urlscan.io logo urlscan.io
SecurityTrails logo

account.eftours.com Open in urlscan Pro
104.18.111.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://account.eftours.com/
Effective URL: https://account.eftours.com/
Submission: On August 20 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 104.18.111.202, located in and belongs to CLOUDFLARENET, US. The main domain is account.eftours.com.
TLS certificate: Issued by WE1 on August 8th 2024. Valid for: 3 months.
This is the only time account.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 104.18.111.202 13335 (CLOUDFLAR...)
2 142.250.65.232 15169 (GOOGLE)
1 108.138.106.49 16509 (AMAZON-02)
3 142.251.40.238 15169 (GOOGLE)
1 18.238.55.7 16509 (AMAZON-02)
1 18.164.96.77 16509 (AMAZON-02)
2 18.238.55.115 16509 (AMAZON-02)
25 7
16    104.18.111.202 (None, )

ASN13335 (CLOUDFLARENET, US)
account.eftours.com
2    142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net
www.googletagmanager.com
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
3    142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net
www.google-analytics.com
1    18.238.55.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-7.jfk52.r.cloudfront.net
js.driftt.com
1    18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com
2    18.238.55.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-115.jfk52.r.cloudfront.net
js.driftt.com
Apex Domain
Subdomains		 Transfer
16 eftours.com
account.eftours.com
422 KB
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 17606
62 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
180 KB
25 5
Domain Requested by
16 account.eftours.com 1 redirects account.eftours.com
3 js.driftt.com account.eftours.com
js.driftt.com
3 www.google-analytics.com www.googletagmanager.com
account.eftours.com
2 www.googletagmanager.com account.eftours.com
www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
25 6

This site contains links to these domains. Also see Links.

Domain
www.eftours.com
Subject Issuer Validity Valid
eftours.com
WE1		 2024-08-08 -
2024-11-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
drift.com
Amazon RSA 2048 M03		 2024-07-30 -
2025-08-27		 a year crt.sh

This page contains 4 frames:

Primary Page: https://account.eftours.com/
Frame ID: DDC7A0345CE4BA19CAE2B9754F9CDC37
Requests: 21 HTTP requests in this frame

Frame: https://account.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: D5D763A7F690D47569D8A9417E37D796
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=84706e07-7b86-4485-b726-4823aef99280&sessionStarted=1724118806.981&campaignRefreshToken=2dd57631-a1f5-48ac-801c-0dbf0b66ab68&hideController=false&pageLoadStartTime=1724118805982&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Faccount.eftours.com%2Fnot-found
Frame ID: C2D7504406DAD9AF4A806C483570007A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1724118805982
Frame ID: C541836BE61531329713F60A55BD2987
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found | EF Educational Tours

Page URL History Show full URLs

  1. http://account.eftours.com/ HTTP 307
    https://account.eftours.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

746 kB
Transfer

2257 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account.eftours.com/ HTTP 307
    https://account.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://account.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://account.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.eftours.com/
Redirect Chain
  • http://account.eftours.com/
  • https://account.eftours.com/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b470985f9f3a49d0fed1713ce4ccee7ea0ce79b1febc753584f52821e5f43aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b5ebfe84b2b54cd-YYZ
content-encoding
gzip
content-type
text/html
date
Tue, 20 Aug 2024 01:53:25 GMT
last-modified
Thu, 15 Aug 2024 15:39:58 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 80099f722d5f0e6d460a829113039b82.cloudfront.net (CloudFront)
x-amz-cf-id
8kH8NmGG18aJxLdJS44Ua-mHrIFSm-E431fGSuxyZQsxmdl6X9sYkQ==
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

Location
https://account.eftours.com/
Non-Authoritative-Reason
HttpsUpgrades
index.css
account.eftours.com/ 		198 B
354 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/index.css
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e644239da2d9f4fc9ef2a80872da0aada1fbdabe739f26f76bfa25e3b0fbd55b

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 4208b3c43704306e2eddbba95ee93dc4.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:39:58 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
2806
x-amz-server-side-encryption
AES256
etag
W/"e57e4736dbf1c96750de250c8950940f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cf-ray
8b5ebfe9cbf054cd-YYZ
x-amz-cf-id
XclagXTAuoAFpmfv8-94s9dLViKvgH5adOOZecfbW7fjkREFAtLK-g==
13.bc7bcf1f.chunk.css
account.eftours.com/static/css/ 		195 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b14261a54d6e8688312e5a636f74cb755766f80c0e54b756d9533d68a58e2b0d

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:39:58 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
etag
W/"a57f946b3b464f0ebe49ebf3accb388b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cf-ray
8b5ebfe9cbf154cd-YYZ
x-amz-cf-id
5VJPjx6d0hxIceuas6T3RmX9bXPFU0szuJ4uYluJYbW9TucrKu0PQw==
main.054f7fb0.chunk.css
account.eftours.com/static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/css/main.054f7fb0.chunk.css
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d6ae581ca41ca4d0245d99f8fb7380bc77d3c04bafa4b3727c835a5328d061

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 0dbb84b34f6ac39ad26a6446ff2b18ec.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:39:59 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
etag
W/"944b1501f1135d0f4c32c63d4ce3bf58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cf-ray
8b5ebfe9cbf254cd-YYZ
x-amz-cf-id
2ZDCL7yNspuSyiMRFu4TO6av6U75a7yXoLXIDyWConii2On9q2R6bA==
13.d90a7a50.chunk.js
account.eftours.com/static/js/ 		847 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/js/13.d90a7a50.chunk.js
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9ce3d493f50f1a5cec445ac6199adc9e0730ade9cdba205a3c495efed6ac53

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:39:59 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
3241
x-amz-server-side-encryption
AES256
etag
W/"62d2bd99094cac2d0784076fb4897d7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cf-ray
8b5ebfe9cbf354cd-YYZ
x-amz-cf-id
dn1ubHlv0oNRV74CbfOnLs_L1BnKm_HqtdEjDTnbClcE8b7orMOXQw==
main.618da1a6.chunk.js
account.eftours.com/static/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/js/main.618da1a6.chunk.js
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eaa4bfb90a57d3d57a5142cdf472c32a39a318f31ab9f929ba3208ee63b3e8

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 80099f722d5f0e6d460a829113039b82.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:40:01 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
etag
W/"458a2a6a434eafe51c50f5d4e626653d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cf-ray
8b5ebfe9cbf454cd-YYZ
x-amz-cf-id
gE6KGn0DV_x11FPI4QS3Mj8YGYKEieNxm2-v3JFA1wCq7Lrt5oW4JA==
gtm.js
www.googletagmanager.com/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBLBJMB
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8e9bfa947ba57c9362b0432e235b1ef652b4507341a7b1a15fd9b04accb62ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86945
x-xss-protection
0
last-modified
Tue, 20 Aug 2024 00:18:59 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Aug 2024 01:53:26 GMT
52.21d8c33a.chunk.js
account.eftours.com/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/js/52.21d8c33a.chunk.js
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4a2247776db7082b564584704838f8d3f7e937b8fc20a0aa6c6c1b617c2306

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 80099f722d5f0e6d460a829113039b82.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:40:01 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
etag
W/"19d43b2d8cfc7b30b6bd74a6ba00a220"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cf-ray
8b5ebfeb2cc854cd-YYZ
x-amz-cf-id
HCwXzeJKVoObJYb3V2kdiXstFUeN_BIXgPvcT4yUtU-poWhs-MCeNQ==
49.e8750cfb.chunk.css
account.eftours.com/static/css/ 		94 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/css/49.e8750cfb.chunk.css
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325def4f258751e2333891707c0b7bd60403cea9e86bc0fd7c6f1cee954ec48

Request headers

Referer
https://account.eftours.com/not-found
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 80099f722d5f0e6d460a829113039b82.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:39:59 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
etag
W/"a0a3dae2c27566ae54a2cdfe710a9bab"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/css
cf-ray
8b5ebfeb6cfa54cd-YYZ
x-amz-cf-id
nVOlcAKWECPH8iPqM2CuZrnvEClAtr8lcTrEo0cD4l_fSFCeWF-pKA==
49.25fd5341.chunk.js
account.eftours.com/static/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/js/49.25fd5341.chunk.js
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54e5a2748b81fffd9c02316f9a37ef3134d1dc0ebb526876d8ed0d04f760a8b

Request headers

Referer
https://account.eftours.com/not-found
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
gzip
via
1.1 4208b3c43704306e2eddbba95ee93dc4.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Aug 2024 15:40:01 GMT
server
cloudflare
x-amz-cf-pop
YUL62-C1
etag
W/"0bbba2e7b27e8c06cd5d2f3eacc7a331"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
cf-ray
8b5ebfeb6cfb54cd-YYZ
x-amz-cf-id
Uz9KBpLxj6oPmhVoxhmaxNbcJ6Y2KlrqDFxp5B-IsqShFJ_KHWChlA==
main.js
account.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame D5D7
Redirect Chain
  • https://account.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://account.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/not-found
Protocol
H2
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b0db1d90a395b1401b8f3c80b45fdb9032c464d5cc368c13becb5f411815c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
8b5ebfebbd2a54cd-YYZ
content-type
application/javascript; charset=UTF-8

Redirect headers

location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin
*
date
Tue, 20 Aug 2024 01:53:26 GMT
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
server
cloudflare
cf-ray
8b5ebfeb8d0954cd-YYZ
content-length
0
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2LLF617W2Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBLBJMB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4fbe93a2d2db0128b398f1a52dff12a18ef9f04f8e7ee788b7c12c9de3ea1a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97191
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Aug 2024 01:53:26 GMT
hotjar-770610.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-770610.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBLBJMB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
0e4b771b9ab8172072c3dd9fa20feca09e419d1e0d93d6358d3f266633dcb532
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/98ea89d1f8530cf2944c4914820a3ebf
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wsMpxw1zCe6GQc3qSmwBVRrAcYmkMilP_ZuiD-FEkESsNwLycAwFHg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBLBJMB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Aug 2024 01:43:35 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 20 Aug 2024 03:43:35 GMT
5by59bm3fdyy.js
js.driftt.com/include/1724118900000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1724118900000/5by59bm3fdyy.js
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-7.jfk52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
1214b0e9f6143ff493ef58dce43cf21f1eea4ba446766ec2b69121ae3c06381a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
_rsYXhWy5V.MDE6jlvJf64WE.MahYFW4
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 8dd00afc2ba3c7b003b4e6d6e0ffeae4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Mon, 12 Aug 2024 18:56:47 GMT
server
istio-envoy
etag
W/"d24f65012926bd8ab44b51a8b6783a71"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9XeuPJFm9yNU1LDRju-ZswrX2GxFiAcEAw9ciJ4oV7joEZzGYqaxdQ==
8b5ebfe84b2b54cd
account.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D5D7 		0
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b5ebfe84b2b54cd
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
server
cloudflare
cf-ray
8b5ebfeccdc854cd-YYZ
content-length
0
content-type
text/plain; charset=UTF-8
LatinSubset-EFCircularWeb-Bold.34798289.woff2
account.eftours.com/static/media/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/media/LatinSubset-EFCircularWeb-Bold.34798289.woff2
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff493b367c2bab0724344ba20122db9a85c2f085842e48cfdd9993e2008ecae5

Request headers

Referer
https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Origin
https://account.eftours.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 0dbb84b34f6ac39ad26a6446ff2b18ec.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
YUL62-C1
age
3067
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37160
last-modified
Thu, 15 Aug 2024 15:40:02 GMT
server
cloudflare
etag
"8999735e4f9fa568677fab45cccb134d"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
8b5ebfed4e0554cd-YYZ
x-amz-cf-id
xsOGo65bSOY-PGpfb7beZLX4CG_6JYodXxul2UkyBMRardECU6e4hA==
LatinSubset-EFCircularWeb-Book.996de951.woff2
account.eftours.com/static/media/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/media/LatinSubset-EFCircularWeb-Book.996de951.woff2
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55936aa90e0abacbd254236786f776212ffb9145e4594eac613426f5c995eb0e

Request headers

Referer
https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Origin
https://account.eftours.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
34536
last-modified
Thu, 15 Aug 2024 15:40:02 GMT
server
cloudflare
etag
"11bee107d154cad7ad705e043339c5ca"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
8b5ebfed4e0854cd-YYZ
x-amz-cf-id
ePIIaIri64eM5nB_rWN3KddxbxrO58vkrCY0jg-atGVbzpSxItsZew==
LatinSubset-EFCircularWeb-BookItalic.3405b6e2.woff2
account.eftours.com/static/media/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/static/media/LatinSubset-EFCircularWeb-BookItalic.3405b6e2.woff2
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3433a72180f4a419db8d0b101a23b2fb4d87d7b9743e452abd24dfa45d4d7069

Request headers

Referer
https://account.eftours.com/static/css/13.bc7bcf1f.chunk.css
Origin
https://account.eftours.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:26 GMT
via
1.1 c895b3711944bd74895c678884a6e914.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
YUL62-C1
age
2068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
34744
last-modified
Thu, 15 Aug 2024 15:40:02 GMT
server
cloudflare
etag
"0fdfd948f10cfe52da51f1fd2bae5970"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
cf-ray
8b5ebfed4e0a54cd-YYZ
x-amz-cf-id
EQgb5VFdOynhYP-6vHe2te8kPcMguaO7ZH3jUqes0_Zm-qP75ay9UA==
collect
www.google-analytics.com/j/ 		3 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=875109660&t=pageview&_s=1&dl=https%3A%2F%2Faccount.eftours.com%2Fnot-found&ul=en-ca&de=UTF-8&dt=Page%20Not%20Found%20%7C%20EF%20Educational%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=295702238&gjid=1034565168&cid=1884696414.1724118807&tid=UA-4293088-18&_gid=1248485486.1724118807&_r=1&_slc=1&gtm=45He48e0n81KBLBJMBv844307718za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=60740733
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/static/js/13.d90a7a50.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 01:53:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2LLF617W2Y&gtm=45je48e0v878878558z8844307718za200zb844307718&_p=1724118806039&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1884696414.1724118807&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Faccount.eftours.com%2Fnot-found&sid=1724118806&sct=1&seg=0&dt=Page%20Not%20Found%20%7C%20EF%20Educational%20Tours&en=page_view&_fv=1&_ss=1&tfd=1298
Requested by
Host: account.eftours.com
URL: https://account.eftours.com/static/js/13.d90a7a50.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Aug 2024 01:53:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.eftours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-770610.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-77.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://account.eftours.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
1769420
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VDr1IUAMz8ttazcfaI_1MvbpptQKQaqzHGoYDBs-uO4l1btp2pWz7A==
core
js.driftt.com/ Frame C2D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=5by59bm3fdyy&eId=5by59bm3fdyy&region=US&forceShow=false&skipCampaigns=false&sessionId=84706e07-7b86-4485-b726-4823aef99280&sessionStarted=1724118806.981&campaignRefreshToken=2dd57631-a1f5-48ac-801c-0dbf0b66ab68&hideController=false&pageLoadStartTime=1724118805982&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Faccount.eftours.com%2Fnot-found
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1724118900000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-115.jfk52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 01:53:27 GMT
etag
W/"a6c942372b6ad65183eb7d61d0e00d06"
last-modified
Mon, 12 Aug 2024 18:56:30 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 694f0c51ec6e4c7f413de59a8f819960.cloudfront.net (CloudFront)
x-amz-cf-id
AwcUBf42ainH-AVGhYJWwch3srYyL5TW1RI6OK55VcQgR9GKAp7Tpw==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
8b5HU1BeFbivKliw4y4KoQ27Uxx_zvMd
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
21
chat
js.driftt.com/core/ Frame C541 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1724118805982
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1724118900000/5by59bm3fdyy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-115.jfk52.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.eftours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 01:53:27 GMT
etag
W/"a6c942372b6ad65183eb7d61d0e00d06"
last-modified
Mon, 12 Aug 2024 18:56:30 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 694f0c51ec6e4c7f413de59a8f819960.cloudfront.net (CloudFront)
x-amz-cf-id
ihOlTzo45qQSi_ZDnpOwwKfQgT0636BvNp-IUggncaDRYopxQepTWg==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
8b5HU1BeFbivKliw4y4KoQ27Uxx_zvMd
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
25
favicon.png
account.eftours.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.eftours.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a

Request headers

Referer
https://account.eftours.com/not-found
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:53:27 GMT
via
1.1 80099f722d5f0e6d460a829113039b82.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
YUL62-C1
age
2069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4172
last-modified
Thu, 15 Aug 2024 15:39:58 GMT
server
cloudflare
etag
"c6bdb5cc9a83d911829963215bc0df2f"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
8b5ebff59ae854cd-YYZ
x-amz-cf-id
EJHpohfocgYn6eSfqezDJc3NHTREqR8MciFGhsLpyj8Do6yBVaRYpg==

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| webpackJsonptraveler-experience object| regeneratorRuntime function| setImmediate function| clearImmediate number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| drift object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| drift_audio_context object| drift_sentry_config

12 Cookies

Domain/Path Name / Value
.eftours.com/ Name: __cf_bm
Value: 1SlRxSvlnHmRKGPiCxBH8oymHIoovEFIFjWjhnlIVbo-1724118805-1.0.1.1-KFZ8PDanrfMwZlOxRkoWqJaiPnAVlB533S0vV4VZa6QVEBRYO4N2FsKdP35ippidBkAeuPp5pkz9QVE_2f9FunN9B9MCXxwV7z5Si9JOEGs
.eftours.com/ Name: _cfuvid
Value: 8_lkS2hk0NjRiVYWo_56Zky0zYT5pb9SbLdJLz2TRmY-1724118805967-0.0.1.1-604800000
.eftours.com/ Name: cf_clearance
Value: 8ySwY8T8p7CuNa2nU0JWgRKuMtmdiParzQkDhQmXLM0-1724118806-1.2.1.1-7tY.LX88RUpyFQckJvdHyOnjsPFIxGocYcT6v5Fnct509AWeA33J62wzPoKRYmRBXvvoBExgoragTmY6rPDNo16v88jQWqg6JzlJH8CwibSxcS2VeUPiebWAzfU5mI1R0MJukuKGhIaUsKhzTsUcGfzr3HaAxB_9kT2SnJnPePX.lkQq.MLzdd6F5Uv8BcWnhmSUnNPZmMfvaAihWOtUKVeG1RcjIRQlH9eTbIZVtiVZacwudu0DMuTNkdbcdAXJS5Ta4zJwhNAaMWwrisR5RHSQ819KkQjtPqrO0JRHlm6NLgHW1p3HwxhuzSfnRbvG1S8M7z.x6Nkb55k9Kyfx0c0WZ5qhy55D24.vP98VuuaTP5zNg7XWpY7burjhGYDO
.eftours.com/ Name: _gid
Value: GA1.2.1248485486.1724118807
.eftours.com/ Name: _gat_UA-4293088-18
Value: 1
.eftours.com/ Name: _ga
Value: GA1.1.1884696414.1724118807
.eftours.com/ Name: _ga_2LLF617W2Y
Value: GS1.1.1724118806.1.0.1724118806.0.0.0
.eftours.com/ Name: _hjSessionUser_770610
Value: eyJpZCI6IjBiMzkxMzg2LWEzMTktNWFhOC1iOTUxLTZlOTI4MjllOTY3NCIsImNyZWF0ZWQiOjE3MjQxMTg4MDY5NjMsImV4aXN0aW5nIjpmYWxzZX0=
.eftours.com/ Name: _hjSession_770610
Value: eyJpZCI6IjNmYzBiZDIzLTU2MGUtNDUyNy04YWQ4LWVlOGM2OTc2YmIzMiIsImMiOjE3MjQxMTg4MDY5NjUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
account.eftours.com/ Name: drift_campaign_refresh
Value: 2dd57631-a1f5-48ac-801c-0dbf0b66ab68
account.eftours.com/ Name: drift_aid
Value: a972115f-eee5-4be3-8fd4-1db8d8d2082d
account.eftours.com/ Name: driftt_aid
Value: a972115f-eee5-4be3-8fd4-1db8d8d2082d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.eftours.com
js.driftt.com
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
104.18.111.202
108.138.106.49
142.250.65.232
142.251.40.238
18.164.96.77
18.238.55.115
18.238.55.7
0325def4f258751e2333891707c0b7bd60403cea9e86bc0fd7c6f1cee954ec48
0e4b771b9ab8172072c3dd9fa20feca09e419d1e0d93d6358d3f266633dcb532
1214b0e9f6143ff493ef58dce43cf21f1eea4ba446766ec2b69121ae3c06381a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3433a72180f4a419db8d0b101a23b2fb4d87d7b9743e452abd24dfa45d4d7069
4fbe93a2d2db0128b398f1a52dff12a18ef9f04f8e7ee788b7c12c9de3ea1a3a
55936aa90e0abacbd254236786f776212ffb9145e4594eac613426f5c995eb0e
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
89d6ae581ca41ca4d0245d99f8fb7380bc77d3c04bafa4b3727c835a5328d061
8e9bfa947ba57c9362b0432e235b1ef652b4507341a7b1a15fd9b04accb62ba7
93eaa4bfb90a57d3d57a5142cdf472c32a39a318f31ab9f929ba3208ee63b3e8
9b470985f9f3a49d0fed1713ce4ccee7ea0ce79b1febc753584f52821e5f43aa
b14261a54d6e8688312e5a636f74cb755766f80c0e54b756d9533d68a58e2b0d
c54e5a2748b81fffd9c02316f9a37ef3134d1dc0ebb526876d8ed0d04f760a8b
c8b0db1d90a395b1401b8f3c80b45fdb9032c464d5cc368c13becb5f411815c1
db4a2247776db7082b564584704838f8d3f7e937b8fc20a0aa6c6c1b617c2306
dd9ce3d493f50f1a5cec445ac6199adc9e0730ade9cdba205a3c495efed6ac53
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e644239da2d9f4fc9ef2a80872da0aada1fbdabe739f26f76bfa25e3b0fbd55b
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a
ff493b367c2bab0724344ba20122db9a85c2f085842e48cfdd9993e2008ecae5