urlscan.io logo urlscan.io
SecurityTrails logo

www.eftours.com Open in urlscan Pro
2606:4700::6811:d548  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.eftours.com/
Effective URL: https://www.eftours.com/
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 18 domains to perform 84 HTTP transactions. The main IP is 2606:4700::6811:d548, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 219599.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.
This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.102.11 16509 (AMAZON-02)
2 2a04:4e42:8e::84 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 216.58.206.72 15169 (GOOGLE)
1 52.222.236.71 16509 (AMAZON-02)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
6 104.126.37.129 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 13.32.27.19 16509 (AMAZON-02)
5 151.101.0.84 54113 (FASTLY)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 104.64.165.248 16625 (AKAMAI-AS)
1 18.245.86.87 16509 (AMAZON-02)
1 52.222.236.60 16509 (AMAZON-02)
1 52.50.100.69 16509 (AMAZON-02)
1 142.250.186.162 15169 (GOOGLE)
1 151.101.192.84 54113 (FASTLY)
2 34.111.140.246 396982 (GOOGLE-CL...)
1 216.239.34.36 ()
84 26
33    2606:4700::6811:d548 (United States)

ASN13335 (CLOUDFLARENET, US)
www.eftours.com
media.eftours.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net
www.googletagmanager.com
1    52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net
widget.trustpilot.com
10    2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
6    104.126.37.129 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-129.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a02:26f0:3500:889::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
5    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
3    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.64.165.248 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-165-248.deploy.static.akamaitechnologies.com
a24099230963.cdn.optimizely.com
1    18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net
js.driftt.com
1    52.222.236.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-60.fra56.r.cloudfront.net
widget.trustpilot.com
1    52.50.100.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-100-69.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    151.101.192.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com
logx.optimizely.com
1    216.239.34.36 (None, )

ASN- ()
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
33 eftours.com
www.eftours.com — Cisco Umbrella Rank: 219599
media.eftours.com — Cisco Umbrella Rank: 310016
18 MB
10 lytics.io
c.lytics.io — Cisco Umbrella Rank: 12712
52 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1040
5 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 768
156 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 866
a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 224278
logx.optimizely.com — Cisco Umbrella Rank: 1601
88 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
409 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3038
325 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 353
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
307 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 184
72 KB
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5640
7 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
cm.g.doubleclick.net — Cisco Umbrella Rank: 253
663 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1043
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 795
script.hotjar.com — Cisco Umbrella Rank: 1208
60 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6840
161 B
1 driftt.com
js.driftt.com — Cisco Umbrella Rank: 6282
62 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7531
63 B
1 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4954
134 KB
84 18
Domain Requested by
27 media.eftours.com www.eftours.com
media.eftours.com
10 c.lytics.io www.eftours.com
c.lytics.io
6 ct.pinterest.com s.pinimg.com
6 analytics.tiktok.com www.eftours.com
analytics.tiktok.com
6 www.eftours.com 1 redirects www.eftours.com
3 www.facebook.com www.eftours.com
3 region1.analytics.google.com www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.eftours.com
3 www.googletagmanager.com www.eftours.com
www.googletagmanager.com
2 logx.optimizely.com js.driftt.com
2 connect.facebook.net www.eftours.com
connect.facebook.net
2 widget.trustpilot.com www.googletagmanager.com
widget.trustpilot.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
1 cm.g.doubleclick.net www.eftours.com
1 content.hotjar.io script.hotjar.com
1 js.driftt.com www.eftours.com
1 a24099230963.cdn.optimizely.com cdn.optimizely.com
1 script.hotjar.com static.hotjar.com
1 cdn.optimizely.com www.googletagmanager.com
1 www.google.de www.eftours.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 fast.wistia.com www.eftours.com
84 23
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-04-11 -
2024-06-27		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
lytics.io
E1		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2024-01-25 -
2025-01-27		 a year crt.sh
drift.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-11		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
logx.optimizely.com
GTS CA 1D4		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.eftours.com/
Frame ID: 65AFDEFE33FE4F1751A941ACA2A20036
Requests: 79 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: 6B646C551E5CC62DE41D59961AE06CB4
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Frame ID: C00A9D9F7F2A70124E3A0DFF512BB580
Requests: 1 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: BEF99818BE3FF494F93E40B0955B3886
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 246D0FDC4CDAF6B9B3E950195BC9E4BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Student travel programs | Educational tours for students | EF Tours

Page URL History Show full URLs

  1. http://www.eftours.com/ HTTP 307
    https://www.eftours.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

99 %
HTTPS

42 %
IPv6

18
Domains

23
Subdomains

26
IPs

5
Countries

19152 kB
Transfer

22510 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.eftours.com/ HTTP 307
    https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eftours.com/
Redirect Chain
  • http://www.eftours.com/
  • https://www.eftours.com/
63 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8dfae08bd419cb4fc57ed33ed7e57978bd25b5b6ae307ac6572ebbe57c8028
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

apigw-requestid
WFhBFiuMiYcEPog=
cache-control
private, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
872efc47d98d9f2a-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Apr 2024 00:09:04 GMT
expires
-1
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
all
x-ua-compatible
IE=edge

Redirect headers

Location
https://www.eftours.com/
Non-Authoritative-Reason
HttpsUpgrades
gtm.js
www.googletagmanager.com/ 		402 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05758b58c082dcce695eab4f1143119b959a6f151cd853215bc7bfc85b3a78d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Apr 2024 00:09:04 GMT
baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
media.eftours.com/bundles/css/ 		568 KB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/css/baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 11:03:03 GMT
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Apr 2024 11:03:03 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, max-age=2544783
cf-ray
872efc4c8c479f2a-FRA
x-ua-compatible
IE=edge
modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
media.eftours.com/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 10:38:53 GMT
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Apr 2024 10:38:53 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2543333
cf-ray
872efc4c8c489f2a-FRA
content-length
5776
x-ua-compatible
IE=edge
ET_Desktop_Stage_864.jpg
www.eftours.com/~/media/Images/ETUS/test/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eftours.com/~/media/Images/ETUS/test/ET_Desktop_Stage_864.jpg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
MISS
content-disposition
inline; filename="ET_Desktop_Stage_864.jpg"
content-length
61270
apigw-requestid
WFhBMhNXCYcEJLw=
x-ua-compatible
IE=edge
last-modified
Wed, 30 Mar 2022 15:07:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
private, max-age=3600
accept-ranges
bytes
x-robots-tag
all
cf-ray
872efc4c6c3a9f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
popular_collection_paris.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/popular_collection_paris.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:04 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:43 GMT
server
cloudflare
age
1700268
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Popular_Collection_Paris.webp"
accept-ranges
bytes
cf-ray
872efc4d1ca49f2a-FRA
content-length
86480
expires
Sun, 12 May 2024 00:09:04 GMT
stem_homepage-1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/stem_homepage-1.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:04 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 19:50:04 GMT
server
cloudflare
age
2534344
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="stem_homepage-1.webp"
accept-ranges
bytes
cf-ray
872efc4dbce89f2a-FRA
content-length
60840
expires
Sun, 12 May 2024 00:09:04 GMT
new%20tours%20webp.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/new%20tours%20webp.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Nov 2021 14:42:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="New Tours webp.webp"
accept-ranges
bytes
cf-ray
872efc4e0d1d9f2a-FRA
content-length
52236
expires
Sun, 12 May 2024 00:09:05 GMT
responsible_travel_hp_card.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/responsible_travel_hp_card.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 16:57:52 GMT
server
cloudflare
age
2515363
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Responsible_Travel_HP_card.webp"
accept-ranges
bytes
cf-ray
872efc510e9f9f2a-FRA
content-length
49404
expires
Sun, 12 May 2024 00:09:05 GMT
important_2.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/important_2.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:41 GMT
server
cloudflare
age
587723
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="Important_2.webp"
accept-ranges
bytes
cf-ray
872efc51ef229f2a-FRA
content-length
43748
expires
Sun, 12 May 2024 00:09:05 GMT
seal.svg
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		45 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/seal.svg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Aug 2020 21:35:13 GMT
server
cloudflare
age
2521748
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Seal.svg"
cf-ray
872efc51ef259f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
et-homepg-blogslice-1on1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/et-homepg-blogslice-1on1.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 17:40:31 GMT
server
cloudflare
age
2534344
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-1on1.webp"
accept-ranges
bytes
cf-ray
872efc524f559f2a-FRA
content-length
39942
expires
Sun, 12 May 2024 00:09:05 GMT
clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 		624 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 18:18:12 GMT
server
cloudflare
age
2534344
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Clock.svg"
cf-ray
872efc525f609f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
ET-HomePg-BlogSlice-Tokyo.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Tokyo.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 17:45:30 GMT
server
cloudflare
age
587723
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Tokyo.webp"
accept-ranges
bytes
cf-ray
872efc527f719f2a-FRA
content-length
3628
expires
Sun, 12 May 2024 00:09:05 GMT
ET-HomePg-BlogSlice-Summit.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Summit.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 15:25:05 GMT
server
cloudflare
age
2525790
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Summit.webp"
accept-ranges
bytes
cf-ray
872efc52af7f9f2a-FRA
content-length
3478
expires
Sun, 12 May 2024 00:09:05 GMT
ET-HomePg-BlogSlice-Carlos.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Carlos.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 15:25:06 GMT
server
cloudflare
age
1273533
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET-HomePg-BlogSlice-Carlos.webp"
accept-ranges
bytes
cf-ray
872efc52af819f2a-FRA
content-length
2400
expires
Sun, 12 May 2024 00:09:05 GMT
bottom-cta-collage.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/bottom-cta-collage.webp
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 14:42:36 GMT
server
cloudflare
age
587723
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=2592000
content-disposition
attachment; filename="bottom-cta-collage.webp"
accept-ranges
bytes
cf-ray
872efc52af879f2a-FRA
content-length
37290
expires
Sun, 12 May 2024 00:09:05 GMT
ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Aug 2022 20:40:33 GMT
server
cloudflare
age
2522548
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
content-disposition
inline; filename="EF-logo-footer_optimized.png"
accept-ranges
bytes
cf-ray
872efc52df9e9f2a-FRA
content-length
6326
expires
Sun, 12 May 2024 00:09:05 GMT
E-v1.js
fast.wistia.com/assets/external/ 		801 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cff93057cc0c42e77bca58adecd80ee133eb3660e920f1427d4a5a362868a9b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3282
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
136702
x-served-by
cache-iad-kiad7000095-IAD, cache-mxp6954-MXP
x-browser-version
123
last-modified
Thu, 11 Apr 2024 19:12:56 GMT
server
AmazonS3
x-timer
S1712880546.698622,VS0,VE0
etag
"83d97db7b2c29ef4f0a1234b1b2d42c0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
c0d01d28c70baed28d9fe2061b2f7e58f913261e
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
70, 34
rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1
media.eftours.com/bundles/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 11:06:21 GMT
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Apr 2024 11:06:21 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2544981
cf-ray
872efc516ed59f2a-FRA
content-length
2463
x-ua-compatible
IE=edge
requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
media.eftours.com/bundles/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 11:04:41 GMT
date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Apr 2024 11:04:41 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2544881
cf-ray
872efc51ef1f9f2a-FRA
content-length
7510
x-ua-compatible
IE=edge
rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1
media.eftours.com/bundles/ 		654 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/bundles/rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 11 Apr 2025 11:04:42 GMT
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Apr 2024 11:04:42 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2544881
cf-ray
872efc51ef219f2a-FRA
content-length
476
x-ua-compatible
IE=edge
js
www.googletagmanager.com/gtag/ 		281 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db03b8121b95367bd11ddd8c1b0eec20169e298146772e7d9472a0686b058c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97759
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Apr 2024 00:09:05 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 12 Apr 2024 00:09:05 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C36FB1B9D4BD419EACE9363C6B45A5D2 Ref B: FRA31EDGE0619 Ref C: 2024-04-12T00:09:05Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
hotjar-157276.js
static.hotjar.com/c/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-157276.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
c02b6f3cfe891dc09139c71a49ef9786a29debdcbbe350fb503b69329222d8ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 12 Apr 2024 00:09:05 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/fb2301ce683be518e08b19e693704195
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
BA1_d5NhRRXoCTrjgAmizq0hlCUFcc-jCUWyTJGQeehaFi4ni_bFvg==
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b8ad518b32b5554c4186df68d94a8abcf4e42b0d373894111adbbf0f3f0166f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
br
x-cdn
fastly
etag
"833dcd107a8faac1e10e3251faf8ba31"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1903
ET_1700_Frame1.jpg
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700_Frame1.jpg
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
age
2463279
content-disposition
inline; filename="ET_1700_Frame1.jpg"
content-length
127330
x-ua-compatible
IE=edge
cf-bgj
h2pri
last-modified
Wed, 18 May 2022 17:38:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
872efc51ff2b9f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
ET_1700.webm
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700.webm
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://www.eftours.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Wed, 18 May 2022 17:38:29 GMT
server
cloudflare
age
86281
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
Content-Range
bytes 0-7624351/7624352
cache-control
public, max-age=2592000
content-disposition
attachment; filename="ET_1700.webm"
cf-ray
872efc52efba9f2a-FRA
Content-Length
7624352
expires
Sun, 12 May 2024 00:09:05 GMT
clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 		624 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Jun 2022 18:18:12 GMT
server
cloudflare
age
2534344
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-disposition
inline; filename="Clock.svg"
cf-ray
872efc525f609f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Origin
https://www.eftours.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
age
2531867
content-length
23756
apigw-requestid
Uk7tAguDiYcEPLA=
x-ua-compatible
IE=edge
last-modified
Tue, 05 Mar 2024 16:23:32 GMT
server
cloudflare
etag
"05ade76196fda1:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-robots-tag
all
cf-ray
872efc522f439f2a-FRA
expires
Sun, 12 May 2024 00:09:05 GMT
ET-People-556px-2023-v2.mp4
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 		10 MB
10 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ET-People-556px-2023-v2.mp4
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://www.eftours.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:05 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 20:31:36 GMT
server
cloudflare
age
2534344
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-10078971/10078972
cache-control
public, max-age=2592000
content-disposition
inline; filename="ET-People-556px-2023-v2.mp4"
cf-ray
872efc531fcd9f2a-FRA
Content-Length
10078972
expires
Sun, 12 May 2024 00:09:05 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je44a0v877811556z8867853431za200&_p=1712880544593&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1180036502.1712880546&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712880545&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group&tfd=1794
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=1180036502.1712880546&gtm=45je44a0v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=1180036502.1712880546&gtm=45je44a0v877811556z8867853431za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=115602527
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		281 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7a8b0b23b92a0407081c4092ce6ba784cb84e0b34ec53c04c8b79814427190ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97782
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Apr 2024 00:09:05 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:27:23 GMT
content-encoding
gzip
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P4
age
81703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
bI37fCoBrXz9InWaZ-30Q5PN2WmVaBo33gQD4lfLnDOLtzkBoxWWXw==
latest.min.js
c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Thu, 11 Apr 2024 20:27:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9Ldylrwn4t6Tg7D5fpV5rkBOc7XzGutJ8ZUWimVQQsqutnY00PSkTZGOtQeeb5Qkfl212YOpibXfoLKYt%2BACaBf%2F3SMgNZ0NaF%2FjvdVHfNr7fh1Al7bellDMDaH5c5iOHV1mhsQbxBH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
b5851c79ae919f2fe6bbf59135ecc1d1
cf-ray
872efc53ab4e1c40-FRA
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
10c8371fce9f7cc7ee2cf1c43a76f493fbac3cebc2a2771e975f8cf2cfcdda9d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
edcc393
date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240412000905E4BF27042BD164DB243E-04E5E6E10FF6A75E-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
content-length
1985
pragma
no-cache
server
nginx
x-tt-logid
20240412000905E4BF27042BD164DB243E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,104.126.37.125
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3de79e335a9be1344cf4ad306f2d29b3a239749bb94df0bfbc6109c8206a168a1b42319875b6570410e05e52df9e721fcca6e13c5031f07b905ceb624e5abc127dd34084d0b75ee59ed2434f08b1dc0ec5f
expires
Fri, 12 Apr 2024 00:09:05 GMT
24439131089.js
cdn.optimizely.com/js/ 		284 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/24439131089.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
CE_xma4TKhYXMd10oaeyKzZ9OzVCGXve
content-encoding
gzip
date
Fri, 12 Apr 2024 00:09:05 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
4JG859M9G269DN9K
x-amz-server-side-encryption
AES256
x-amz-meta-revision
186
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=11, origin; dur=102, cdn;desc="AkamaiION";dur=0,rtt;desc="38";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1712880545825_388276626_264003065_11316_1609_44_42_146";dur=1
content-length
88803
x-amz-id-2
B88g5sU3z/uNa6YFpbTcf0e+4QWtxtg5LmA9NOdAQeP47ttGxsWxoWVr5LbJFTQNQWy7xZrcrkM=
last-modified
Tue, 02 Apr 2024 21:02:09 GMT
server
AmazonS3
etag
"a4589c74ed12532b2277b5784194be64"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 12 Apr 2024 00:09:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
rDYh8DklQqk5cpwPv5fOQ4Rhz96eVUDH7a157SASmYYo97Ez1Orvy3NEIMt+z5G+LfVW9ldZRskMXUVyydTYzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.4701fd00.js
s.pinimg.com/ct/lib/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.4701fd00.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04869dd0aed2afc622054d94a65c3c5b49bbf44f71bb30609964166d4d679c49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
br
x-cdn
fastly
etag
"de2c99f783d3217b95be1cda8849a9ad"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19825
13007618.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13007618.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 12 Apr 2024 00:09:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3988F0D334BC453CB4DC27AB590F85A1 Ref B: FRA31EDGE0619 Ref C: 2024-04-12T00:09:05Z
x-cache
CONFIG_NOCACHE
modules.429236d560f51d186b8b.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.429236d560f51d186b8b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
568259
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55714
last-modified
Fri, 05 Apr 2024 10:17:11 GMT
etag
"f153d7cc62fba42a4a256996815cbb73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DQwVQFMFSXHZz5ok-M7CLQCt_OBobhe_JA8yoovZjLVCWsSTEWRIdA==
/
ct.pinterest.com/user/ 		320 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1712880545753&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
4175991229779954
content-length
186
pin-unauth
dWlkPVpqTTJZbUk1TUdRdE5tWXpaQzAwTjJZNExUZzVOVFF0WlRCbE9HRmlOekUxWldJeA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
aed6e22040f8c87d02c242b2ce1a155ff8d4fc7c
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		320 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1712880545754&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:05 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1100702869315985
content-length
186
pin-unauth
dWlkPU1URmxPVEkxWkRVdE1URmhaaTAwTkdJMkxUa3lOMlV0WWpZd1ltRTROelF3TnpWbQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
aed6e22040f8c87d02c242b2ce1a155ff8d4fc7c
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%224701fd00%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.122%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1712880545754
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:05 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.eftours.com
pinterest-version
aed6e22040f8c87d02c242b2ce1a155ff8d4fc7c
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
5403728278758777
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2620473989394&cb=1712880545919&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVpqTTJZbUk1TUdRdE5tWXpaQzAwTjJZNExUZzVOVFF0WlRCbE9HRmlOekUxWldJeA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%224701fd00%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.122%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:05 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.eftours.com
pinterest-version
aed6e22040f8c87d02c242b2ce1a155ff8d4fc7c
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
3363776166919879
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
302935565346434
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/302935565346434?v=2.9.153&r=stable&domain=www.eftours.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db16c802956ddfa6e25b8a89ae9753782b782e363bac1e50c0bde41ad583099e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 12 Apr 2024 00:09:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=61, mss=1294, tbw=63156, tp=-1, tpl=-1, uplat=55, ullat=0
pragma
public
x-fb-debug
5cSizM+267H20FwYfVaiSxEhuzNkuO1FWASsJBcwyuvibOLXppF1CjOWMnMkuQM44mfxPtcsTqhVbHNlynWkRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTFhN2NkNDczMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
edcc49f
date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202404081245434D2F9E4100B3B774A50E
x-tt-trace-id
00-2404081245434D2F9E4100B3B774A50E-66FCA988CC44CD6A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018cc3f4c5ca2f36007487116f9fdd47b4f75817db5db3581abbd92ee893da4f3a220388ce5c571891d18379bbb47916f6b4ee16ba58455726057548aa6a20a11e491acc5bd7ee9534a4bc6fc38aaf021502f65bbcfb2a2e11bdd4bd00b25b9a74
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
116201
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1712880546096&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1712880546094.1952742460&cs_est=true&ler=empty&cdl=API_unavailable&it=1712880545986&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2756, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 12 Apr 2024 00:09:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
a24099230963.html
a24099230963.cdn.optimizely.com/client_storage/ Frame 6B64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.64.165.248 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-165-248.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1077
content-type
text/html; charset=utf-8
date
Fri, 12 Apr 2024 00:09:06 GMT
etag
"3006b582da131f67b78b68eb16a5abba"
last-modified
Thu, 11 Apr 2024 15:02:04 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=34 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="39";dur=0,cdnip;desc="104.64.165.248";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1712880546243_399797861_770139295_3488_1435_39_43_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
bJB57NHd5murLBnLkuDVgMsAUk5oB4pXiQ3wnXVW3Vn5nDwRWKWTzHP/hJs74Vqe2XPRuYqV1wg=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
CKXKKB332VEMZXZT
x-amz-server-side-encryption
AES256
x-amz-version-id
4dQYyK9SehPqbG4xI6sM1Ijcjtn5NeT7
5by59bm3fdyy.js
js.driftt.com/include/1712880600000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1712880600000/5by59bm3fdyy.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-87.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
28e132ea525a5b852dc1a77fcadc939ba1b70d68f321dd2ddeedc4b8a8cb93ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ECpAIUHXvnHr64vvrQweEad8ZWUjBUSY
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 12 Apr 2024 00:09:06 GMT
via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 04 Apr 2024 20:13:54 GMT
server
istio-envoy
etag
W/"d320e83a1b98d0793815b4e22b96825b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
BvLBz-RzeV3SNDoo_0LjBzETyJzRs3qet4pQQ6CwGu1ZhPn6IfSQig==
index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame C00A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
59510
cache-control
max-age=86400
content-encoding
gzip
content-length
3267
content-type
text/html
date
Thu, 11 Apr 2024 07:37:17 GMT
etag
"2922a85ce6caf46f828c097bf7aa1036"
last-modified
Mon, 30 Oct 2023 13:11:24 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
x-amz-cf-id
v8dz-aU7KXzICznIhDr6-afXMoze4lCcC8vstIIgyq0cPHLhiCy76g==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=157276&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.429236d560f51d186b8b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.50.100.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-100-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9baae893c4982939e6b14569fa602b2d20b9c74d36dab4dcef1f2354fd39dfe0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Apr 2024 00:09:06 GMT
content-length
56
vary
Origin
content-type
application/json
main.js
www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame BEF9
Redirect Chain
  • https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0a81f4bac7eff54a79fff424d0ff169d88d1b8fef5273bb64c7c0169cb5a58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=3600
cf-ray
872efc5659eb9f2a-FRA

Redirect headers

date
Fri, 12 Apr 2024 00:09:06 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin
*
cache-control
private, max-age=3600
cf-ray
872efc55c99f9f2a-FRA
content-length
0
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=a0f55a27-20a2-4ca1-970d-8813b5045b06&sid=e07d3a70f86011eeb9caa352f27d20f3&vid=e07d3380f86011eea5d88d6e1ce7cb50&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=2321&evt=pageLoad&sv=1&rn=528992
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 12 Apr 2024 00:09:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6638D3F56D64B468FF2A42FE5954FDF Ref B: FRA31EDGE0619 Ref C: 2024-04-12T00:09:06Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.25043c26.js
media.eftours.com/content/js-build/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/content/js-build/bootstrap.25043c26.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2531867
content-length
14899
x-ua-compatible
IE=edge
last-modified
Tue, 05 Mar 2024 16:23:32 GMT
server
cloudflare
etag
"05ade76196fda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
872efc55d9a29f2a-FRA
expires
Sun, 12 May 2024 00:09:06 GMT
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1712880546159&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1180036502.1712880546&optimizelyid=oeu1712880546126r0.9873597921663042&_v=3.0.35&_uid=d08b9756-90b6-436d-a919-04e8e10aa59d&_getid=t
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRlC9y%2Fx1TmZelkKVcMcifAFSLhy6OflDiQtAnLxsNcXFPuEzshQVd6%2FUxs4Avbl7o%2F4ro69aHr4lrzquwPXAF5JYBgMEtphnBX890V0YzEGX%2F0ZjDAQ6n%2F7uORWX%2FJy1sTKl1lrcX%2FL"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
2b84ae00ba6da654bc91350e108ffa79
cf-ray
872efc55dc911c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
identify_38a7e.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
edcc606
date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240408124538835843693CD9FEC2279E
x-tt-trace-id
00-240408124538835843693CD9FEC2279E-1E93971DE01D37DD-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4186a14c1a965e9fe560ec89fc48a34c18ca976d3b8bcb1d367c1525ecef1aa05c1b122910b5ddc5ca58b93e58f22d30dfbe145382d721b3530c831c61646dab36c
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length
36830
pixel
analytics.tiktok.com/api/v2/ 		0
847 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8d0a0d60.edcc64b
date
Fri, 12 Apr 2024 00:09:06 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24041200090677B668EFC9848F06D2B5-00B2AEE41777DDD4-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
156,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=141, origin; dur=21, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024041200090677B668EFC9848F06D2B5
x-cache-remote
TCP_MISS from a23-220-106-216.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.220.106.216
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3dee1fc95b4f7f0ecab88fe095e3f2f325f63630b71ef36963f55519aacaa9100cdcbef54c2c6654c8d8d1da9045b16665b2264a3831bfd7dc179e09acab68d93ae5a0e726b3eab2fc9c6df6483b2e364754fbdac6e4cfb5f2d4b82fd5d72a3e101
access-control-allow-headers
Authorization,*
expires
Fri, 12 Apr 2024 00:09:06 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
47acaa9.edcc64c
date
Fri, 12 Apr 2024 00:09:06 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240412000906F1115310E3D6174FE31E-6782DF79FF353888-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
170,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=119, origin; dur=58, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240412000906F1115310E3D6174FE31E
x-cache-remote
TCP_MISS from a23-46-238-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
58,23.46.238.141
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3dee1fc95b4f7f0ecab88fe095e3f2f325f1ef07aa7869083f81962573049be014a33278e3ec3d75f2e315cce551c022faea263fecce9b4c887a24956043181f2aa6f203896be8ea624279879b61536063801ce535298f5b44ccf08d9c45c792048
access-control-allow-headers
Authorization,*
expires
Fri, 12 Apr 2024 00:09:06 GMT
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?gtm.start=1712880544593&event=gtm.js&gtm.uniqueEventId=1&_ts=1712880546195&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1180036502.1712880546&_uid=d08b9756-90b6-436d-a919-04e8e10aa59d&optimizelyid=oeu1712880546126r0.9873597921663042&_v=3.0.35
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YXX4YEhzm1WcAA6f49FR6WUVu9vebv7kSsJWyLcr9GMo8HocSBbN8eCXrGjoHz%2BpnkThsN4%2F3c0UHbfRIpIXHKufg5eLzg8eXyxSWRL7xOn3vzNfUWFBk80zDjrcZ5%2BZ5O7A5UphTqH"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
4542b65e881857ddb9d28c3ed9debbd5
cf-ray
872efc563cbe1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8k3w5hQSTdJygCMKdFEEDYuAGwPXqoo7R6Ofk4HeDiU9%2F0LBLxR6DSMID9JU47zuIW8xacl5ABZVB1rtNxitZ10bw5TcJkdkIag%2BJZhoV6bdkNfoWQJ0899g9LQT3r5EZ%2BRCT8WM7Av"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
17f6b4f9a128d0b601e0264718da941c
cf-ray
872efc563cbf1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
d08b9756-90b6-436d-a919-04e8e10aa59d
c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/ 		289 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/d08b9756-90b6-436d-a919-04e8e10aa59d?segments=true&stream=ef_et&mergestate=true&state=%7B%22_uid%22%3A%22d08b9756-90b6-436d-a919-04e8e10aa59d%22%2C%22_ga%22%3A%22GA1.1.1180036502.1712880546%22%2C%22optimizelyEndUserId%22%3A%22oeu1712880546126r0.9873597921663042%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22optimizelyid%22%3A%22oeu1712880546126r0.9873597921663042%22%2C%22_v%22%3A%223.0.35%22%2C%22_uido%22%3A%22d08b9756-90b6-436d-a919-04e8e10aa59d%22%7D&ts=1712880546279&callback=u_294186139566178400
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e36e3977d4e15e13712f5c6249c44f4c97b50ea249812f3c77cd9edad29ade6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnnrFdCGLYOfbq9BRNkG23qO7b4aYLbmEIuZGz%2B4uxrOIR%2Fi6aouzYYA3aJs%2Fls74YMr%2FMAaY%2FHOhnu9C2wU2mggdfvcO0FRdQ3grLm%2Bzb10Ed2bDh0HU7zn0Jqa2Gq2vRebN6GYHKAZ"}],"group":"cf-nel","max_age":604800}
x-lytics-trace
27df02da68e762280405e749827dfc05
cf-ray
872efc565cc51c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ga=GA1.1.1180036502.1712880546&optimizelyEndUserId=oeu1712880546126r0.9873597921663042&_ts=1712880546275&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=d08b9756-90b6-436d-a919-04e8e10aa59d&optimizelyid=oeu1712880546126r0.9873597921663042&_v=3.0.35&_uido=d08b9756-90b6-436d-a919-04e8e10aa59d
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5NrpRQc3%2B1ftyIqjE%2Bhb3%2FJw75l8tuZJYER0%2BgTOeqqYDCJ8A2t1pUiL7oH1UKEJqipa48vrBV5d0AxIeOC19X%2F3PMPsux5ATfR8hiGSdrPgRTS7lXsQDZ0cFep0CUYRDqam5HUviEN"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
3dbb61a1909edc10318e4d5632a4848a
cf-ray
872efc565cc61c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
jquery-3.5.0.min.js
media.eftours.com/Content/js/libs/ 		105 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/Content/js/libs/jquery-3.5.0.min.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2531866
content-length
43498
x-ua-compatible
IE=edge
last-modified
Tue, 05 Mar 2024 16:23:32 GMT
server
cloudflare
etag
"05ade76196fda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
872efc577abf9f2a-FRA
expires
Sun, 12 May 2024 00:09:06 GMT
hoverbox.ce79547e.js
media.eftours.com/content/js-build/core/modules/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/content/js-build/core/modules/hoverbox.ce79547e.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bc58b2e9e8389d2d4e0b180ca98fbca84034e80af5f9a9b3e0fbda8975b1ca
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2521825
content-length
27812
x-ua-compatible
IE=edge
last-modified
Tue, 05 Mar 2024 16:23:34 GMT
server
cloudflare
etag
"087f78196fda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
872efc577ac29f2a-FRA
expires
Sun, 12 May 2024 00:09:06 GMT
nav.f0038006.js
media.eftours.com/content/js-build/core/modules/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js
Requested by
Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2527246
content-length
2210
x-ua-compatible
IE=edge
last-modified
Tue, 05 Mar 2024 16:23:34 GMT
server
cloudflare
etag
"087f78196fda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
872efc577ac39f2a-FRA
expires
Sun, 12 May 2024 00:09:06 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
47acc0a.edcc79e
date
Fri, 12 Apr 2024 00:09:06 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404120009065C98E64A42D48AD25135-261FDF732AB98E09-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
118,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=29, inner; dur=22
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404120009065C98E64A42D48AD25135
x-cache-remote
TCP_MISS from a23-46-238-141.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.46.238.141
x-tt-trace-host
011997499a894a92c3e9fbcf89a58eb3dee1fc95b4f7f0ecab88fe095e3f2f325f1ef07aa7869083f81962573049be014a41423d1719012f93ad1060f9bc629e4e58213beb31d8035e469ac005deaa0eb2a80d9cf568c278d06c894197445043baa8ccc90b9a626fdf8f454e8947b0cf04
access-control-allow-headers
Authorization,*
expires
Fri, 12 Apr 2024 00:09:06 GMT
872efc47d98d9f2a
www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame BEF9 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/872efc47d98d9f2a
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
cache-control
private, max-age=3600
content-encoding
gzip
server
cloudflare
cf-ray
872efc57caf99f2a-FRA
content-type
text/plain; charset=UTF-8
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=ZDA4Yjk3NTYtOTBiNi00MzZkLWE5MTktMDRlOGUxMGFhNTlk
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je44a0v877811556za200&_p=1712880544593&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1180036502.1712880546&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1712880545&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_ee=1&_et=150&tfd=2645
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1712880546509&cd[external_id]=d08b9756-90b6-436d-a919-04e8e10aa59d&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1712880546094.1952742460&ler=empty&cdl=API_unavailable&it=1712880545986&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=3122, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 12 Apr 2024 00:09:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1712880546510&cd[ly_unknown_email]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1712880546094.1952742460&ler=empty&cdl=API_unavailable&it=1712880545986&coo=false&rqm=GET
Requested by
Host: www.eftours.com
URL: https://www.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=3122, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 12 Apr 2024 00:09:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca727c9d9c5d3ffa9fc01a2c57d612263a5ef4138da8d9b8e76e354835882466

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
x-cdn
fastly
age
4925
etag
"2a8d051abafd7b1d3f62592455b15f0c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4101
ct.html
ct.pinterest.com/ Frame 246D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4701fd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Fri, 12 Apr 2024 00:09:06 GMT
pinterest-version
aed6e22040f8c87d02c242b2ce1a155ff8d4fc7c
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1288150902509747
google_dv360
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 		35 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/google_dv360?_ts=1712880546656&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1180036502.1712880546&_uid=d08b9756-90b6-436d-a919-04e8e10aa59d&optimizelyid=oeu1712880546126r0.9873597921663042&_v=3.0.35&_uido=d08b9756-90b6-436d-a919-04e8e10aa59d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:06 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMImJWpuILqgLQaegRCf7nvBIG5oRou29BxT7MecSq8p5aRZcN8%2BJOJ4g1fH6axa0fo9O0k1qMJSVcCeG2i2Ba%2FxFN8%2FHCJl4dij0t1zztXZHN3d6vnHSDf6e4LjCfPD%2B3BqBO%2F2k8wu"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
a0b0378fc765e591d9c52e2a0ea446f9
cf-ray
872efc58bddb1c40-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
favicon.png
media.eftours.com/~/media/images/etus/logos/icons/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.eftours.com/~/media/images/etus/logos/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Fri, 12 Apr 2024 00:09:06 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2013 17:28:21 GMT
server
cloudflare
age
1625284
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
content-disposition
inline; filename="Favicon.png"
accept-ranges
bytes
cf-ray
872efc59bddf9f2a-FRA
content-length
4172
expires
Sun, 12 May 2024 00:09:06 GMT
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 23:37:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1870
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFkEgDIcfFXe0Gn1bjhe2ihtwhaES6AYA5O9PSP9m65BVjZh6hpuq2NXvduRCO9VHdeN0IF%2FlYNLCqnBVL5Qnfh%2BLPzb1qZ7fIwn7fZE5n1VCVA7jpAVsc4oiT1IGAOrzZ0MRx0pT4vR"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
872efc5aef061c40-FRA
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 12 Apr 2024 00:08:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
37
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhJoz%2FdJZbGmUa3jtxk73%2BfARlNvTs%2FcMCOfcR1163ZQXoPjFS5Z9%2B6TO9DoGLib%2BYpzJ9t4LN6xjvOgcFrjG6%2FEpzZRQC1Btk5Q6kzoFI30XA6HIiZfDF8OqLrOB1fkq8BrKbrQtVyL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
872efc5b4f2f1c40-FRA
config.js
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 		327 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 00:09:07 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
EXPIRED
last-modified
Thu, 11 Apr 2024 22:08:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RP6XylqcfJKhac3A%2Fibxo%2Frlo5cw8iAF%2FfLXNSETiFWzkkvuM0eBNylKTvYwya3nDC0L9tDeaWe48ronGt58M3cSdXuhaLcz2Lg5HlBHVseXiyR4RkICzFUZD8CYOysArN7bpMeGAT37"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
e5d90ca400b8acfd3a059598483de139
cf-ray
872efc5b4f311c40-FRA
events
logx.optimizely.com/v1/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1712880600000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Apr 2024 00:09:07 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
15cacd0f-e171-4346-b26d-42defa322eb6
events
logx.optimizely.com/v1/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1712880600000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Apr 2024 00:09:08 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
ac63004b-56b1-4b51-83f2-029d6ad8ab29
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je44a0v877811556za200&_p=1712880544593&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1180036502.1712880546&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=3&sid=1712880545&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=lytics&_ee=1&ep.event_category=lytics_user_properties&ep.non_interaction=true&_et=697&up.ly_segments_dim=ly_unknown_email%2Call&up.ly_user_id_dim=d08b9756-90b6-436d-a919-04e8e10aa59d&tfd=7646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.eftours.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 00:09:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| pintrk object| EFTOURS object| html5 object| Modernizr function| yepnope object| z object| w object| y object| x object| vid object| source object| d object| a object| b object| c object| source2 function| initWistiaPlayButton function| handleWistiaPlayClick object| _wq function| onYouTubeIframeAPIReady object| gaGlobal function| require function| createLyticsPrimaryKey function| keyChooser object| jstag number| keyExists function| handleGA4UserProperties string| url string| keyToFind undefined| valueFound undefined| utmCookie string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_973662bcf7 object| uetq object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| gtag object| Trustpilot object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| wistiaEmbeds object| tagConfig function| _ object| optimizely number| startTime number| duration function| drift undefined| driftt object| drift_init_options function| requirejs function| define object| __lytics__jstag__ object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks undefined| u_294186139566178400 function| Waypoint object| enquire object| subscriptions object| amplify object| opts object| Handlebars object| handlebars function| $ function| jQuery number| bpDoc number| bpInner string| waypointContextKey object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_audio_context object| pathfora

31 Cookies

Domain/Path Name / Value
www.eftours.com/ Name: AWSALB
Value: egaEhDJ1tBVuwzKac9s+Cjo/FJ0nw92vHaV5ujzzKPAkfr70b6+FCWmWB8LCOA1WHSZkL/xppGbKpp6GJWqR45EGOAgpYuFZmEav7USuwtXuTobsdXsSyrYbgWfC
www.eftours.com/ Name: AWSALBCORS
Value: egaEhDJ1tBVuwzKac9s+Cjo/FJ0nw92vHaV5ujzzKPAkfr70b6+FCWmWB8LCOA1WHSZkL/xppGbKpp6GJWqR45EGOAgpYuFZmEav7USuwtXuTobsdXsSyrYbgWfC
www.eftours.com/ Name: ASP.NET_SessionId
Value: iq3vrsfs5yjx0hahtp3n5wz2
www.eftours.com/ Name: __RequestVerificationToken
Value: lniQL3aHFhEh-fpQnrfD2tvNoTkd9WLWFgsKFuI-Zy348hdgULxXFx2F5uVUDhNMMYoo6njfLRQG5K2p77e9JJSSVXXlBJ27Jh4badld2A41
.eftours.com/ Name: PriceDefault
Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/ Name: recent
Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/ Name: __cf_bm
Value: OQCFvwGbD2QsEsuqVcCcJMa3c93QtiaByI6XjyvtEdU-1712880544-1.0.1.1-9TkQ3kdU3tgHTg9nzNVuBBoK3Y8Kyab2odSAxacC6M8pqEgqdqMv6hd6c.xKHqzRtvnkRk2PlQilCAz6nrPRMddUzHXhBzNGEkDK7iSAw4o
.eftours.com/ Name: _cfuvid
Value: xQHWFdfh4hbuTCYznIOGkNGhmvviTSI5AsdtYwJCFWw-1712880544559-0.0.1.1-604800000
.eftours.com/ Name: _gcl_au
Value: 1.1.1158639924.1712880545
.eftours.com/ Name: _ga
Value: GA1.1.1180036502.1712880546
.pinterest.com/ Name: ar_debug
Value: 1
.eftours.com/ Name: _pin_unauth
Value: dWlkPVpqTTJZbUk1TUdRdE5tWXpaQzAwTjJZNExUZzVOVFF0WlRCbE9HRmlOekUxWldJeA
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZabUVXQWFoRFNtSzcxeE0ydmxCRnNPNURBajllcWN3bDhXRXY2UUR4OU5IbzZvcFhKMVpsRHpWYVJPQzJsTUUybFQ3RHgrRXlSSkhyNGtNWU9oUldqb3hWYzJyMDNIbENTWExoRVd1TE5KRT0mZlBqWG9pRXdLbTM2T1VaamZycW5jTVNnbVNzPQ=="
.tiktok.com/ Name: _ttp
Value: 2eyd2ZzxqWATYZzUg5GfwH9Pa85
.eftours.com/ Name: _fbp
Value: fb.1.1712880546094.1952742460
media.eftours.com/ Name: AWSALB
Value: 5++X9UcGvYnnsgCAVEKLw14nw/XCxMZmzxXwslCuXpOSAXxihHtGTECbng0796jMniMfjosH0yB91W3EB29YaPBsVEe3HjX9dA/1o53iOgpFxklDdl5siXwgRNJ6
media.eftours.com/ Name: AWSALBCORS
Value: 5++X9UcGvYnnsgCAVEKLw14nw/XCxMZmzxXwslCuXpOSAXxihHtGTECbng0796jMniMfjosH0yB91W3EB29YaPBsVEe3HjX9dA/1o53iOgpFxklDdl5siXwgRNJ6
.eftours.com/ Name: optimizelyEndUserId
Value: oeu1712880546126r0.9873597921663042
.www.eftours.com/ Name: seerses
Value: e
.eftours.com/ Name: _hjSessionUser_157276
Value: eyJpZCI6ImQ3N2JiNWNiLTZkMTctNTkzYS04ZTJlLTY3YjUzZTg4MTI1YSIsImNyZWF0ZWQiOjE3MTI4ODA1NDYxNjQsImV4aXN0aW5nIjp0cnVlfQ==
.eftours.com/ Name: _hjSession_157276
Value: eyJpZCI6IjE2YWEzNzM5LTBlOGMtNDVkNy05YjkyLTlkZmRmOTgwMzM4NyIsImMiOjE3MTI4ODA1NDYxNjUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.eftours.com/ Name: _uetsid
Value: e07d3a70f86011eeb9caa352f27d20f3
.eftours.com/ Name: _uetvid
Value: e07d3380f86011eea5d88d6e1ce7cb50
.www.eftours.com/ Name: seerid
Value: d08b9756-90b6-436d-a919-04e8e10aa59d
.eftours.com/ Name: _tt_enable_cookie
Value: 1
.eftours.com/ Name: _ttp
Value: dYJd_vQ_VjAWhzfVpl3dc5LHLAJ
.bing.com/ Name: MUID
Value: 0CB0FACCE25A6BE91A32EE93E3D16A43
.lytics.io/ Name: seerid
Value: d08b9756-90b6-436d-a919-04e8e10aa59d
.www.eftours.com/ Name: ly_segs
Value: %7B%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22all%22%3A%22all%22%7D
.eftours.com/ Name: _ga_9JLH500JCE
Value: GS1.1.1712880545.1.1.1712880546.59.0.0
.eftours.com/ Name: cf_clearance
Value: z.d2r29YSzk9jaP2iGSIAk22BWlccSXYKUrpniV6WDA-1712880546-1.0.1.1-X_ikM4.haqyfNj5Vuj8ETlcvpfcbbZy0Memm8D3cusJgzTBY7Vr8CEPhBs.T8BkIg4xCM6wv6vP1FvIw.UZnfA

25 Console Messages

Source Level URL
Text
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/302935565346434?v=2.9.153&r=stable&domain=www.eftours.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js.driftt.com/include/1712880600000/5by59bm3fdyy.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.eftours.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a24099230963.cdn.optimizely.com
analytics.tiktok.com
bat.bing.com
c.lytics.io
cdn.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
content.hotjar.io
ct.pinterest.com
fast.wistia.com
js.driftt.com
logx.optimizely.com
media.eftours.com
region1.analytics.google.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.de
www.googletagmanager.com
104.126.37.129
104.64.165.248
13.32.27.19
142.250.186.162
142.250.186.35
151.101.0.84
151.101.192.84
18.245.86.87
18.66.102.11
2001:4860:4802:34::36
216.239.34.36
216.58.206.72
2606:4700:20::ac43:49ec
2606:4700::6811:d548
2620:1ec:c11::237
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9b
2a02:26f0:3500:889::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::644
2a04:4e42:8e::84
34.111.140.246
52.222.236.60
52.222.236.71
52.50.100.69
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
04869dd0aed2afc622054d94a65c3c5b49bbf44f71bb30609964166d4d679c49
05758b58c082dcce695eab4f1143119b959a6f151cd853215bc7bfc85b3a78d7
071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9
10c8371fce9f7cc7ee2cf1c43a76f493fbac3cebc2a2771e975f8cf2cfcdda9d
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1b8ad518b32b5554c4186df68d94a8abcf4e42b0d373894111adbbf0f3f0166f
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
28e132ea525a5b852dc1a77fcadc939ba1b70d68f321dd2ddeedc4b8a8cb93ec
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
29bc58b2e9e8389d2d4e0b180ca98fbca84034e80af5f9a9b3e0fbda8975b1ca
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
4e36e3977d4e15e13712f5c6249c44f4c97b50ea249812f3c77cd9edad29ade6
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0a81f4bac7eff54a79fff424d0ff169d88d1b8fef5273bb64c7c0169cb5a58
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477
7a8b0b23b92a0407081c4092ce6ba784cb84e0b34ec53c04c8b79814427190ba
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
7cff93057cc0c42e77bca58adecd80ee133eb3660e920f1427d4a5a362868a9b
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
9baae893c4982939e6b14569fa602b2d20b9c74d36dab4dcef1f2354fd39dfe0
ab8dfae08bd419cb4fc57ed33ed7e57978bd25b5b6ae307ac6572ebbe57c8028
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c02b6f3cfe891dc09139c71a49ef9786a29debdcbbe350fb503b69329222d8ac
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
ca727c9d9c5d3ffa9fc01a2c57d612263a5ef4138da8d9b8e76e354835882466
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
db03b8121b95367bd11ddd8c1b0eec20169e298146772e7d9472a0686b058c64
db16c802956ddfa6e25b8a89ae9753782b782e363bac1e50c0bde41ad583099e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb