&_uid=c604a649-d939-458d-96fc-dc735933f4b5&optimizelyid=oeu1715894647043r0.4134087522861316&_v=3.0.35
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQdU%2BTKiIFNDaa%2F3mdqrb%2FLmblx6g9ty%2F6%2Feu%2FxkNOGwXtkckKG16cZm6hRuX5g21zIhXu4TQyZTo8g9hs%2BF%2BJG4gUqV8VkyohoKykgSIq%2FRaW0Hs7PmF7OpzUJ3G%2B1y9%2B8goqIWxCQE"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
256da3afe5216b30a8799fc36e322fa7
cf-ray
884e6ecc1f6391e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfCX1g%2BMJkijarB%2F1eR%2F%2FPfOWbyes0X5c4OU0i4%2BzsOEyQqD8ffxwlemZ91krU3A2VDoRgCKk%2Bxe36CRTMi8cjo2g6rIL9FZ4Dhh2tuD5hBAg1uTQJTcEQYICo2QJiEH2JY3gwoj4Du3"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
6095ac6f19178fd703dc6895113a09d9
cf-ray
884e6ecc3f8391e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
jquery-3.5.0.min.js
media.eftours.com/Content/js/libs/ 		105 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/Content/js/libs/jquery-3.5.0.min.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
186218
content-length
43498
x-ua-compatible
IE=edge
last-modified
Thu, 25 Apr 2024 17:51:00 GMT
server
cloudflare
etag
"0dafc213997da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
884e6ecc9f85a03a-FRA
expires
Sat, 15 Jun 2024 21:24:07 GMT
nav.f0038006.js
media.eftours.com/content/js-build/core/modules/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
183431
content-length
2210
x-ua-compatible
IE=edge
last-modified
Thu, 25 Apr 2024 17:51:00 GMT
server
cloudflare
etag
"0dafc213997da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
884e6ecc9f8ea03a-FRA
expires
Sat, 15 Jun 2024 21:24:07 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%223f917753-83c7-46a4-8149-eb8e25b3791a%22%7D&tid=2620473989394&cb=1715894647759&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpXTTVPR1ZpWldNdE1UQmhNUzAwTWpBeExUa3pabVV0Wm1WaU9URmhOVFprT0RRMg%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.60%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:07 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.0e771302.1715894647.1a598bfb
content-type
image/gif
access-control-allow-origin
https://www.eftours.com
pinterest-version
5c8bfc366c53ef4acca5f606987646193351b3ab
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1657200117856976
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_93546.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
90c6b8
date
Thu, 16 May 2024 21:24:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240508162132A0D6B7841F621DD9E667
x-tt-trace-id
00-240508162132A0D6B7841F621DD9E667-70C756FE34F66FC3-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d5bc42629b6c34ba885c13b9b8763a7a344b7c14bab807f1afe93fb47cbbda60ef67d89b7473f189b504b20d03b690032a53a8fef3b3e59b323f80076339f0d90d40ae3978b4cfbeef2ad301653887b773223c76a1464aa0ffc4ff6ac332e94
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37047
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
81f72eb6.90c7dc
date
Thu, 16 May 2024 21:24:08 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405162124071E2B9D274D6190E24D6E-0ED844D32A1FD54A-00
x-cache
TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
114,95.100.146.12
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=21, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202405162124071E2B9D274D6190E24D6E
x-cache-remote
TCP_MISS from a23-48-200-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.48.200.142
x-tt-trace-host
0199848b5aec2e06eba3c270de162375a2b991a9745b418151a7f30cc5b26b27e1b24fac832fd4999f4bfcc1673b9448e568e832126371c769f2c55bfaf8204f3c67cfa1b73e8bb39aa5a14cfe2cfd00fb58dcb915a98aa400676b047987b80aaa4ad2ce0e7e944e0fdd7e396872df0f09
access-control-allow-headers
Authorization,*
expires
Thu, 16 May 2024 21:24:08 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
847 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6418a05f.90c7dd
date
Thu, 16 May 2024 21:24:08 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240516212407AB9AAF94FDA56BFD5185-638288C89214FEF9-00
x-cache
TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
201,95.100.146.12
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=107, inner; dur=103
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240516212407AB9AAF94FDA56BFD5185
x-cache-remote
TCP_MISS from a23-48-200-140.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
107,23.48.200.140
x-tt-trace-host
0199848b5aec2e06eba3c270de162375a2b991a9745b418151a7f30cc5b26b27e1b016b5c96732c29d5381d7d698ed958b15409b92db7260746ac6cab32369fbd8c0951ce78f36f96711cfce0f804b411721bd6c9c7deb6c520718ecbde8b2f4d67ee651d3f3471f9ce78a7d1ed47d9985
access-control-allow-headers
Authorization,*
expires
Thu, 16 May 2024 21:24:08 GMT
884e6eb69ccfa03a
www.eftours.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7ACB 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/cdn-cgi/challenge-platform/h/g/jsd/r/884e6eb69ccfa03a
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
cache-control
private, max-age=3600
server
cloudflare
cf-ray
884e6ece99d4a03a-FRA
content-length
0
content-type
text/plain; charset=UTF-8
c604a649-d939-458d-96fc-dc735933f4b5
c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/ 		306 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/c604a649-d939-458d-96fc-dc735933f4b5?segments=true&stream=ef_et&mergestate=true&state=%7B%22_uid%22%3A%22c604a649-d939-458d-96fc-dc735933f4b5%22%2C%22_ga%22%3A%22GA1.1.191613237.1715894647%22%2C%22optimizelyEndUserId%22%3A%22oeu1715894647043r0.4134087522861316%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22optimizelyid%22%3A%22oeu1715894647043r0.4134087522861316%22%2C%22_v%22%3A%223.0.35%22%2C%22_uido%22%3A%22c604a649-d939-458d-96fc-dc735933f4b5%22%7D&ts=1715894648090&callback=u_712992259028234900
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9372eb26202a1efa74dbe00304125daf909db2b4a926e144e15bef17110c3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDKXLDjN7kZv0IPrqimLc4ofzo%2BFEBVEhWfQEk%2BEudCH%2BJhpOJVr49%2B40oe2qWREa3sMDQb5cseGhEUR4Zidg%2FQ8al4BZa7II27NvaerCxurj%2BhEHbOqP%2F4Qzu72mB846h9lLnP3gpBk"}],"group":"cf-nel","max_age":604800}
x-lytics-trace
64bc55f459f0b8a4f57215c97a104662
cf-ray
884e6eceba8091e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ga=GA1.1.191613237.1715894647&optimizelyEndUserId=oeu1715894647043r0.4134087522861316&_ts=1715894647758&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=c604a649-d939-458d-96fc-dc735933f4b5&optimizelyid=oeu1715894647043r0.4134087522861316&_v=3.0.35&_uido=c604a649-d939-458d-96fc-dc735933f4b5
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2Bw%2FyvFSuZhWT8BVfFBuck%2FKBFExj4j4LybJ1FNg6RDMAh%2BZ3MJg5hykMJKA5ApYeN2jnZEaj6Pfa%2Bs1FBCr2womLAk7m2Z2Gl1J1%2BwBRUGwk2lLseO5cGfJB4R6ejNgZQKw7tIVHxIX"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
72f5e9b08450e4d600b789ecf3441c3f
cf-ray
884e6eceba8391e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
events
logx.optimizely.com/v1/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
e96191e5-0233-48d0-a74f-ac60df03c063
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
945dbcce.90cbbe
date
Thu, 16 May 2024 21:24:08 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405162124087D4493B21C21F7F835EF-5E4B58017DF21D5B-00
x-cache
TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
136,95.100.146.12
server-timing
cdn-cache; desc=MISS, edge; dur=127, origin; dur=19, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202405162124087D4493B21C21F7F835EF
x-cache-remote
TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.48.200.133
x-tt-trace-host
0199848b5aec2e06eba3c270de162375a2b991a9745b418151a7f30cc5b26b27e13cbc94d34ddda17cf9327a11415f2f30ce414e5cb59b8fa40cba6c8660dbf907591f5e748e34c99156fedc2d59346f790a7d3e0e1663cd31b5d343c594026fd80a09eb184844ee7bb418764eb36be8f1
access-control-allow-headers
Authorization,*
expires
Thu, 16 May 2024 21:24:08 GMT
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=YzYwNGE2NDktZDkzOS00NThkLTk2ZmMtZGM3MzU5MzNmNGI1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je45f0v877811556za200&_p=1715894644923&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=191613237.1715894647&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1715894647&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_ee=1&_et=138&tfd=4294
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894648342&cd[external_id]=c604a649-d939-458d-96fc-dc735933f4b5&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1715894647450.1151221478&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1294, tbw=6295, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 21:24:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894648342&cd[external_id]=c604a649-d939-458d-96fc-dc735933f4b5&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1715894647450.1151221478&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=FGET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04e06b0ed8411958","source_keys":["1","2"]},{"key_piece":"0x246281c49f133492","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 16 May 2024 21:24:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=13, mss=1294, tbw=6694, tp=-1, tpl=-1, uplat=37, ullat=0
pragma
no-cache
x-fb-debug
hT0IMrgvg1hPxpAGIo2mxVm6MQD7pkJK5rfzwQ8gTwW2NMmlfXD5xXmG5PaaKHKKeyDK1z2osENipTEQaulIAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894648343&cd[ly_unknown_email]=true&cd[ly_frequent_user]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1715894647450.1151221478&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1294, tbw=6512, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 21:24:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1715894648343&cd[ly_unknown_email]=true&cd[ly_frequent_user]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1715894647450.1151221478&ler=empty&cdl=API_unavailable&it=1715894647186&coo=false&rqm=FGET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04e06b0ed8411958","source_keys":["1","2"]},{"key_piece":"0x246281c49f133492","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 16 May 2024 21:24:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1294, tbw=7189, tp=-1, tpl=-1, uplat=38, ullat=0
pragma
no-cache
x-fb-debug
xEtmEbMU7TiWBwgDPWlri7MP5SX0YE9TkVfS1JkE0cOWmTBblmsToWh28SFK8lHq0rTGz5of4ACP2gnpyAZvjg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.0a771302.1715894648.f140f117
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
alt-svc
h3=":443"; ma=600
content-length
2108
quic-version
0x00000001
ct.html
ct.pinterest.com/ Frame B086 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

akamai-grn
0.0e771302.1715894648.1a598e48
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 21:24:08 GMT
pinterest-version
5c8bfc366c53ef4acca5f606987646193351b3ab
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
1
x-pinterest-rid
1761626203486595
google_dv360
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/google_dv360?_ts=1715894648508&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.191613237.1715894647&_uid=c604a649-d939-458d-96fc-dc735933f4b5&optimizelyid=oeu1715894647043r0.4134087522861316&_v=3.0.35&_uido=c604a649-d939-458d-96fc-dc735933f4b5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGUehfuvaolSTgEB4jYHSQvEfPlusmInqR0IbfAPiRN%2F4GIaSpyOEBTHp%2BpWdDuObTJAmlXKJqFS0iTn89pn5O67%2FQTXtKVsL68sZjw9%2BBTcj7fmX9G6j3yjYvHFxZ6yrmCrZhP9Mpkc"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
965316656fdfc38c9a8835d15e53f094
cf-ray
884e6ed16d7991e4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
favicon.png
media.eftours.com/~/media/images/etus/logos/icons/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/images/etus/logos/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Thu, 16 May 2024 21:24:08 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2013 17:28:21 GMT
server
cloudflare
age
1953061
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
content-disposition
inline; filename="Favicon.png"
accept-ranges
bytes
cf-ray
884e6ed2bf01a03a-FRA
content-length
4172
expires
Sat, 15 Jun 2024 21:24:08 GMT
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 16 May 2024 21:10:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
845
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E86OICI2z6pGNk%2B8RXrqJIozl4ZbX2qn9W7FzU7XyGt7AvImNcSJ4mOcBZZr4cKjtRt7eSARQDEzTZIwTQERepqvHT0HhzGZQlrbtCcYSccNtnC4G%2FACHKQbfPVaXRiNOeo9rxwgMD%2Fm"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
884e6ed4086c91e4-FRA
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:09 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 16 May 2024 20:56:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1660
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9prykBIM08MfybZnxviqqW1SsSJ4QX%2FT4QFwkUFx27t%2Fgg9WIO%2B%2FZ5PZEzmPUa9cwE6q2S0bloG6Yn3eS%2B9%2BrMunt2TmC%2BMNhs%2BQ2CR2p3AmhwMzCHuCQXdNqU%2BfbmisINb0%2B0Rl288"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
884e6ed468d191e4-FRA
config.js
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 		327 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 21:24:09 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Thu, 16 May 2024 19:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMXUdo%2BOPVhWtoATCZTJq%2Bct1GerT23cxbJYNmBUyq4HWsN8IyEWd2rmnCEBh16nnmjbWE3NyV4zCtQs59qv4Hi5sWZKkqMMCcAKAmhrT6FzaGsRqvfq4MdW7pg82JU9Qi1tGBz%2FuV4G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
cfa34731fff33a5c6f09c3760a58c4eb
cf-ray
884e6ed468d691e4-FRA
events
logx.optimizely.com/v1/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1715894700000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 May 2024 21:24:08 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
f5a49add-3731-4365-a060-f994777910b5
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je45f0v877811556za200&_p=1715894644923&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=191613237.1715894647&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1715894647&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=lytics&_ee=1&ep.event_category=lytics_user_properties&ep.non_interaction=true&_et=967&up.ly_segments_dim=ly_unknown_email%2Cly_frequent_user%2Call&up.ly_user_id_dim=c604a649-d939-458d-96fc-dc735933f4b5&tfd=9296
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 21:24:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
core
js.driftt.com/ Frame 4F47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=6b15f0f5-2d29-43e3-9ed3-b772edd4d1e0&sessionStarted=1715894654.557&campaignRefreshToken=3cdbefd9-d036-4303-87a0-d881554f0020&hideController=false&pageLoadStartTime=1715894645122&mode=CHAT&driftEnableLog=false&loadStrategy=ON_INTERACTIVE&secureIframe=false&u=https%3A%2F%2Fwww.eftours.com%2F
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1715894700000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.73 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 21:24:14 GMT
etag
W/"bfed674d771366425d072381f4efc1f7"
last-modified
Fri, 03 May 2024 15:32:45 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-cf-id
pLRWJ3DnhFAscmP8bVYKEko2Q4dQ8IXHV-kJohPppg8lkeaPBT_yNw==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
S5LI.Dztu4EwHCgPf20gC00X3KqcCutb
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
20
chat
js.driftt.com/core/ Frame A225 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1715894645122
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1715894700000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.73 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 May 2024 21:24:14 GMT
etag
W/"bfed674d771366425d072381f4efc1f7"
last-modified
Fri, 03 May 2024 15:32:45 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-cf-id
KnSt-EP9ACnAevTuwB6o6B-d5EO5zsUo0cDPWNXUXWjFaeSdR1eLVw==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
S5LI.Dztu4EwHCgPf20gC00X3KqcCutb
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
17

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| pintrk object| EFTOURS object| html5 object| Modernizr function| yepnope string| url string| keyToFind undefined| valueFound undefined| utmCookie function| fbq function| _fbq object| z object| w object| y object| x object| vid object| source object| d object| a object| b object| c object| source2 function| initWistiaPlayButton function| handleWistiaPlayClick object| _wq function| createLyticsPrimaryKey function| keyChooser object| jstag number| keyExists function| handleGA4UserProperties string| TiktokAnalyticsObject object| ttq function| require function| requirejs function| define object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| UET function| UET_init function| UET_push function| _ object| optimizely number| startTime number| duration function| drift undefined| driftt object| drift_init_options object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| wistiaEmbeds function| onYouTubeIframeAPIReady object| gaGlobal object| ueto_eb15e29531 object| uetq function| gtag object| Trustpilot object| __lytics__jstag__ function| Waypoint object| tagConfig object| enquire object| subscriptions object| amplify object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks undefined| u_712992259028234900 function| $ function| jQuery number| bpDoc number| bpInner object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked string| waypointContextKey object| drift_audio_context object| pathfora

31 Cookies

Domain/Path Name / Value
www.eftours.com/ Name: AWSALB
Value: LwFRoZDQAjq+Q/2WA3HL8YL4UgqJFAVIg4sOWenlmy2tm2PtinCCuqKdEFvWiRjhPddfxDZb5nnvmGbAKr0XgM8Y7mEx4z1XJMqJ2Q1jXPtHppX63XvpnrxPGyzC
www.eftours.com/ Name: AWSALBCORS
Value: LwFRoZDQAjq+Q/2WA3HL8YL4UgqJFAVIg4sOWenlmy2tm2PtinCCuqKdEFvWiRjhPddfxDZb5nnvmGbAKr0XgM8Y7mEx4z1XJMqJ2Q1jXPtHppX63XvpnrxPGyzC
www.eftours.com/ Name: ASP.NET_SessionId
Value: n4sybwlwfabxghm55ee3qecr
www.eftours.com/ Name: __RequestVerificationToken
Value: RXNimPNKcQA3JSwtbesqUTQpZW7GInIjQi1hdXQ7-ygj_c_i4um3Qp57GKLzy_-LgzUDiR42vTnr5PNPCWVmGqjtiMy0OSPPAjYGRlYK6Ck1
.eftours.com/ Name: PriceDefault
Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/ Name: recent
Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/ Name: __cf_bm
Value: eeHKlg4qMh2g4OKq35PgGf7xgC9y89KJs1GQNxFPPQI-1715894644-1.0.1.1-9v9ZSa4q0DaxYG8QTjqMThYyW1EGv0GsfYVGAySDbwaLhGFoTm7JFq6kszaWTmOddghtMc2hA7UAJFVPdUueinLccHyAV49kmi6ySOLSkK0
.eftours.com/ Name: _cfuvid
Value: 81FvK2fbIhZYV7UOqoK9.sF71EAJukjhZkT3i38M_nQ-1715894644880-0.0.1.1-604800000
.eftours.com/ Name: _gcl_au
Value: 1.1.797766899.1715894645
media.eftours.com/ Name: AWSALB
Value: mne6Z6feBKm0fFm/HFOQ/dOTPruKk2W7NV4YIBK7psg8XDUyOwPogrNHP+p1J+RAQ+QPn/NZaMSvLUqkkoaLhMhzqcu2+SthlIdvQPCZmrGYIDh/uXQ+WUTInfHq
media.eftours.com/ Name: AWSALBCORS
Value: mne6Z6feBKm0fFm/HFOQ/dOTPruKk2W7NV4YIBK7psg8XDUyOwPogrNHP+p1J+RAQ+QPn/NZaMSvLUqkkoaLhMhzqcu2+SthlIdvQPCZmrGYIDh/uXQ+WUTInfHq
.eftours.com/ Name: optimizelyEndUserId
Value: oeu1715894647043r0.4134087522861316
.tiktok.com/ Name: _ttp
Value: 2gZAIeUnq7zYWNEn1kWEXojbuON
.eftours.com/ Name: _ga
Value: GA1.1.191613237.1715894647
.eftours.com/ Name: _uetsid
Value: a0c97d2013ca11efb2fe21ba8c3a3d61
.eftours.com/ Name: _uetvid
Value: a0c99f1013ca11efbee9d3f3e946eed6
.bing.com/ Name: MUID
Value: 18B96DAFD93069672109792ED8BB68B6
.www.eftours.com/ Name: seerses
Value: e
.eftours.com/ Name: _fbp
Value: fb.1.1715894647450.1151221478
.www.eftours.com/ Name: seerid
Value: c604a649-d939-458d-96fc-dc735933f4b5
.eftours.com/ Name: _hjSessionUser_157276
Value: eyJpZCI6IjQ0ZTM2ZmM0LWJhZDAtNTJjZS1hNGZjLTQwMjhjMTllOTkyNCIsImNyZWF0ZWQiOjE3MTU4OTQ2NDc1NDMsImV4aXN0aW5nIjp0cnVlfQ==
.lytics.io/ Name: seerid
Value: c604a649-d939-458d-96fc-dc735933f4b5
.eftours.com/ Name: _hjSession_157276
Value: eyJpZCI6IjZiODI2YmVjLTMyNTAtNDAzNS05ZjExLTc0YTIwYTNjYjQzMCIsImMiOjE3MTU4OTQ2NDc1NDUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.pinterest.com/ Name: ar_debug
Value: 1
.eftours.com/ Name: _pin_unauth
Value: dWlkPVpXTTVPR1ZpWldNdE1UQmhNUzAwTWpBeExUa3pabVV0Wm1WaU9URmhOVFprT0RRMg
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZlSVF1NzNXNXQra1NrNHNCV01Lb3lhNEdqMnpaWFYzd2h6N2l6S3lCVVpqZFJnNHpKTnRqcFNzd2pMbzFvQk9jWUZhbldjNTIxaGF2aWlnb1FScFdTb2t5cnlJZnZFUVVnVEhldHYvaEgrMD0mY25TNjBNQURrK2E0Ukx0T2VveExITVI3U2d3PQ=="
.eftours.com/ Name: _tt_enable_cookie
Value: 1
.eftours.com/ Name: _ttp
Value: Imnffzse7LeYqhWB1G7erMDk4V4
.eftours.com/ Name: cf_clearance
Value: 0902MsOIsFxdiK8Ic88945Nto2uQQ7xcRxxIM0ejWcM-1715894648-1.0.1.1-PDLQFYr8FjQLkUYWf6qgHdq3REU.qY9q7hgIbryYC2oMCPr7ucqH4EXdvo2J61j32iySrfMTug7AZ9l8vC7Yuw
.www.eftours.com/ Name: ly_segs
Value: %7B%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22ly_frequent_user%22%3A%22ly_frequent_user%22%2C%22all%22%3A%22all%22%7D
.eftours.com/ Name: _ga_9JLH500JCE
Value: GS1.1.1715894647.1.1.1715894648.59.0.0

25 Console Messages

Source Level URL
Text
other warning URL: https://www.eftours.com/(Line 1580)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js.driftt.com/include/1715894700000/5by59bm3fdyy.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a24099230963.cdn.optimizely.com
analytics.tiktok.com
bat.bing.com
c.lytics.io
cdn.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
content.hotjar.io
ct.pinterest.com
fast.wistia.com
js.driftt.com
logx.optimizely.com
media.eftours.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vc.hotjar.io
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.de
www.googletagmanager.com
108.156.2.69
142.250.185.168
172.217.16.195
18.245.86.73
18.245.86.87
18.66.102.51
18.66.112.79
2.23.78.22
2001:4860:4802:34::36
216.239.32.36
216.58.212.162
2606:4700:20::ac43:49ec
2606:4700::6810:a7
2620:1ec:c11::237
2a00:1450:4001:811::2008
2a00:1450:400c:c1b::9d
2a02:26f0:3500:892::1931
2a02:26f0:480:58b::13b8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::644
34.111.140.246
52.18.113.55
52.222.236.107
52.222.236.94
95.100.146.16
95.101.196.187
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
05c6e47429c24cf4effc22484c7165adbe1a0af132b0c1719280597c57b6f36a
071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
244b4362c18e6ed69525eec73cd3eb56cbb7c3ffb9bb6bae4c9f68463d902039
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
3199f8eecd6cd8fb70cabab6e56276cf43ca217f55c817eed05f56d1a58e4822
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
3c5d222399d9fa649c99361cbea1348c558f3352ec919729c7ce513e3c7ad792
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4d9372eb26202a1efa74dbe00304125daf909db2b4a926e144e15bef17110c3e
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
5c38228705c31ff698e202524360f36e20e2c0122d74d4773ec556670a267a77
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
68b44eb1ecdc416f192a10f8d7cc5b1ca1360e966d458ee0ae99a23f647235a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
6e03afb7bfc9b59a5e1f05180069669b4f8c29c2ceae38eefaabc04b698e4b49
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
956a7a695a06b71162dff8279d6f0887b2c0412f799e62f97394f097e90c4680
a62707cf4b5deb7b005684725b9de62e12a698bce8fbc58b1a72425dec57adec
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab398c292d7018d0565ab79ac5a4de8e4da6206f2dc30e11ddcb0a5b83225004
b0afb2e02df5f4a725d01cfec711a9285f48987fcdb67e54822e155629dd853e
b5ef7dd34cf17eb441a01a651d089e520dff86ae2337ff95ee079f46a394880a
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a