www.eftours.com Open in urlscan Pro
2606:4700::6811:d548 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eftours.com/
Effective URL:
https://www.eftours.com/
Submission: On January 17 via manual (January 17th 2024, 12:21:32 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 82 HTTP transactions. The main IP is 2606:4700::6811:d548, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 240482.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:d648	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 32	2606:4700::68... 2606:4700::6811:d548	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
5	18.66.192.58 18.66.192.58	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.84.88.7 99.84.88.7	16509 (AMAZON-02) (AMAZON-02)
1	23.197.128.15 23.197.128.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.192.93 18.66.192.93	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.212.115.5 52.212.115.5	16509 (AMAZON-02) (AMAZON-02)
1	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
82	21

1 2606:4700::6811:d648 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6811:d548 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.192.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-7.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.128.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-15.deploy.static.akamaitechnologies.com

a24099230963.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-93.muc50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.115.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-115-5.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	eftours.com 3 redirects eftours.com — Cisco Umbrella Rank: 167265 www.eftours.com — Cisco Umbrella Rank: 240482 media.eftours.com — Cisco Umbrella Rank: 258797	18 MB
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 11353	52 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	145 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	3 KB
5	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5262	48 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	247 B
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 824 a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 214360 logx.optimizely.com — Cisco Umbrella Rank: 1562	91 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616	325 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	286 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	94 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6408	161 B
1	driftt.com js.driftt.com — Cisco Umbrella Rank: 5691	62 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4275	127 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	254 B
82	18

	Domain	Requested by
25	media.eftours.com	www.eftours.com media.eftours.com
10	c.lytics.io	www.eftours.com c.lytics.io
6	analytics.tiktok.com	www.eftours.com analytics.tiktok.com
6	www.eftours.com	1 redirects www.eftours.com
5	ct.pinterest.com	s.pinimg.com www.eftours.com
5	widget.trustpilot.com	www.googletagmanager.com widget.trustpilot.com
3	www.facebook.com	www.eftours.com
3	region1.analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.eftours.com
3	www.googletagmanager.com	www.eftours.com www.googletagmanager.com
2	connect.facebook.net	www.eftours.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	eftours.com	2 redirects
1	logx.optimizely.com	js.driftt.com
1	content.hotjar.io	script.hotjar.com
1	js.driftt.com	www.eftours.com
1	a24099230963.cdn.optimizely.com	cdn.optimizely.com
1	script.hotjar.com	static.hotjar.com
1	cdn.optimizely.com	www.googletagmanager.com
1	fast.wistia.com	www.eftours.com
1	www.google.de	www.eftours.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
82	23

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
landing.eftours.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
careers.ef.com
www.efexploreamerica.com
www.efstudyabroad.com
girltrips.eftours.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com
www.ef.edu

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
logx.optimizely.com GTS CA 1D4	`2023-12-12` - `2024-03-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.eftours.com/
Frame ID: 032EEF9145F1F67E9895B298B34EB3E2
Requests: 74 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: F8E84B3C77E2AFD4FC7BBCD952255638
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Frame ID: 81BC0EF7C6E98F63D85A3951F5A92C53
Requests: 4 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: F2307C147613DA0E8CB429FE5A8617D7
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B018EA07413146D63B699E52ED79B2F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Student travel programs | Educational tours for students | EF Tours

Page URL History Show full URLs

http://eftours.com/ HTTP 301
https://eftours.com/ HTTP 301
https://www.eftours.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

99 %
HTTPS

59 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

19168 kB
Transfer

22555 kB
Size

31
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://landing.eftours.com/hoverbox/s23-fitt?source=FTRVL_HOVERBOX_ET_F24

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/ef-one-on-one/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/experience-the-culture-of-japan-with-a-tour-director/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/summit-student-video/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/5-questions-with-carlos-on-the-best-guided-tours-of-spain/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girls

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eftours.com/ HTTP 301
https://eftours.com/ HTTP 301
https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eftours.com/
Redirect Chain

http://eftours.com/
https://eftours.com/
https://www.eftours.com/

63 KB
15 KB

577ms
560ms

Document
text/html

2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24e3a585375a43120d569051554fef43a3825ca3a9da636cde15630f6f089d8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

apigw-requestid: Rrvq5jNzCYcEPMA=
cache-control: private, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 846e8ed07da09c01-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 12:21:25 GMT
expires: -1
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: all
x-ua-compatible: IE=edge

Redirect headers

cache-control: max-age=3600
cf-ray: 846e8ed03d5f9c01-FRA
date: Wed, 17 Jan 2024 12:21:25 GMT
expires: Wed, 17 Jan 2024 13:21:25 GMT
location: https://www.eftours.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
media.eftours.com/bundles/css/ 568 KB
128 KB 666ms
655ms Stylesheet
text/css 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:21:55 GMT
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 17 Jan 2024 12:21:55 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 846e8ed419879c01-FRA
x-ua-compatible: IE=edge

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 380 KB
109 KB 68ms
48ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba0927b161b14d6b09d1782b7f4fe4d0e0a83d62fe9eadf97f8eecdbfd310ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111645
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jan 2024 12:21:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4d4fa5e0e38107e5de7dd35d6dfc0462d2978cab8ca4f7fdd377068a8913770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 12:21:25 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 50ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 17 Jan 2024 12:21:26 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 114640F22D0C432FBDF7B44BC40D7A53 Ref B: FRAEDGE2016 Ref C: 2024-01-17T12:21:26Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 9 KB
4 KB 59ms
41ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

b83b58cff0617161ebd852dd7387e2ac72e4b5f55534f066ce1751e4bd0b6e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 12:21:26 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c1ad52baf2ae63d1582c86e523b027db
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: TdhwHL1CsmKx15bY62QItIDflDAE31XoPt7Nslwj56J998uVIV5iSQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 22ms
7ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: br
x-cdn: fastly
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1836

GET
H2 200 modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
6 KB 529ms
528ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:21:55 GMT
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 17 Jan 2024 12:21:55 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 846e8ed4da539c01-FRA
content-length: 5776
x-ua-compatible: IE=edge

GET
H2 200 ET_Desktop_Stage_864.jpg
www.eftours.com/~/media/Images/ETUS/test/ 60 KB
60 KB 729ms
728ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eftours.com/~/media/Images/ETUS/test/ET_Desktop_Stage_864.jpg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: MISS
content-disposition: inline; filename="ET_Desktop_Stage_864.jpg"
content-length: 61270
apigw-requestid: RrvrAhIniYcEPXA=
x-ua-compatible: IE=edge
last-modified: Wed, 30 Mar 2022 15:07:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: all
cf-ray: 846e8ed4da569c01-FRA
expires: Fri, 16 Feb 2024 12:21:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je41a0v877811556z8867853431&_p=1705494085768&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1907118739.1705494086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705494085&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group&tfd=862
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=1907118739.1705494086&gtm=45je41a0v877811556z8867853431&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 56ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=1907118739.1705494086&gtm=45je41a0v877811556z8867853431&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=246318503

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popular_collection_paris.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 84 KB
85 KB 699ms
698ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/popular_collection_paris.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:42:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Popular_Collection_Paris.webp"
accept-ranges: bytes
cf-ray: 846e8ed55b119c01-FRA
content-length: 86480
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 stem_homepage-1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 59 KB
60 KB 23ms
23ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/stem_homepage-1.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Mar 2022 19:50:04 GMT
server: cloudflare
age: 2397655
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="stem_homepage-1.webp"
accept-ranges: bytes
cf-ray: 846e8ed96f4e9c01-FRA
content-length: 60840
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 new%20tours%20webp.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 51 KB
51 KB 22ms
22ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/new%20tours%20webp.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:41 GMT
server: cloudflare
age: 20435
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="New Tours webp.webp"
accept-ranges: bytes
cf-ray: 846e8ed98f7e9c01-FRA
content-length: 52236
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 responsible_travel_hp_card.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 48 KB
48 KB 27ms
27ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/responsible_travel_hp_card.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 16:57:52 GMT
server: cloudflare
age: 2157979
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Responsible_Travel_HP_card.webp"
accept-ranges: bytes
cf-ray: 846e8ed9afa79c01-FRA
content-length: 49404
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 important_2.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 43 KB
43 KB 23ms
22ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/important_2.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:41 GMT
server: cloudflare
age: 273295
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Important_2.webp"
accept-ranges: bytes
cf-ray: 846e8ed9cfd69c01-FRA
content-length: 43748
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 seal.svg
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 45 KB
20 KB 697ms
696ms Image
image/svg+xml 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/seal.svg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 03 Aug 2020 21:35:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-disposition: inline; filename="Seal.svg"
cf-ray: 846e8ed9dfdf9c01-FRA
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 et-homepg-blogslice-1on1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/ 39 KB
39 KB 24ms
24ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/et-homepg-blogslice-1on1.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 17:40:31 GMT
server: cloudflare
age: 2397654
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-1on1.webp"
accept-ranges: bytes
cf-ray: 846e8ed9dfe19c01-FRA
content-length: 39942
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 624 B
493 B 23ms
23ms Image
image/svg+xml 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Jun 2022 18:18:12 GMT
server: cloudflare
age: 20434
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-disposition: inline; filename="Clock.svg"
cf-ray: 846e8eda08049c01-FRA
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 ET-HomePg-BlogSlice-Tokyo.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 4 KB
4 KB 27ms
27ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Tokyo.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 17:45:30 GMT
server: cloudflare
age: 20434
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Tokyo.webp"
accept-ranges: bytes
cf-ray: 846e8eda28259c01-FRA
content-length: 3628
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 ET-HomePg-BlogSlice-Summit.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 3 KB
4 KB 28ms
26ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Summit.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:25:05 GMT
server: cloudflare
age: 294837
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Summit.webp"
accept-ranges: bytes
cf-ray: 846e8eda58659c01-FRA
content-length: 3478
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 ET-HomePg-BlogSlice-Carlos.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 2 KB
3 KB 26ms
26ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Carlos.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:25:06 GMT
server: cloudflare
age: 2157978
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Carlos.webp"
accept-ranges: bytes
cf-ray: 846e8eda888d9c01-FRA
content-length: 2400
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 bottom-cta-collage.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 36 KB
37 KB 590ms
590ms Image
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/bottom-cta-collage.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:27 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:42:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="bottom-cta-collage.webp"
accept-ranges: bytes
cf-ray: 846e8edab8bc9c01-FRA
content-length: 37290
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 6 KB
6 KB 33ms
33ms Image
image/png 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 20:40:33 GMT
server: cloudflare
age: 1593234
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF-logo-footer_optimized.png"
accept-ranges: bytes
cf-ray: 846e8edac8c59c01-FRA
content-length: 6326
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 743 KB
127 KB 35ms
8ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e66ad5829d69e9b842cae263357d8013a6ef4a64b1dfc3a4fe2bdefc28ad6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3147
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 129052
x-served-by: cache-iad-kjyo7100058-IAD, cache-fra-eddf8230096-FRA
x-browser-version: 120
last-modified: Tue, 16 Jan 2024 19:27:57 GMT
server: AmazonS3
x-timer: S1705494087.726055,VS0,VE0
etag: "2325e4aff7c239a05b2892f71ef7c7aa"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c9ae49ebd759292ef741ea7c3d6e85a5dfdb39cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 46, 14

GET
H2 200 rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1 Show response
media.eftours.com/bundles/ 6 KB
3 KB 474ms
472ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:21:55 GMT
date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 17 Jan 2024 12:21:55 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 846e8ed9cfcf9c01-FRA
content-length: 2463
x-ua-compatible: IE=edge

GET
H2 200 requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
8 KB 153ms
151ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:21:55 GMT
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 17 Jan 2024 12:21:55 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 846e8ed9cfd39c01-FRA
content-length: 7512
x-ua-compatible: IE=edge

GET
H2 200 rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1 Show response
media.eftours.com/bundles/ 654 B
848 B 154ms
152ms Script
text/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:21:55 GMT
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 17 Jan 2024 12:21:55 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 846e8ed9cfd59c01-FRA
content-length: 476
x-ua-compatible: IE=edge

GET
H2 200 ET_1700_Frame1.jpg
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 124 KB
125 KB 713ms
712ms Image
image/jpeg 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700_Frame1.jpg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:27 GMT
cf-cache-status: MISS
last-modified: Wed, 18 May 2022 17:38:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
content-disposition: inline; filename="ET_1700_Frame1.jpg"
accept-ranges: bytes
cf-ray: 846e8ed9efe39c01-FRA
content-length: 127330
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
23 KB 25ms
24ms Font
application/font-woff2 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.eftours.com/
Origin: https://www.eftours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
age: 1737063
content-length: 23756
apigw-requestid: Qpey3jghiYcEP8Q=
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: all
cf-ray: 846e8ed9dfda9c01-FRA
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 206 ET_1700.webm
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 7 MB
7 MB 25ms
25ms Media
application/octet-stream 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700.webm

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.eftours.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Wed, 18 May 2022 17:38:29 GMT
server: cloudflare
age: 180722
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
Content-Range: bytes 0-7624351/7624352
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET_1700.webm"
cf-ray: 846e8edac8c89c01-FRA
Content-Length: 7624352
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H2 206 ET-People-556px-2023-v2.mp4
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 10 MB
10 MB 56ms
56ms Media
video/mp4 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ET-People-556px-2023-v2.mp4

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.eftours.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-ua-compatible: IE=edge
date: Wed, 17 Jan 2024 12:21:26 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:31:36 GMT
server: cloudflare
age: 20434
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-10078971/10078972
cache-control: public, max-age=2592000
content-disposition: inline; filename="ET-People-556px-2023-v2.mp4"
cf-ray: 846e8edaf9079c01-FRA
Content-Length: 10078972
expires: Fri, 16 Feb 2024 12:21:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15d9e06dc5a1c7ceeb9de1f11ed216d88ff635e0f66f6fadcd5f60bd67f10a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 12:21:26 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 59ms
14ms Script
application/x-javascript 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-58.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 04:49:22 GMT
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 27125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: yKOoHwsxI1-9leZuQvqd0pSlrti1qY0eFZqL23l_bxhxSgsOGwmo9A==

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/ 67 KB
23 KB 62ms
24ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40a2b5111402b0685167fea776cc738d5e81929ca44048bdf5d4c870b865373

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 10:42:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5960
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WSuL81tZsTSIklLRalFEU3H35%2Bpqk2UYcAlmUnIFy7np2Oca1hp46jb0PWvS9SYiK1Q1F%2F%2FGZNbBLze0Ml7icbqbl5m5eDVAazAp92enCU9QT55TCP%2F4KYyIKmHsT5v9y4s%2B27jU38X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 846e8eda3a57bb4d-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 146ms
117ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 852907770647b44121fbb6b6764d2e919e5d4b2d231ac0213c9c99d99c149139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: cc81405.be67c9f
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240117122126DF60CFC184A1FB11E0E6-6CD6CDEA74876EF2-00
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 98,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=9, inner; dur=4
content-length: 1940
pragma: no-cache
server: nginx
x-tt-logid: 20240117122126DF60CFC184A1FB11E0E6
x-cache-remote: TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.204
x-tt-trace-host: 016f0d4d7ca36765ceb69b79e21b31e9c3736e557ccf1f63a65de485397d449578852e03bc03a8dd77db486a4d2b3d08d96ce1053782afcfb80b2b9c10faf128a44f69d348ce791c47078c094cf9325fe2e4a286da0a7cb7de505ad16d3546318bbc9b95d53e74612b1fb0903e9f092bba
expires: Wed, 17 Jan 2024 12:21:26 GMT

GET
H2 200 24439131089.js Show response
cdn.optimizely.com/js/ 288 KB
89 KB 175ms
127ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/24439131089.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

284817fb57088b638a9ac69c2be281f4027f24e3dd75c420863bb945640162ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 2Z.GVoSXz2D6WB4RDABmhpbw1lvn3xEw
content-encoding: gzip
date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: TJE6ZYQ85HNGYXVV
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 74
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=90, cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1705494086782_388276635_1033522997_9922_1671_12_15_146";dur=1
content-length: 90066
x-amz-id-2: Bi2ZRxZqyGVQ9H374EGBNPFNLAmgKLGb5XFxLnam2YomcrzYVp0yyaTlXjamalH7gpPRuZoPYWQ=
last-modified: Wed, 13 Dec 2023 12:32:18 GMT
server: AmazonS3
etag: "3f118789913e42be992ebf2f9bc7d0b4"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 12:21:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 98yfdzPNgbowo5Z6avAsQkkEo43TMQ4MzXnrk7nJsXOVzalResEFJVCfE9djrzbODJK+Kj9MkQN3/G/7qS/r9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 8ms
7ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: br
x-cdn: fastly
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19076

GET
H2 204 13007618.js Show response
bat.bing.com/p/action/ 0
114 B 34ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13007618.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 17 Jan 2024 12:21:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1192A38E80448F5A12B51282427876A Ref B: FRAEDGE2016 Ref C: 2024-01-17T12:21:26Z
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
686 B 118ms
96ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1705494086742&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.09d53e17.1705494086.4831061
x-envoy-upstream-service-time: 3
content-length: 172
x-pinterest-rid: 1844401245807112
pin-unauth: dWlkPU9USXhOVE5sTm1JdE16ZzROeTAwWkRZekxUa3pOMk10WVRFek9XRmtNR0kwTkdKag
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
709 B 54ms
33ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1705494086743&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.09d53e17.1705494086.4831060
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 172
x-pinterest-rid: 1445323084324889
pin-unauth: dWlkPU9EWmtaV1ZsWkRNdFl6bGpNeTAwWkRNd0xXRmpaVGt0TmpZME5UWTNOell5TkRVNQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 58ms
38ms Image
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705494086743

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.09d53e17.1705494086.4831063
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1160617846289582
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.2472296d2d26f0040059.js Show response
script.hotjar.com/ 219 KB
55 KB 60ms
16ms Script
application/javascript 99.84.88.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2472296d2d26f0040059.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-7.muc50.r.cloudfront.net

Software

Resource Hash

5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 164720
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55620
last-modified: Mon, 15 Jan 2024 14:36:02 GMT
etag: "5f2cc7c8ec157af965fb3409029f8b70"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: R-gwP0PDWMDiDY6cwuETjdlEQKnnd7xeMXlwkG1t7Dh2sxOuhphZ3g==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je41a0v877811556&_p=1705494085768&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1907118739.1705494086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705494085&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=scroll&ep.content_group=Other%20group&epn.percent_scrolled=90&_et=7&tfd=1717
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 302935565346434 Show response
connect.facebook.net/signals/config/ 140 KB
37 KB 161ms
161ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302935565346434?v=2.9.140&r=stable&domain=www.eftours.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e43d31b9208aecaf9fcb6c27f683d489b4e996e2f07e091a21183fe99985ed6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Jan 2024 12:21:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /fQIhj2Ix03DcvR2QnGVNJ6qx+JgaaLMaxCcfgdwQUmuftnDEu3sqd0+Xx+kIZS3n7l0IZDD8aoLQMQpwkP5Qg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
547 B 147ms
147ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ts=1705494086800&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1907118739.1705494086&_v=3.0.35&_uid=30c8529f-75e6-4b7d-b5b4-dbe10599517c&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OP9VmkaQlJszxbaI5RZ9OzsHrtmpxBvU%2FHzh2eAjbw6udIBRxL7X8bZfVOghbrsOOHLdV8LUC5CNpIgbNRcREhIG2ESemS2IW9tO60V%2Fctlhj8DJq3CD7cujgujdCtzI2cTxJVfE2lX"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 846e8eda9acbbb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
311 B 170ms
169ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?gtm.start=1705494085768&event=gtm.js&gtm.uniqueEventId=1&_ts=1705494086813&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1907118739.1705494086&_v=3.0.35&_uid=30c8529f-75e6-4b7d-b5b4-dbe10599517c&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuswJfDDfgvMncbmj9dJMXTB1TmWkjKOVwPGF1xjv68YDfNPr%2Bbr8qNJQmUfLuaZNrumynfrpEXXbROC3N1Q0mWNndnZKJiCu0EDAAJ9EGXGOsJSI2pdV3mrFVWApj3xQj4EtE6DMnto"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 846e8eda9acebb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
317 B 148ms
148ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?event=gtm.scrollDepth&gtm.scrollThreshold=90&gtm.scrollUnits=percent&gtm.scrollDirection=vertical&gtm.triggers=12&gtm.uniqueEventId=14&_ts=1705494086813&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1907118739.1705494086&_v=3.0.35&_uid=30c8529f-75e6-4b7d-b5b4-dbe10599517c&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CihGWikjU53EFbBofbqoMmGJJACNTZpjwMqcwjjdb%2FOyBGvRk9qOSwZioXklZ8BEUIjk1jx8Ymc%2FHur6JKvwAveQ%2Be2gqGsoXFIXYJADeBA674qNvoCkDXWAeGifhBs9mNw%2FnMfC%2B6S9"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 846e8eda9acfbb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
392 B 149ms
149ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgs2MfTBTNWlLxV98eM0z0dp1%2BqZXPad7x1%2BKKObttrb2AhLfimZuteHayzsrd%2FXAnqwKpONkjzCwjxu%2FNHlYSnD1dx92Sn7l0HOkQvCjyV0kzHRyQAeSa6YxSrSURYr55PjnYdfuxkw"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 846e8eda9ad0bb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
702 B 49ms
48ms Image
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1705494086815&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.09d53e17.1705494086.48310be
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1504658079963623
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTc3MGUxMzJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 396 KB
103 KB 30ms
30ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: be67dc0
date: Wed, 17 Jan 2024 12:21:26 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240112163218CB75FAF33654A55BF4CF
x-tt-trace-id: 00-240112163218CB75FAF33654A55BF4CF-10E174FF828A71BD-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0190743d5cee4a45401fe7e75932cf8fb419dc964411aff695330a7220c6e50f5c43cc146ee86fab513323c17121a506867913dfe53a9ed2a78ab5e91c5faec6abdb1a6168f534b29d31f293b435a39e5d0a327f888b59453002a1ee7ba50ff0f6
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 105332

GET
H2 200 30c8529f-75e6-4b7d-b5b4-dbe10599517c Show response
c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/ 326 B
575 B 148ms
147ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/30c8529f-75e6-4b7d-b5b4-dbe10599517c?segments=true&stream=ef_et&mergestate=true&state=%7B%22_uid%22%3A%2230c8529f-75e6-4b7d-b5b4-dbe10599517c%22%2C%22_ga%22%3A%22GA1.1.1907118739.1705494086%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1705494086906&callback=u_951898539058920700

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ec9b2e5707c695644acc68eb765080c917b8cf9b6c0406127e6038ce9524a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MX2JMLSJvG52vVzQDDRVbEu4ffx5nhJ0Bdn1G%2F4bR3xJDZCQrVCJ51QC%2BC10ff2bzMcFGfAEzPbFfCpcXB9PzaUlSJp0yTKvy3FFbIr8UzYMkRhT9pCTDd4dnRqR8XG51xxlx8ss5Sc"}],"group":"cf-nel","max_age":604800}
cf-ray: 846e8edb3b7bbb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
335 B 134ms
134ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_ga=GA1.1.1907118739.1705494086&_ts=1705494086904&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=30c8529f-75e6-4b7d-b5b4-dbe10599517c&_v=3.0.35

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FkBfvhnHYKgCYcA5quK%2BP8q390lGq6zRsqu1qLuJ9AV%2FrtIa%2FKWBLhjyuueTt64UNj8A4zH7fJ7IfbNJ0xFPfZfPVT6yaSos2KxlPpyRlAAX1qwm8EjC8g1GlGEl7gS8cMK42Vl73Nj"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 846e8edb3b7dbb4d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 a24099230963.html Show response
a24099230963.cdn.optimizely.com/client_storage/ Frame F8E8 3 KB
2 KB 78ms
16ms Document
text/html 23.197.128.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.197.128.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-197-128-15.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d4d4b47a50480d783708d2c9b4f01e69928b2c1da9dfb8d7f01ef94d386a47e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 998
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 12:21:27 GMT
etag: "289d7fec3e08bc1c232ec5d93f0f4441"
last-modified: Wed, 17 Jan 2024 11:02:06 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="23.197.128.15";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1705494087076_390277165_133606126_23_1336_12_16_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: OFDNyqlirdFkvQidTeRvcwvqBE3kfc/C3D8FM5Zoijpd5sINjhAxCgbPsbIGNL8iThrWZ45NmDQ=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: ZC3B0Y13YX4N1S64
x-amz-server-side-encryption: AES256
x-amz-version-id: mhSWZuC0HpO8bCnfopH8gwOuHHvE4_3T

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1705494300000/ 220 KB
62 KB 290ms
234ms Script
application/javascript 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1705494300000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

90b3fff54099b262a88138a118a799e4f73786d582a8a1629902747fd73a2a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
x-amz-version-id: 5EBO5JUKNKRTDOPCXcVgN_pC3BUz4UIw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 11 Jan 2024 23:20:41 GMT
server: istio-envoy
etag: W/"3db5a8a9b4533be6dd8189a6b1d56d25"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CJfcVAhofQsg7SgFc4Bn5UzXVa8rwV8-2FFJ-ftxhuHww26zEg_NXQ==

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 18ms
18ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: be67f57
date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415144714907F1782C5032C5A9F
x-tt-trace-id: 00-24010415144714907F1782C5032C5A9F-7CF31611194A81BC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014a98a805f2669b2f4c8473a0ea02d4dcb0b59ef403ce429acc9f2c63a93bbe8e91f6d0047c0aa9b8d7d3edee87ce4d6a1e9dd9c6044e185bafc7e1d025564b6eb546b70704db6f0d288841fa13157adf46c456a84888692472436560975ee722
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=9
content-length: 36974

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
846 B 139ms
139ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c0b7676.be67f95
date: Wed, 17 Jan 2024 12:21:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011712212784C9E02589D4431B4E74-788541B9A05382ED-00
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 118,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=34, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024011712212784C9E02589D4431B4E74
x-cache-remote: TCP_MISS from a23-220-104-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.209
x-tt-trace-host: 016f0d4d7ca36765ceb69b79e21b31e9c3736e557ccf1f63a65de485397d44957894472cf0504c443c17390f719ece51e030099d02a4f0afb2940a314c8bbd7fd9c42e50ff8c190bc1738f19241ecc1a9989e56c7334e9a8fdfbf4473d7be3962f73a4c7e9af541e52e375417547d6635f
access-control-allow-headers: Authorization,*
expires: Wed, 17 Jan 2024 12:21:27 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 152ms
152ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7c717dc3.be67f96
date: Wed, 17 Jan 2024 12:21:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240117122127865031A60F714F0F9751-097783219AC165A2-00
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 131,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=46, inner; dur=43
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240117122127865031A60F714F0F9751
x-cache-remote: TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 46,23.48.200.209
x-tt-trace-host: 016f0d4d7ca36765ceb69b79e21b31e9c3736e557ccf1f63a65de485397d4495784f6c8e4c4bfc74670b9d7ebd6a585b7677ed1690638b94465472b3274bfcac71e85ef3026a9dfa900646b3173e1cc365b83e769e38758ea31adddb907ded2bdf06308f80037a5806a5a8e9515328cbea
access-control-allow-headers: Authorization,*
expires: Wed, 17 Jan 2024 12:21:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1705494087075&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1705494087074.1537286398&cs_est=true&ler=empty&it=1705494086809&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jan 2024 12:21:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1705494087093&cd[external_id]=30c8529f-75e6-4b7d-b5b4-dbe10599517c&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1705494087074.1537286398&ler=empty&it=1705494086809&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jan 2024 12:21:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1705494087094&cd[ly_unknown_email]=true&cd[all]=true&cd[default_anon_seg]=true&cd[unknown]=true&cd[smt_new]=true&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1705494087074.1537286398&ler=empty&it=1705494086809&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Jan 2024 12:21:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 81BC 14 KB
4 KB 25ms
24ms Document
text/html 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-58.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14230
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Wed, 17 Jan 2024 12:21:27 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Mon, 30 Oct 2023 13:11:24 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-id: d6cylzp6i7O740clzG04fWL6MPOUhVvg3BrZ-qBzCITSTx4JJS7-LQ==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

main.js Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame F230
Redirect Chain

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

16ms
16ms

Script
application/javascript

2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9179354c4068fcae7655e3d483d06a6fb21eef7ff4083432f56dc37266d48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 846e8edd0b1b9c01-FRA

Redirect headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: private, max-age=3600
cf-ray: 846e8edcfafc9c01-FRA

GET
H2 204 0
bat.bing.com/action/ 0
285 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=565b5911-6c07-438b-9d73-71a4f9ee4c91&sid=efd70410b53211eeacea7da46375a554&vid=efd738c0b53211ee9bc4278fc22c59c3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=2116&evt=pageLoad&sv=1&rn=509039

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 12:21:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F901A04BFCBE40A0BDB99A49E8904963 Ref B: FRAEDGE2016 Ref C: 2024-01-17T12:21:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 81BC 112 KB
31 KB 15ms
15ms Script
application/x-javascript 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-58.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 07:21:38 GMT
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 17989
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31409
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Oct 2023 13:11:26 GMT
server: AmazonS3
etag: "60fe166092712d93cc87039640675ef6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: KpRXIspq3AyMl8qKk56sNnYqwSlKmvELLsj0Yvpi9QrK4NTGWLol9g==

GET
H2 200 bootstrap.25043c26.js Show response
media.eftours.com/content/js-build/ 36 KB
15 KB 31ms
31ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.25043c26.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1404991
content-length: 14899
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 846e8edcfb099c01-FRA
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame 81BC 14 KB
5 KB 57ms
57ms XHR
application/json 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5c83bdc530a6670001f3f03b&locale=en-US&reviewLanguages=en&reviewStars=1%2C2%2C3%2C4%2C5&reviewTagValue=Homepage&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-58.muc50.r.cloudfront.net

Software

Kestrel /

Resource Hash

ef271e255fabbcd99e276cf95dfa410adb7d0e88e7e079e2029b83a349fa9904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 12:21:26 GMT
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: MUC50-P1
etag: "85404b44367bf2f94342435ac084912e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: 0I5LosvkfVW2FvaZSstD81OnY5w_7-6KOY-YEWR2eKi1gbiIcY_mMQ==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 81BC 0
322 B 52ms
52ms XHR
text/plain 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=140px&styleWidth=100%25&theme=light&tags=Homepage&stars=1%2C2%2C3%2C4%2C5&reviewLanguages=en&url=https%3A%2F%2Fwww.eftours.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5c83bdc530a6670001f3f03b&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-58.muc50.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: U-9TfwRw-lWFq134--0uByTvV4DULfCEj2kaqEBaj_AYo09lV1-dJg==
x-xss-protection: 1; mode=block

POST
H2 200 846e8ed07da09c01 Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F230 0
297 B 30ms
30ms XHR
text/plain 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/846e8ed07da09c01
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
cache-control: private, max-age=3600
content-encoding: gzip
server: cloudflare
cf-ray: 846e8edd8ba69c01-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
845 B 310ms
310ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d00630.be681d3
date: Wed, 17 Jan 2024 12:21:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401171221271F9A22612635F71D620F-0A4CD6AC9F5D20F3-00
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 287,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=261, origin; dur=33, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401171221271F9A22612635F71D620F
x-cache-remote: TCP_MISS from a184-51-101-174.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,184.51.101.174
x-tt-trace-host: 016f0d4d7ca36765ceb69b79e21b31e9c3eedc052bd4afdf01bae627735d6c824ea8c4d62f4793596514ae2e1320344eedfb6eae0c5cf380a3f67adf5f715f1e0457b577783d6126f37471f412b3f6fb8a2362ceb17cbec9eea75522bfbe69cbf7e48c14dbd907d3c71a93e24dc6d8abc4
access-control-allow-headers: Authorization,*
expires: Wed, 17 Jan 2024 12:21:27 GMT

GET
H2 200 jquery-3.5.0.min.js Show response
media.eftours.com/Content/js/libs/ 105 KB
43 KB 28ms
28ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-3.5.0.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1404991
content-length: 43498
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 846e8eddabcd9c01-FRA
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 hoverbox.ce79547e.js Show response
media.eftours.com/content/js-build/core/modules/ 74 KB
27 KB 23ms
23ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/hoverbox.ce79547e.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29bc58b2e9e8389d2d4e0b180ca98fbca84034e80af5f9a9b3e0fbda8975b1ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1055364
content-length: 27812
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 846e8eddabcf9c01-FRA
expires: Fri, 16 Feb 2024 12:21:27 GMT

GET
H2 200 nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
2 KB 24ms
24ms Script
application/javascript 2606:4700::6811:d548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 503174
content-length: 2210
x-ua-compatible: IE=edge
last-modified: Wed, 06 Dec 2023 16:58:28 GMT
server: cloudflare
etag: "01216f6528da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 846e8eddabd09c01-FRA
expires: Fri, 16 Feb 2024 12:21:27 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 235ms
62ms XHR
application/json 52.212.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.2472296d2d26f0040059.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.115.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-115-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3aa15deb641ae9adefb54ea48a3b367c28143fe35f9f5bad86c71a2c12b5c215

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 17 Jan 2024 12:21:27 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame B018 565 B
348 B 34ms
34ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.26d53e17.1705494087.342a588
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 12:21:27 GMT
pinterest-version: 9386892386b62585d2cc0c45f8ac8977ddee7bec
quic-version: 0x00000001
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1056386751280357

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 18ms
18ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 10:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5891
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0PQoJuPdlyc2A0nrxXBnSWNjyGDIHpNQI6vPlxUo%2F4n00kEnVjhwkm2EWDHbNTuTSOkAOIzw4H7v0APgQfCHENLxBFAODMyC3I5kNe7s8rui8vcOQ7BO6ofa1WOvX2r1fJl9SXGFBh%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 846e8edf882abb4d-FRA

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 11:40:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2456
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QR8Qov0nNjVG036ttiX7U7yuewv%2FjAU0Cfd037aDXiNYlFcgeLzVcAGpBNBMeR5W1mzVgTNfs%2BtQHw%2Bn%2BAbIlKUeNKSW%2BKetnipDgh0cZpcnnKPs%2FGG5zZy%2FC1zYHOzhq%2B8zgz9CW0%2BO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 846e8edfb84ebb4d-FRA

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
522 B 18ms
17ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 17 Jan 2024 10:42:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5955
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6BASHVwLqAjMaHxyV%2FF3maObktGpmK8B0lc2N%2B2aNiZRbPbVlMUoopMOjbiW%2F0kOJ3U6FrvfCKvqGaPN3cj9Nu%2Br%2FJzg0bv4gmQ00fZkaHBwwlD4UR3bS6kPncgmoQfrgd8pKeSJL3O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 846e8edfb85bbb4d-FRA

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
481 B 137ms
108ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1705494300000/5by59bm3fdyy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eftours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Jan 2024 12:21:27 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 4e42034a-3697-4f3e-b3c8-e54d1ff818f6

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je41a0v877811556&_p=1705494085768&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1907118739.1705494086&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=3&sid=1705494085&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_ee=1&_et=846&tfd=6718
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 12:21:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eftours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: X9FHrOyHEB2j.rwYFQsAbQa1hz4.zmlMI8jEQsL_.6I-1705494085127-0-604800000
.eftours.com/	1970-01-20 17:44:55	Name: __cf_bm Value: IjBZsfYY7ez5bffhaW4u4VbFkLfSvhOT2i2lsoHnJFs-1705494085-1-AV/AliDnUsx1gaXtZhwoswFZ0N46cJGzqqs+FP9OPYLWjUC/mDcjDU8hVCUEY4dIyYcAw3WlM6TQOWBXBv3h2appRGc7zX3Fm7Vup/EoWYXz
www.eftours.com/	1970-01-20 17:54:58	Name: AWSALB Value: kQLg3dlZwGDRpYtsFkC0eAP/8m2/cP7/RBX7gmWmrkE/OSLQ529uDp+FGAZ1H022qk6rZi82T0DiO8eBr/XS6FiPJjR3lvmY2NdK7goapze4lez720K2yDfyqQ/K
www.eftours.com/	1970-01-20 17:54:58	Name: AWSALBCORS Value: kQLg3dlZwGDRpYtsFkC0eAP/8m2/cP7/RBX7gmWmrkE/OSLQ529uDp+FGAZ1H022qk6rZi82T0DiO8eBr/XS6FiPJjR3lvmY2NdK7goapze4lez720K2yDfyqQ/K
www.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: un4pkznht3sqqlqto1cyxcex
www.eftours.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 5IQFz1tA6Ab7J9UIO5Co2Qihv6RKlJjtm_kGaEYjSli3AeznEWiM31SW0O5IP-2mpoo9hIgT43NIQWXN8LPVFT9D4MCkji4xYKjXjDep20I1
.eftours.com/	1969-12-31 23:59:59	Name: PriceDefault Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/	1969-12-31 23:59:59	Name: recent Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/	1970-01-20 19:54:30	Name: _gcl_au Value: 1.1.516100826.1705494086
.eftours.com/	1970-01-21 03:20:54	Name: _ga Value: GA1.1.1907118739.1705494086
.eftours.com/	1970-01-21 03:20:54	Name: _ga_9JLH500JCE Value: GS1.1.1705494085.1.1.1705494086.59.0.0
.www.eftours.com/	1970-01-20 17:44:55	Name: seerses Value: e
.pinterest.com/	1970-01-21 02:30:30	Name: ar_debug Value: 1
.www.eftours.com/	1970-01-21 03:20:54	Name: seerid Value: 30c8529f-75e6-4b7d-b5b4-dbe10599517c
.ct.pinterest.com/	1970-01-21 02:30:30	Name: _pinterest_ct_ua Value: "TWc9PSZvN01WQWw2blEzTXBvL0tzRU9iMGdoMk9vY2MvN3VkaWgvbFM4Z2VFT0ZlZWRvR2FIQlQweWFIK0FEK3VNZUtidE9FVVlIdHNpZWx1MUJzVnA2bFBOTGV2cUtPdGp2S2hrSVVlQXBBSyszST0mRzV0ZzVjUUF6UVhOT0ZXb3FSSEZIdWVqb2VRPQ=="
.eftours.com/	1970-01-21 02:30:30	Name: _pin_unauth Value: dWlkPU9USXhOVE5sTm1JdE16ZzROeTAwWkRZekxUa3pOMk10WVRFek9XRmtNR0kwTkdKag
.tiktok.com/	1970-01-21 03:06:30	Name: _ttp Value: 2b59UIIDSmhHqsn2vAjZ7mtdrZ6
.lytics.io/	1970-01-21 03:20:54	Name: seerid Value: 30c8529f-75e6-4b7d-b5b4-dbe10599517c
.eftours.com/	1970-01-20 22:04:06	Name: optimizelyEndUserId Value: oeu1705494087013r0.3022097811480007
.eftours.com/	1970-01-21 03:06:30	Name: _tt_enable_cookie Value: 1
.eftours.com/	1970-01-21 03:06:30	Name: _ttp Value: 4oJrmxouV58tPCr_Ec5MrxvAq4G
.eftours.com/	1970-01-20 19:54:30	Name: _fbp Value: fb.1.1705494087074.1537286398
media.eftours.com/	1970-01-20 17:54:58	Name: AWSALB Value: 7yxxIYG4KJfM/FACyODh1OWWQAyuUuS5iINGPyB3IzjVk9OuCa8hugo6X2/Yz9TAcfAJZvLs1SbGmBQpH7+JK0wl1vCf2xT8piFgJRmFOvQd6/6APsahY4npX8hu
media.eftours.com/	1970-01-20 17:54:58	Name: AWSALBCORS Value: 7yxxIYG4KJfM/FACyODh1OWWQAyuUuS5iINGPyB3IzjVk9OuCa8hugo6X2/Yz9TAcfAJZvLs1SbGmBQpH7+JK0wl1vCf2xT8piFgJRmFOvQd6/6APsahY4npX8hu
.eftours.com/	1970-01-20 17:44:55	Name: _hjIncludedInSessionSample_157276 Value: 1
.eftours.com/	1970-01-21 02:30:30	Name: _hjSessionUser_157276 Value: eyJpZCI6Ijg0Zjc5MjY1LTQ0NTUtNTQ4NC04NmViLTUwNWI5OGExNTcxOCIsImNyZWF0ZWQiOjE3MDU0OTQwODcxNjQsImV4aXN0aW5nIjp0cnVlfQ==
.eftours.com/	1970-01-20 17:44:55	Name: _hjSession_157276 Value: eyJpZCI6IjQ4MmZlZWUxLTRmMmItNGVjNC04NmQ5LTM4MWEwMWZmMmRhOCIsImMiOjE3MDU0OTQwODcxNjQsInMiOjEsInIiOjEsInNiIjoxLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.eftours.com/	1970-01-20 17:46:20	Name: _uetsid Value: efd70410b53211eeacea7da46375a554
.eftours.com/	1970-01-21 03:06:30	Name: _uetvid Value: efd738c0b53211ee9bc4278fc22c59c3
.bing.com/	1970-01-21 03:06:30	Name: MUID Value: 262671BCA44268570D6D65B5A59069D2
.eftours.com/	1970-01-21 02:30:30	Name: cf_clearance Value: D4iP6kBGE.boiiG14PSaf._bt9je9s8Wv4DmIt1UMf4-1705494087-1-Abe0l7cHGMAo4iE+s4kzGPNMOvO8xJzvhS2CQIFTeoakeUIpC8mec0epr3wwYd7jKKCeQq1t/oGsyKtmlCKiXrg=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://js.driftt.com/include/1705494300000/5by59bm3fdyy.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a24099230963.cdn.optimizely.com
analytics.tiktok.com
bat.bing.com
c.lytics.io
cdn.optimizely.com
connect.facebook.net
content.hotjar.io
ct.pinterest.com
eftours.com
fast.wistia.com
js.driftt.com
logx.optimizely.com
media.eftours.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.de
www.googletagmanager.com
18.66.192.58
18.66.192.93
18.66.97.53
2.19.224.184
2001:4860:4802:32::36
23.197.128.15
23.36.163.232
2606:4700:20::681a:316
2606:4700::6811:d548
2606:4700::6811:d648
2620:1ec:c11::200
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:883::13b8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::644
2a04:4e42:8e::84
34.111.140.246
52.212.115.5
99.84.88.7
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0e43d31b9208aecaf9fcb6c27f683d489b4e996e2f07e091a21183fe99985ed6
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
15d9e06dc5a1c7ceeb9de1f11ed216d88ff635e0f66f6fadcd5f60bd67f10a91
192200684e5fefa431cc2256e24dd195fb231b961554eaaee1900acec95e3101
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
24e3a585375a43120d569051554fef43a3825ca3a9da636cde15630f6f089d8f
284817fb57088b638a9ac69c2be281f4027f24e3dd75c420863bb945640162ee
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
29bc58b2e9e8389d2d4e0b180ca98fbca84034e80af5f9a9b3e0fbda8975b1ca
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3aa15deb641ae9adefb54ea48a3b367c28143fe35f9f5bad86c71a2c12b5c215
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
4e66ad5829d69e9b842cae263357d8013a6ef4a64b1dfc3a4fe2bdefc28ad6c0
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
5bdaa2d2fac01a05dee8737ec7b70ad184651961d3a3998c1efa7cf147ae1ba1
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
7ec9b2e5707c695644acc68eb765080c917b8cf9b6c0406127e6038ce9524a6e
852907770647b44121fbb6b6764d2e919e5d4b2d231ac0213c9c99d99c149139
90b3fff54099b262a88138a118a799e4f73786d582a8a1629902747fd73a2a8a
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
b4d4fa5e0e38107e5de7dd35d6dfc0462d2978cab8ca4f7fdd377068a8913770
b83b58cff0617161ebd852dd7387e2ac72e4b5f55534f066ce1751e4bd0b6e0a
ba0927b161b14d6b09d1782b7f4fe4d0e0a83d62fe9eadf97f8eecdbfd310ba0
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
c40a2b5111402b0685167fea776cc738d5e81929ca44048bdf5d4c870b865373
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
ca9179354c4068fcae7655e3d483d06a6fb21eef7ff4083432f56dc37266d48d
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
d4d4b47a50480d783708d2c9b4f01e69928b2c1da9dfb8d7f01ef94d386a47e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef271e255fabbcd99e276cf95dfa410adb7d0e88e7e079e2029b83a349fa9904
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

www.eftours.com Open in urlscan Pro 2606:4700::6811:d548 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

59 %IPv6

18 Domains

23 Subdomains

21 IPs

4 Countries

19168 kBTransfer

22555 kBSize

31 Cookies

20 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eftours.com Open in urlscan Pro
2606:4700::6811:d548 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

59 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

19168 kB
Transfer

22555 kB
Size

31
Cookies

82 HTTP transactions
0 data transactions