www.eftours.com Open in urlscan Pro
104.16.0.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eftours.com/
Effective URL:
https://www.eftours.com/
Submission: On June 07 via manual (June 7th 2024, 3:40:28 am UTC) from CA — Scanned from CA

Summary HTTP 86 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 18 domains to perform 86 HTTP transactions. The main IP is 104.16.0.167, located in and belongs to CLOUDFLARENET, US. The main domain is www.eftours.com. The Cisco Umbrella rank of the primary domain is 320310.
TLS certificate: Issued by GTS CA 1P5 on April 12th 2024. Valid for: 3 months.

This is the only time www.eftours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	104.16.0.167 104.16.0.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.197.97 172.217.197.97	15169 (GOOGLE) (GOOGLE)
1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	3.162.125.82 3.162.125.82	16509 (AMAZON-02) (AMAZON-02)
12	172.67.73.236 172.67.73.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.160.41.112 18.160.41.112	16509 (AMAZON-02) (AMAZON-02)
8	23.220.136.202 23.220.136.202	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.212.248.8 23.212.248.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.39.174.203 23.39.174.203	16625 (AKAMAI-AS) (AKAMAI-AS)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
3	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
1	3.162.125.42 3.162.125.42	16509 (AMAZON-02) (AMAZON-02)
1	18.160.18.39 18.160.18.39	16509 (AMAZON-02) (AMAZON-02)
1	23.44.210.81 23.44.210.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.160.18.96 18.160.18.96	16509 (AMAZON-02) (AMAZON-02)
6	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
2 2	74.125.192.157 74.125.192.157	15169 (GOOGLE) (GOOGLE)
1	18.160.46.82 18.160.46.82	16509 (AMAZON-02) (AMAZON-02)
2	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
86	21

31 104.16.0.167 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.eftours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.197.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.125.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-82.iad61.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.73.236 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.220.136.202 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-136-202.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.212.248.8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-8.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.174.203 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-174-203.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.125.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-42.iad61.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-39.iad12.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.210.81 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-210-81.deploy.static.akamaitechnologies.com

a24099230963.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-96.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.192.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qn-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-82.iad55.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	eftours.com 1 redirects www.eftours.com — Cisco Umbrella Rank: 320310 media.eftours.com — Cisco Umbrella Rank: 339436	18 MB
12	lytics.io c.lytics.io — Cisco Umbrella Rank: 13185	53 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	5 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 921	4 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	146 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 834 a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 243883 logx.optimizely.com — Cisco Umbrella Rank: 1666	88 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	1 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 175	325 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	324 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	73 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1100	22 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5902	7 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3438	233 B
1	driftt.com js.driftt.com — Cisco Umbrella Rank: 7191	62 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9204	63 B
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 6366	134 KB
86	18

	Domain	Requested by
25	media.eftours.com	www.eftours.com media.eftours.com
12	c.lytics.io	www.eftours.com c.lytics.io
6	www.facebook.com	www.eftours.com
6	ct.pinterest.com	s.pinimg.com analytics.tiktok.com
6	analytics.tiktok.com	www.eftours.com analytics.tiktok.com
6	www.eftours.com	1 redirects www.eftours.com
3	analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.eftours.com
3	www.googletagmanager.com	www.eftours.com www.googletagmanager.com
2	logx.optimizely.com	analytics.tiktok.com
2	cm.g.doubleclick.net	2 redirects
2	connect.facebook.net	www.eftours.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	widget.trustpilot.com	www.googletagmanager.com widget.trustpilot.com
1	vc.hotjar.io	analytics.tiktok.com
1	js.driftt.com	www.eftours.com
1	a24099230963.cdn.optimizely.com	cdn.optimizely.com
1	script.hotjar.com	static.hotjar.com
1	www.google.ca	www.eftours.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.optimizely.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fast.wistia.com	www.eftours.com
86	23

This site contains links to these domains. Also see Links.

Domain
blog.eftours.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
careers.ef.com
www.efexploreamerica.com
www.efstudyabroad.com
www.eftours.ca
www.efultimatebreak.com
www.goaheadtours.com
efgapyear.com
www.ef.edu

Subject Issuer	Validity	Valid
eftours.com GTS CA 1P5	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
lytics.io E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
logx.optimizely.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-11-10`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.eftours.com/
Frame ID: 0473DF8A753F7F1EC482C4F8CFC69D8C
Requests: 81 HTTP requests in this frame

Frame: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
Frame ID: ED193D30105FAEF120B1A3E6E3FA0650
Requests: 2 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b
Frame ID: CC1420056ED12DF2AF52C1D7D6A925FF
Requests: 1 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: EACCE84ABA80E96217C9B6B1D85F88F8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 7798D36EE068111C59F1DDCCA4045A02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Student travel programs | Educational tours for students | EF Tours

Page URL History Show full URLs

http://www.eftours.com/ HTTP 307
https://www.eftours.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

21
IPs

2
Countries

19134 kB
Transfer

22402 kB
Size

33
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.eftours.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/ef-one-on-one/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/experience-the-culture-of-japan-with-a-tour-director/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/summit-student-video/

Search URL Search Domain Scan URL

URL: https://blog.eftours.com/article/5-questions-with-carlos-on-the-best-guided-tours-of-spain/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/eftours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eftours

Search URL Search Domain Scan URL

URL: http://www.twitter.com/eftours

Search URL Search Domain Scan URL

URL: http://www.youtube.com/efeducationaltours

Search URL Search Domain Scan URL

URL: https://careers.ef.com/
Title: View Opportunities

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://www.eftours.ca/
Title: EF Educational Tours Canada

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: http://www.goaheadtours.com/
Title: EF Go Ahead Tours

Search URL Search Domain Scan URL

URL: https://efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.ef.edu/

Search URL Search Domain Scan URL

URL: http://careers.ef.com/
Title: Careers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eftours.com/ HTTP 307
https://www.eftours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=YTZlMzA4YzEtYzZlYi00NGI1LTk4ZjQtYzA4OGI2OTVmZGQz HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=lytics&google_hm=YTZlMzA4YzEtYzZlYi00NGI1LTk4ZjQtYzA4OGI2OTVmZGQz&google_tc= HTTP 302
https://c.lytics.io/c/provider/google?google_gid=CAESEJiq8TjKJ4vluvke8S9ZxqY&google_cver=1

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eftours.com/
Redirect Chain

http://www.eftours.com/
https://www.eftours.com/

61 KB
15 KB

381ms
329ms

Document
text/html

104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937c31448fbbe49d66eef6520e203d60c37bc5a92d620b0f89c2c35c8ea59f89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

apigw-requestid: Y-kdph7ciYcEPPg=
cache-control: private, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 88fd9ebfead9aaa1-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 03:40:20 GMT
expires: -1
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: all
x-ua-compatible: IE=edge

Redirect headers

Location: https://www.eftours.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn
media.eftours.com/bundles/css/ 568 KB
128 KB 160ms
153ms Stylesheet
text/css 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/css/baseXbJcO3wurSx13E6K-IhezAKYyEArZzuDE9q8Lz0fSJM1cdn

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 06 Jun 2025 11:01:12 GMT
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 11:01:12 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=2532001
cf-ray: 88fd9ec21c23aaa1-YYZ
x-ua-compatible: IE=edge

GET
H2 200 modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01 Show response
media.eftours.com/bundles/ 11 KB
6 KB 130ms
123ms Script
text/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/modernizrPBOPOZbLdh8uS3XbkDEj04fGnorarwvAXYmZDmFP3g01

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 06 Jun 2025 10:09:20 GMT
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 10:09:20 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2528973
cf-ray: 88fd9ec21c26aaa1-YYZ
content-length: 5776
x-ua-compatible: IE=edge

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 425 KB
123 KB 178ms
65ms Script
application/javascript 172.217.197.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c1a7bea21f8b7d89f158002dbc3372e8835647d35b6df0fa1987c1473519fde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125135
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 03:40:20 GMT

GET
H2 200 ET_Desktop_Stage_864.jpg
www.eftours.com/~/media/Images/ETUS/test/ 60 KB
60 KB 265ms
265ms Image
image/jpeg 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eftours.com/~/media/Images/ETUS/test/ET_Desktop_Stage_864.jpg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: MISS
content-disposition: inline; filename="ET_Desktop_Stage_864.jpg"
content-length: 61270
apigw-requestid: Y-kdthxtCYcEMdw=
x-ua-compatible: IE=edge
last-modified: Wed, 30 Mar 2022 15:07:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: all
cf-ray: 88fd9ec23c45aaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 popular_collection_paris.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 84 KB
85 KB 39ms
38ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/popular_collection_paris.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:43 GMT
server: cloudflare
age: 28656
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Popular_Collection_Paris.webp"
accept-ranges: bytes
cf-ray: 88fd9ec23c48aaa1-YYZ
content-length: 86480
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 stem_homepage-1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 59 KB
60 KB 39ms
38ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/stem_homepage-1.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Mar 2022 19:50:04 GMT
server: cloudflare
age: 550815
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="stem_homepage-1.webp"
accept-ranges: bytes
cf-ray: 88fd9ec2bcaaaaa1-YYZ
content-length: 60840
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 new%20tours%20webp.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 51 KB
51 KB 39ms
38ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/new%20tours%20webp.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:41 GMT
server: cloudflare
age: 661573
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="New Tours webp.webp"
accept-ranges: bytes
cf-ray: 88fd9ec30ce9aaa1-YYZ
content-length: 52236
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 responsible_travel_hp_card.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 48 KB
48 KB 37ms
37ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/responsible_travel_hp_card.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 16:57:52 GMT
server: cloudflare
age: 2285954
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Responsible_Travel_HP_card.webp"
accept-ranges: bytes
cf-ray: 88fd9ec34d21aaa1-YYZ
content-length: 49404
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 important_2.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 43 KB
43 KB 40ms
37ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/important_2.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:41 GMT
server: cloudflare
age: 2285954
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="Important_2.webp"
accept-ranges: bytes
cf-ray: 88fd9ec44dd2aaa1-YYZ
content-length: 43748
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 seal.svg
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 45 KB
20 KB 42ms
40ms Image
image/svg+xml 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/seal.svg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Aug 2020 21:35:13 GMT
server: cloudflare
age: 2285954
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-disposition: inline; filename="Seal.svg"
cf-ray: 88fd9ec44dd3aaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 et-homepg-blogslice-1on1.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/ 39 KB
39 KB 36ms
34ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/blog/et-homepg-blogslice-1on1.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 17:40:31 GMT
server: cloudflare
age: 211125
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-1on1.webp"
accept-ranges: bytes
cf-ray: 88fd9ec44dd4aaa1-YYZ
content-length: 39942
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 clock.svg
media.eftours.com/~/media/images/etus/collections/popular-tours/ 624 B
438 B 43ms
41ms Image
image/svg+xml 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/collections/popular-tours/clock.svg?la=en

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Jun 2022 18:18:12 GMT
server: cloudflare
age: 576711
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
content-disposition: inline; filename="Clock.svg"
cf-ray: 88fd9ec44dd5aaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 ET-HomePg-BlogSlice-Tokyo.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 4 KB
4 KB 38ms
37ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Tokyo.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 17:45:30 GMT
server: cloudflare
age: 1441144
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Tokyo.webp"
accept-ranges: bytes
cf-ray: 88fd9ec46de4aaa1-YYZ
content-length: 3628
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 ET-HomePg-BlogSlice-Summit.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 3 KB
4 KB 38ms
37ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Summit.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:25:05 GMT
server: cloudflare
age: 2285954
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Summit.webp"
accept-ranges: bytes
cf-ray: 88fd9ec49e06aaa1-YYZ
content-length: 3478
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 ET-HomePg-BlogSlice-Carlos.webp
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ 2 KB
3 KB 40ms
40ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/blog/ET-HomePg-BlogSlice-Carlos.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:25:06 GMT
server: cloudflare
age: 537206
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET-HomePg-BlogSlice-Carlos.webp"
accept-ranges: bytes
cf-ray: 88fd9ec49e07aaa1-YYZ
content-length: 2400
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 bottom-cta-collage.webp
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 36 KB
37 KB 41ms
41ms Image
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/bottom-cta-collage.webp

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 14:42:36 GMT
server: cloudflare
age: 537206
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=2592000
content-disposition: attachment; filename="bottom-cta-collage.webp"
accept-ranges: bytes
cf-ray: 88fd9ec49e09aaa1-YYZ
content-length: 37290
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 ef-logo-footer_optimized.png
media.eftours.com/~/media/images/etus/archive/ 6 KB
6 KB 35ms
35ms Image
image/png 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/images/etus/archive/ef-logo-footer_optimized.png

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2022 20:40:33 GMT
server: cloudflare
age: 574241
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="EF-logo-footer_optimized.png"
accept-ranges: bytes
cf-ray: 88fd9ec4ae19aaa1-YYZ
content-length: 6326
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 788 KB
134 KB 106ms
19ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ede27073e295f477104984536724ab02563bca058eab4617ec6a50a14878a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 653
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 136589
x-served-by: cache-iad-kcgs7200163-IAD, cache-yyz4534-YYZ
x-browser-version: 125
last-modified: Tue, 04 Jun 2024 15:28:44 GMT
server: AmazonS3
x-timer: S1717731621.617408,VS0,VE0
etag: "72ad055def2287de0331df35349b6f74"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 10e509ff523d73aa8141e3c80b4901b266c62818
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17, 34

GET
H2 200 rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1 Show response
media.eftours.com/bundles/ 6 KB
3 KB 59ms
58ms Script
text/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-fingerprintsZTweyxQozLRZZfBxzcZyAYKxJ27ZANKt3f9uzAChQZg1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 06 Jun 2025 11:01:12 GMT
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 11:01:12 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2532001
cf-ray: 88fd9ec39d4caaa1-YYZ
content-length: 2463
x-ua-compatible: IE=edge

GET
H2 200 requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1 Show response
media.eftours.com/bundles/ 15 KB
8 KB 58ms
58ms Script
text/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 06 Jun 2025 11:14:34 GMT
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 11:14:34 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2532803
cf-ray: 88fd9ec40da6aaa1-YYZ
content-length: 7510
x-ua-compatible: IE=edge

GET
H2 200 rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1 Show response
media.eftours.com/bundles/ 654 B
931 B 60ms
57ms Script
text/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/bundles/rq-appzu5UGG1rQ7GUDC4zDavoX6yvvQLo4ndoss-HHzZrxuQ1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 06 Jun 2025 11:03:42 GMT
date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Jun 2024 11:03:42 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2532150
cf-ray: 88fd9ec44dcfaaa1-YYZ
content-length: 476
x-ua-compatible: IE=edge

GET
H2 200 ET_1700_Frame1.jpg
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 124 KB
125 KB 36ms
36ms Image
image/jpeg 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700_Frame1.jpg

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
age: 2271681
content-disposition: inline; filename="ET_1700_Frame1.jpg"
content-length: 127330
x-ua-compatible: IE=edge
cf-bgj: h2pri
last-modified: Wed, 18 May 2022 17:38:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 88fd9ec48dfbaaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 206 ET_1700.webm
media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ 7 MB
7 MB 33ms
33ms Media
application/octet-stream 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/~/media/Images/ETUS/homepage/homepage-redesign/new-video-stage-test/ET_1700.webm

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.eftours.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Wed, 18 May 2022 17:38:29 GMT
server: cloudflare
age: 141756
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
Content-Range: bytes 0-7624351/7624352
cache-control: public, max-age=2592000
content-disposition: attachment; filename="ET_1700.webm"
cf-ray: 88fd9ec4ae1daaa1-YYZ
Content-Length: 7624352
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 _e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2
www.eftours.com/Content/fonts/hemingway/ 23 KB
23 KB 41ms
40ms Font
application/font-woff2 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/Content/fonts/hemingway/_e____fg_b_ac_q6___w_oqs_n___zq_lzn___3ss___.hemingway-webfont.woff2

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Origin: https://www.eftours.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
age: 126031
content-length: 23756
apigw-requestid: Y5wxcgh8CYcEPfg=
x-ua-compatible: IE=edge
last-modified: Thu, 25 Apr 2024 17:50:58 GMT
server: cloudflare
etag: "0adcb203997da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: all
cf-ray: 88fd9ec48dffaaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 206 ET-People-556px-2023-v2.mp4
media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ 10 MB
10 MB 180ms
180ms Media
video/mp4 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/~/media/images/etus/homepage/homepage-redesign/ET-People-556px-2023-v2.mp4

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.eftours.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:20 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 20:31:36 GMT
server: cloudflare
age: 219343
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-10078971/10078972
cache-control: public, max-age=2592000
content-disposition: inline; filename="ET-People-556px-2023-v2.mp4"
cf-ray: 88fd9ec4ce2eaaa1-YYZ
Content-Length: 10078972
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 bootstrap.25043c26.js Show response
media.eftours.com/content/js-build/ 36 KB
15 KB 262ms
261ms Script
application/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/bootstrap.25043c26.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 548581
content-length: 14899
x-ua-compatible: IE=edge
last-modified: Thu, 25 Apr 2024 17:51:00 GMT
server: cloudflare
etag: "0dafc213997da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 88fd9ec51e63aaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2

200

main.js Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/ Frame ED19
Redirect Chain

https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

8 KB
4 KB

78ms
77ms

Script
application/javascript

104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eftours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b04eb3b69380e8b660d7fee971585aeb2295a328f0cd3abfb1cdf698e7f2cf5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=3600
cf-ray: 88fd9ec6bf77aaa1-YYZ

Redirect headers

date: Fri, 07 Jun 2024 03:40:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/0143bd9ce132/main.js
cache-control: private, max-age=3600
cf-ray: 88fd9ec52e73aaa1-YYZ
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
101 KB 75ms
74ms Script
application/javascript 172.217.197.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

14c3e4fec9a00378798eae4928b6e3a2a9c97daad06f58d38aabdadc5d3a2902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 03:40:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
101 KB 94ms
93ms Script
application/javascript 172.217.197.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f3da1bd725fc63b91c6a13f686f16b2819299b0cfbd12de5a1021bb4fa9dad75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 03:40:20 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 133ms
39ms Script
application/x-javascript 3.162.125.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-82.iad61.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 07:36:06 GMT
content-encoding: gzip
via: 1.1 7af6fcba5fc7d18afd4c6d456b52e886.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD61-P3
age: 72255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: kxPdIiRQJjux1l7PLDU2BM-rFm2IBKj-DT8DQ_OqLyTIMfMxHPWxKQ==

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/ 67 KB
23 KB 89ms
32ms Script
application/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687
last-modified: Fri, 07 Jun 2024 03:12:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfuFCHxro5Z1fdyVvozIzPlD%2F9PGsBOqCbW%2BD6npx%2Fho2AlL9GTDVKuM5hyM5F6G7IEDO2pcHAoCzIK7BHIINcVOdL4NvFbCXPJgnodfiqg8wrs8V%2BWIuQCeweS5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: f3b9efff0324f55e8cf693af7bdab351
cf-ray: 88fd9ec6ddddaa9a-YYZ

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 171ms
49ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 07 Jun 2024 03:40:20 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7047DAB87844D02A50A488AA0658BF1 Ref B: YTO01EDGE0813 Ref C: 2024-06-07T03:40:21Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 hotjar-157276.js Show response
static.hotjar.com/c/ 9 KB
4 KB 204ms
113ms Script
application/javascript 18.160.41.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-157276.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-112.iad55.r.cloudfront.net

Software

Resource Hash

0ed865db4401e8f2c6e51d61d0c1f09473e9ad2b97a986afe4e101033e9018ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 07 Jun 2024 03:40:21 GMT
via: 1.1 1bc23a6188e36846e1cf72b17d7ac1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/6518e1b9c9dcf6fca4b6febfc905b441
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: YtGL28NU6qk7IvsXeeH5-eNULzf7ha9obRVvAFC1ZNuBwgRFt0b_oQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 158ms
39ms Script
application/javascript 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-136-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1881

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 157ms
68ms Script
application/javascript 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bf7fcc971555f95a1bc67bcdb64c21d46febdb997f62bd3f885ed861644f21c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2f695177.b6302b3f
date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240607034021AE4DAA944FB822D90A94-5919B11CC2D9D9D9-00
x-cache: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 10,23.220.104.8
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=7, inner; dur=4
content-length: 2113
pragma: no-cache
server: nginx
x-tt-logid: 20240607034021AE4DAA944FB822D90A94
x-cache-remote: TCP_MISS from a23-220-107-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.107.209
x-tt-trace-host: 0133e32083078a02b63042477aa5216896141f5fd99884972f77e82f1c7cfc40f7255c2bb7f6f21157c782b2c4f76a538154f6ca64b782001bc5ba1a9a34c7c36e48118e4c5bc674218da5e7f4fc92913519899e8754ae812b22c26260be8ff85316ac5260e04ceb43b5937607039e3c77
expires: Fri, 07 Jun 2024 03:40:21 GMT

GET
H2 200 24439131089.js Show response
cdn.optimizely.com/js/ 284 KB
88 KB 152ms
71ms Script
text/javascript 23.39.174.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/24439131089.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HP4J38

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-203.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: CE_xma4TKhYXMd10oaeyKzZ9OzVCGXve
content-encoding: gzip
date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: W9ZWHJHZ13CB39S4
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 186
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=41, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="23.39.174.203";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1717731620941_389060502_32285657_4037_1415_11_35_146";dur=1
content-length: 88803
x-amz-id-2: 8DpWLmO4ZbLMmGw8ckUvxSOx+WMbJUIt5WKYZ0UQ9zyA1s6L9J3idn7a6XWqCEyBhkq2etE06js=
last-modified: Tue, 02 Apr 2024 21:02:09 GMT
server: AmazonS3
etag: "a4589c74ed12532b2277b5784194be64"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 134ms
54ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 03:40:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: L58gjj2ml8nGhGzuUg44D5UOqLDcc+f19AFb5RXtFlfaDX7kdtNHur6oTqO8XZSvA2xYJkaUW8VXyHov74/EOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery-3.5.0.min.js Show response
media.eftours.com/Content/js/libs/ 105 KB
43 KB 70ms
70ms Script
application/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/Content/js/libs/jquery-3.5.0.min.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 548581
content-length: 43498
x-ua-compatible: IE=edge
last-modified: Thu, 25 Apr 2024 17:51:00 GMT
server: cloudflare
etag: "0dafc213997da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 88fd9ec6df8aaaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:20 GMT

GET
H2 200 nav.f0038006.js Show response
media.eftours.com/content/js-build/core/modules/ 6 KB
2 KB 32ms
31ms Script
application/javascript 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/content/js-build/core/modules/nav.f0038006.js

Requested by

Host: media.eftours.com
URL: https://media.eftours.com/bundles/requirexOaIGErUPbSFhX6ITVmm3wb-yGn0M-3DjeAjg4b5c3g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 576711
content-length: 2210
x-ua-compatible: IE=edge
last-modified: Thu, 25 Apr 2024 17:51:00 GMT
server: cloudflare
etag: "0dafc213997da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 88fd9ec73fcfaaa1-YYZ
expires: Sun, 07 Jul 2024 03:40:21 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 108ms
42ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je4650v877811556z8867853431za200zb867853431&_p=1717731620196&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1086623516.1717731621&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717731621&sct=1&seg=0&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Other%20group&tfd=1348
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 133ms
52ms Ping
text/plain 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9JLH500JCE&cid=1086623516.1717731621&gtm=45je4650v877811556z8867853431za200zb867853431&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 141ms
98ms Image
image/gif 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9JLH500JCE&cid=1086623516.1717731621&gtm=45je4650v877811556z8867853431za200zb867853431&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1340193223

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 88fd9ebfead9aaa1 Show response
www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ED19 0
367 B 54ms
53ms XHR
text/plain 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eftours.com/cdn-cgi/challenge-platform/h/b/jsd/r/88fd9ebfead9aaa1
Requested by: Host: www.eftours.com
URL: https://www.eftours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
cache-control: private, max-age=3600
server: cloudflare
cf-ray: 88fd9ec8b8fdaaa1-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 36ms
35ms Script
application/javascript 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-136-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19942

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame CC14 0
0 109ms
36ms Document
text/html 3.162.125.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c83bdc530a6670001f3f03b

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-42.iad61.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 70120
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Thu, 06 Jun 2024 08:11:42 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Mon, 30 Oct 2023 13:11:24 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 0a2ddb6f9b0df10d973faa154be16dba.cloudfront.net (CloudFront)
x-amz-cf-id: icIJocj8Njego_Cf2goVv0NRi9sFOn5LAec56uRiP5LId_S0x3uSmw==
x-amz-cf-pop: IAD61-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.MTRiM2JhOTViMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 349 KB
102 KB 86ms
83ms Script
application/javascript 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLSN6BC77UCCRP9D4VG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 389c9647c6c700b608453680dd0e7b9977ca3ff76204d290cf54ee1c60d6f0ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b63032af
date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024060516094578AC658C6F79CD2F37E0
x-tt-trace-id: 00-24060516094578AC658C6F79CD2F37E0-11F24C7FDEF24BED-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01dfd0ffba608c3b9c5b3567bd9839e08e40e2c9c7297b57d518bc882ce3cfa8c807048516b812430677b2aceabb8878e115c219003ebe162477bf2aaf87375489ae3f1c41eab1db54ec77774b2f17036b174c41575e8933fb801ca62628a4a44709e1b5ff8bbe9895da8490829b20dd375a6c8f14381bd45010b73d793e96a5b3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 103402

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
589 B 51ms
51ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=-7&_ul=en-CA&_sz=1600x1200&_ts=1717731621256&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1086623516.1717731621&_v=3.0.35&_uid=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&_getid=t

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0gXO1oefQ3U%2FxDthHXNSEIXqBy6kCVCdI4k74l7W1NPP66U%2FSF3%2BJ6lJPtAElCtagvjb9b8%2BiPA8nsGeUd%2BjG3EEQ3rF9%2FO6HnWh919Qnujoy6zMplyTl20QNSr"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 7b692d0db6a7c41e34b697f7cf93dc49
cf-ray: 88fd9ec9cfd0aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 135ms
42ms Script
application/javascript 18.160.18.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-157276.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-39.iad12.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 7a5e7fb63610c502e6d20ae459e78942.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
age: 143834
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZmeDK2-0Kj37oBQ3JhjZg_IGM0h_PIl9_HnCE-gAdSfxFCwnPtjKPw==

GET
H2 200 302935565346434 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 43ms
42ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302935565346434?v=2.9.157&r=stable&domain=www.eftours.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

5e55e9e74807da0c8017e186f1db7e422b240451903357cf12231de87bee56c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 03:40:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=42, mss=1380, tbw=63512, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 4WpIgnboVnwQToi/F08+cgvxGRKFEpB91vYuSLUCjqQ/V3VkKZLTqrvvD7TNNe97cjgDBwH8cy3Z9Jvj19Dfmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a24099230963.html
a24099230963.cdn.optimizely.com/client_storage/ Frame EACC 0
0 127ms
35ms Document
text/html 23.44.210.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/24439131089.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.44.210.81 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-210-81.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1131
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 03:40:21 GMT
etag: "3812d0a308fb28e902173ca7462c7771"
last-modified: Thu, 06 Jun 2024 14:24:05 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=4 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="23.44.210.81";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1717731621551_389060490_26187649_416_1206_11_39_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: A3FLbU1+lPyEaq79OTs+F5bM6rIOyhwI7EEF36+oOivY3+JSIMUkuAMV3ZeeZqb2G/Qy+Qel8ac=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: RD38JQHJ8HVEJSJK
x-amz-server-side-encryption: AES256
x-amz-version-id: JnIK1QyPd6VAfjQ8RUf5.nYe9aMyomLk

GET
H2 200 5by59bm3fdyy.js Show response
js.driftt.com/include/1717731900000/ 221 KB
62 KB 196ms
102ms Script
application/javascript 18.160.18.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1717731900000/5by59bm3fdyy.js

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-96.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vYj2QwoXuDHoMr32TIXJRIEgPcZmsDr0
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 07 Jun 2024 03:40:21 GMT
via: 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Thu, 30 May 2024 18:54:04 GMT
server: istio-envoy
etag: W/"ae4f24426ae40aec8481b3eedc7098e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eIK3BtADpNICgYMsf5CZ1Xhu2TcgUMo1LasIoJaLjmTAPnsz2wsyCQ==

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
324 B 55ms
54ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?gtm.start=1717731620196&event=gtm.js&gtm.uniqueEventId=1&_ts=1717731621406&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1086623516.1717731621&_uid=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&_v=3.0.35

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UrdXcdhAoKCm2Y7934qxnOTJaOrZBmGwPdMzEbyICP7UNqG6ohPu92TXJKuTMDUDyBkhTr2c01x2aDXU60%2FRllzmDCCrjAyRF91RT%2B0p3p8GjN2fNG6OhwOpZqQ"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: b98fa4a0e21bd46ba2bbc43e217254ac
cf-ray: 88fd9eca5824aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
324 B 56ms
55ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?event=gtm.elementVisibility&gtm.elementClasses=TourSearch&gtm.elementId=&gtm.elementTarget=&gtm.triggers=67853431_189&gtm.elementUrl=&gtm.visibleRatio=100&gtm.visibleTime=0&gtm.visibleFirstTime=702&gtm.visibleLastTime=702&gtm.uniqueEventId=36&_ts=1717731621406&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1086623516.1717731621&_uid=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&_v=3.0.35

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3HTUciL9AM3nvheWT%2Bp1wiJPhVMSPBAX613EhihvYWffxEIQEbhkMqqRHTlVF1nzyKzI2LLdDpRjOnSknql0pq9j%2FNaDYydeJsd8PJbgwWPdiyCFUDOxIaHEL7M"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 4fbbf4e91a85db273890ac60e2d6c9e9
cf-ray: 88fd9eca5825aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
325 B 57ms
56ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e360ohP0QRsUUtoLEBPjrm7vnJdKWmKwTbcc3%2BaJpW6uBFGHSGsSBsrC7yu8OjAiZHMKnbpJtdF46JjX%2F82PiSnA5oG4NKQXpwJE05Zp%2FA1mPqPcxou3F9FSU%2BgJ"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: 7131367f3ec2ab50be0fad37afbc88f3
cf-ray: 88fd9eca5826aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 204 13007618.js Show response
bat.bing.com/p/action/ 0
117 B 51ms
51ms Script
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13007618.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 07 Jun 2024 03:40:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5D3278F7B6D4D4CA242A049110079E6 Ref B: YTO01EDGE0813 Ref C: 2024-06-07T03:40:21Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 64ms
63ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13007618&tm=gtm002&Ver=2&mid=1922f09d-3b34-4280-af21-e210223cf346&sid=aab20d60247f11efb8b0d7c5192270f6&vid=aab220c0247f11efa417f506351bf659&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&p=https%3A%2F%2Fwww.eftours.com%2F&r=&lt=882&evt=pageLoad&sv=1&rn=975321

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 03:40:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BA1D7A43795483CB2A81FB9D4F9FC52 Ref B: YTO01EDGE0813 Ref C: 2024-06-07T03:40:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a6e308c1-c6eb-44b5-98f4-c088b695fdd3 Show response
c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/ 287 B
606 B 74ms
73ms Script
application/json 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/425e1a929aeafe7bc5b2d0647603e35a/user/_uid/a6e308c1-c6eb-44b5-98f4-c088b695fdd3?segments=true&stream=ef_et&mergestate=true&state=%7B%22_uid%22%3A%22a6e308c1-c6eb-44b5-98f4-c088b695fdd3%22%2C%22_ga%22%3A%22GA1.1.1086623516.1717731621%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.eftours.com%2F%22%2C%22optimizelyid%22%3A%22oeu1717731621472r0.7827270398415325%22%2C%22_v%22%3A%223.0.35%22%2C%22_uido%22%3A%22a6e308c1-c6eb-44b5-98f4-c088b695fdd3%22%7D&ts=1717731621509&callback=u_680353126455568600

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40880bfa367812281a53188e8902d17719a77433537145904542451fbe8c1faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAmMVJdDRXHhP3%2Fd4q4BCOPRRPtTByrneXBN0oyMwRkWpcERwwrPB%2FrVGpHA0uB8GFB1GRk9cdWmeWVnnQQk9SiZKPCUsi0kqnqLQYcAsYISflyBXReGDr4M37hZ"}],"group":"cf-nel","max_age":604800}
x-lytics-trace: 13ece0b137aba4abf5353b5af16a438b
cf-ray: 88fd9eca682daa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 215

GET
H2 200 ef_et
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
326 B 54ms
54ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ef_et?_e=pv&_sesstart=1&_tz=-7&_ul=en-CA&_sz=1600x1200&_ga=GA1.1.1086623516.1717731621&_ts=1717731621504&_nmob=t&_device=desktop&url=www.eftours.com%2F&_uid=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&optimizelyid=oeu1717731621472r0.7827270398415325&_v=3.0.35&_uido=a6e308c1-c6eb-44b5-98f4-c088b695fdd3

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnJ%2B3OTOFjgdASam4ka7%2BXW1f5PxLiBZsSsV36KB9j9Mfr%2F7iU71ywndzjQtvCVpz1denpnOUpa8r%2BlratOS2oc3HDJg6BKZCzis21NgPHN55QcIv8YW%2FFhZ0vdc"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: a2a70c32c2b961847a9e2b4261b93f8a
cf-ray: 88fd9eca682eaa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
703 B 75ms
49ms XHR
application/json 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1717731621512&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.1968dc17.1717731621.b4c8039
x-envoy-upstream-service-time: 0
content-length: 186
x-pinterest-rid: 1702833799837386
pin-unauth: dWlkPVl6TTJabVZsTmpJdE1XVmxZeTAwT0dVMkxUZ3dOalV0WWpNME9XWmxPR1UxWm1Jdw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
702 B 73ms
48ms XHR
application/json 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%22f2efb8cb-2adf-4c8d-80b4-6b2e4e4b21e4%22%7D&tid=2620473989394&cb=1717731621513&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.1968dc17.1717731621.b4c8038
x-envoy-upstream-service-time: 1
content-length: 186
x-pinterest-rid: 1124922420639210
pin-unauth: dWlkPU9XWXlNREU0TVRJdE5qSXpNQzAwTldKaExUaGhOak10TVRrNVpXSm1ObU5pWVRGaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 71ms
48ms Fetch
image/gif 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2620473989394&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1717731621515

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.1968dc17.1717731621.b4c8037
content-type: image/gif
access-control-allow-origin: https://www.eftours.com
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 8349173160941606
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 114ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621524&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1717731621522.575110584913503458&cs_est=true&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2833, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 03:40:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 151ms
73ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=PageView&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621524&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1717731621522.575110584913503458&cs_est=true&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=FGET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc35d6a6f6e04939a","source_keys":["1","2"]},{"key_piece":"0x2b730784a7e8f52c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 03:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=3151, tp=-1, tpl=-1, uplat=36, ullat=0
pragma: no-cache
x-fb-debug: ib1O0Wmk41aD09VfzwpVg2jyVdsp6HJcSCC0ItY2jJM6uWTfrPuIt5CHn4x8bof2kWSPmmQ6GWoTQ9n9gkaA4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 70ms
69ms Script
application/javascript 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: b63038fe
date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211402444C55A3F82FEDA341E897
x-tt-trace-id: 00-2405211402444C55A3F82FEDA341E897-2F8A96EF3CE9385B-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013c3ce4359508e0a3058d5a38c5c54bccfc4ba392988d41742f52528bf17905cf277d3f270481eb2d5bd11fb3ea6f4fe705368ca58b37e0cafadf97e8797f36cae55a5df7ace9fb8d7efa413a77ad7d6e4c86d8c37a846744cbe5b24787a961e2
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39526

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 106ms
101ms Ping
text/plain 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b630393b
date: Fri, 07 Jun 2024 03:40:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240607034021639FEBAAF907D0DA3D12-328B1BCFDCDB90D3-00
x-cache: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=9, origin; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240607034021639FEBAAF907D0DA3D12
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.8
x-tt-trace-host: 0133e32083078a02b63042477aa52168967c04933e8b338936699b8b451945522407a19b19b8a45271ffd6cf25da90bacb286a65f31efd420bd1bd8a537f249d8109e7079da1e098b051d4222a753a4e6d5665f7bcb745ccab8cb4d7f6063ca7e8
access-control-allow-headers: Authorization,*
expires: Fri, 07 Jun 2024 03:40:21 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 101ms
97ms Ping
text/plain 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b630393c
date: Fri, 07 Jun 2024 03:40:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406070340212A15538C0AE967D831E3-41219593F6771C96-00
x-cache: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=9, origin; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406070340212A15538C0AE967D831E3
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.104.8
x-tt-trace-host: 0133e32083078a02b63042477aa52168967c04933e8b338936699b8b4519455224bfef0763e71bb4b13f047b7190a7efe93d86235fd3f12aed9e2ff4b41fd23cc280b10754495d56177478330445363e6a6019742456c52ac327d141192d3ea34b
access-control-allow-headers: Authorization,*
expires: Fri, 07 Jun 2024 03:40:21 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 39ms
39ms Fetch
image/gif 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%22f2efb8cb-2adf-4c8d-80b4-6b2e4e4b21e4%22%7D&tid=2620473989394&cb=1717731621592&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.eftours.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%2C%22ecm_enabled%22%3Atrue%7D

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.1968dc17.1717731621.b4c80c2
content-type: image/gif
access-control-allow-origin: https://www.eftours.com
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1998755999435004
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

google
c.lytics.io/c/provider/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm&google_nid=lytics&google_hm=YTZlMzA4YzEtYzZlYi00NGI1LTk4ZjQtYzA4OGI2OTVmZGQz
https://cm.g.doubleclick.net/pixel?google_cm=&google_nid=lytics&google_hm=YTZlMzA4YzEtYzZlYi00NGI1LTk4ZjQtYzA4OGI2OTVmZGQz&google_tc=
https://c.lytics.io/c/provider/google?google_gid=CAESEJiq8TjKJ4vluvke8S9ZxqY&google_cver=1

35 B
408 B

53ms
53ms

Image
image/gif

172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/provider/google?google_gid=CAESEJiq8TjKJ4vluvke8S9ZxqY&google_cver=1

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.eftours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
x-error-message: Not found
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljrfXfn7kHZk91Qw9z31%2BBc0EoGeQHDE71x3FtKgVfWpE3GKbVcRGuBo2VTp2%2BzVWyr49kGWWzUAAdu1BHdQaxod4hdv7mA87EwIQMu6afehvyzsXcePEX6QVUzf"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: afa9669b855775e55283be8a502ea299
cf-ray: 88fd9ecc59c1aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c.lytics.io/c/provider/google?google_gid=CAESEJiq8TjKJ4vluvke8S9ZxqY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 157276 Show response
vc.hotjar.io/sessions/ 0
233 B 209ms
109ms XHR
text/plain 18.160.46.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/157276?s=0.25&r=0.19417397859020613
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-82.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 07 Jun 2024 03:40:21 GMT
cache-control: no-store
via: 1.1 94d91ef74fd7aa50877163a89eadc42c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P2
x-amz-cf-id: zujpScNXVKvFRMsIwEJW7PUGbMkN_Gjh0zF2sYYM1I3k1Fo5MYjX9w==
x-cache: Miss from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 44ms
42ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je4650v877811556za200zb867853431&_p=1717731620196&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1086623516.1717731621&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1717731621&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=page_view&_ee=1&_et=142&tfd=1869
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 39ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621636&cd[external_id]=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1717731621522.575110584913503458&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=6896, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 03:40:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
273 B 61ms
59ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621636&cd[external_id]=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1717731621522.575110584913503458&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=FGET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04e06b0ed8411958","source_keys":["1","2"]},{"key_piece":"0x246281c49f133492","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 03:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=7569, tp=-1, tpl=-1, uplat=23, ullat=0
pragma: no-cache
x-fb-debug: KBMqws2VVJvWbJHhNeiGcA6fa0fSe/cqtsWDN/XEXiN/cy4eEo3EKQt/AEY77OiXD2sXZxpyyh4zIV9mbyJ5Gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 38ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621637&cd[ly_unknown_email]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1717731621522.575110584913503458&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=GET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=6896, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 03:40:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 59ms
58ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302935565346434&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.eftours.com%2F&rl=&if=false&ts=1717731621637&cd[ly_unknown_email]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1717731621522.575110584913503458&ler=empty&cdl=API_unavailable&it=1717731621432&coo=false&rqm=FGET

Requested by

Host: www.eftours.com
URL: https://www.eftours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x04e06b0ed8411958","source_keys":["1","2"]},{"key_piece":"0x246281c49f133492","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 03:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=7074, tp=-1, tpl=-1, uplat=22, ullat=0
pragma: no-cache
x-fb-debug: 9JbTp4cafVnV6+pJRfUXUggdTQeWo2KRQa/YEpmiJlTu1A612nhck7+c0Wg2BRwR8klWrLPzVP0epHql0ujRqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
844 B 311ms
309ms Ping
text/plain 23.212.248.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 82861176.b6303eda
date: Fri, 07 Jun 2024 03:40:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240607034021ED37126B864CD8D889CC-61AD5889817BFEEA-00
x-cache: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 217,23.220.104.8
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=213, inner; dur=205
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240607034021ED37126B864CD8D889CC
x-cache-remote: TCP_MISS from a23-48-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 213,23.48.100.142
x-tt-trace-host: 0133e32083078a02b63042477aa5216896141f5fd99884972f77e82f1c7cfc40f7ae2d7860f9b7ff3e76cdd5d441d603d93722ec3d1729a0fde933f60ebcb92e7bd5cb5a48f80b2decdfd23cf6d0c12c97c48cdac5fca79198ddb767394412f2f68208917e05f818eaf3941d1689c9a99f
access-control-allow-headers: Authorization,*
expires: Fri, 07 Jun 2024 03:40:22 GMT

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 63ms
63ms Script
application/javascript 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.1968dc17.1717731621.b4c83a4
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 2108

GET
H2 200 ct.html
ct.pinterest.com/ Frame 7798 0
0 122ms
37ms Document
text/html 23.220.136.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.136.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-136-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.eftours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

akamai-grn: 0.1968dc17.1717731621.b4c8458
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 07 Jun 2024 03:40:21 GMT
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8108419422446972

GET
H2 200 google_dv360
c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/ 35 B
474 B 54ms
53ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/425e1a929aeafe7bc5b2d0647603e35a/google_dv360?_ts=1717731621868&_nmob=t&_device=desktop&url=www.eftours.com%2F&_ga=GA1.1.1086623516.1717731621&_uid=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&optimizelyid=oeu1717731621472r0.7827270398415325&_v=3.0.35&_uido=a6e308c1-c6eb-44b5-98f4-c088b695fdd3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B5s%2B0xVgV%2F7TCiOaalj8oG8Qlnqguehsm4kqG4tKJP6QvpeAiSKHw%2FKgsHYpdZXv0yfizIimSpbu60OKeXtw2Q71UXd3YgKDK3GyQX6XREmFb0oJej%2Bf4wt4vlf"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
x-lytics-trace: e6f881be6c846c1c53c5eaf4051dc4d5
cf-ray: 88fd9eccb9f7aa9a-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 favicon.png
media.eftours.com/~/media/images/etus/logos/icons/ 4 KB
4 KB 39ms
36ms Other
image/png 104.16.0.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media.eftours.com/~/media/images/etus/logos/icons/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.0.167 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge
date: Fri, 07 Jun 2024 03:40:22 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2013 17:28:21 GMT
server: cloudflare
age: 574216
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="Favicon.png"
accept-ranges: bytes
cf-ray: 88fd9ecd8c49aaa1-YYZ
content-length: 4172
expires: Sun, 07 Jul 2024 03:40:22 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 103 KB
22 KB 30ms
30ms Script
text/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:22 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2024 01:41:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7113
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UC0Zihn7fLZuce%2BWHryEuEu47%2Fg%2BmTKSKCYc%2FwSpSPSqycOFDoaa1h1V1L3Pn4aUGtKjRPJOKXL9yR%2B1qg0IGlOcx6cBdYRjBcLzUn30HZY9pC8Y121F0THJrxyI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 88fd9ece1ac8aa9a-YYZ

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 28ms
28ms Stylesheet
text/css 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:22 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2024 01:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6878
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLxwFcYDp%2Bg%2BkOJ8MmKp6FAbVr80vjBrw7Q9jYg8ixq8AlytpwH4GCmy67PUqyEM3b0vMbJvdvn4otOGkY9ItdQKfOEPrLbTnZjklp9I1JDSGa9ZrSSh4NqmIx%2FL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 88fd9ece5b3baa9a-YYZ

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/ 327 B
572 B 31ms
30ms Script
application/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/425e1a929aeafe7bc5b2d0647603e35a/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/425e1a929aeafe7bc5b2d0647603e35a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:40:22 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=63072000;
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1684
content-length: 227
last-modified: Fri, 07 Jun 2024 03:12:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBgDdQX7F9iqKAK8MSpbV4AIobgqj8TP7K%2FJ1vbrQP30bbdYGtvbmnOoDmDbRVVWDjIZnyFKOmTWR79yUmKswxAVrlaQ2%2B%2BYBk3ApUYTYMMkF7JwTBvxol9%2BuVGu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
x-lytics-trace: 7b41f6c61e56ba58ecf40fed9b03070d
accept-ranges: bytes
cf-ray: 88fd9ece6b40aa9a-YYZ

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
386 B 98ms
55ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 03:40:22 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: c8e81a6c-79e4-403d-9408-9144375eb38f

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
73 B 54ms
53ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMQ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 03:40:24 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 25f655da-67b5-41bf-8cb5-d4f1ecc56c99

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
41ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9JLH500JCE&gtm=45je4650v877811556za200zb867853431&_p=1717731620196&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1086623516.1717731621&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1717731621&sct=1&seg=1&dl=https%3A%2F%2Fwww.eftours.com%2F&dt=Student%20travel%20programs%20%7C%20Educational%20tours%20for%20students%20%7C%20EF%20Tours&en=lytics&_ee=1&ep.event_category=lytics_user_properties&ep.non_interaction=true&_et=375&up.ly_segments_dim=ly_unknown_email%2Call&up.ly_user_id_dim=a6e308c1-c6eb-44b5-98f4-c088b695fdd3&tfd=6869
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JLH500JCE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.eftours.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 03:40:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eftours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.eftours.com/	1970-01-20 21:18:56	Name: AWSALB Value: BzgRCnmF0ZsWIh6U21z7iuuIF0TxC1FAHpyE3HEhqb7ArKZckgHipXsa5Y1zaYUOeWc5ugwlZDQgWMXx1pPDMXWxPwQth+u7odu9/fxzlN75WKEsI+k82xdl8EQe
www.eftours.com/	1970-01-20 21:18:56	Name: AWSALBCORS Value: BzgRCnmF0ZsWIh6U21z7iuuIF0TxC1FAHpyE3HEhqb7ArKZckgHipXsa5Y1zaYUOeWc5ugwlZDQgWMXx1pPDMXWxPwQth+u7odu9/fxzlN75WKEsI+k82xdl8EQe
www.eftours.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4vex3nmjnfb2ob0u1si4vfgm
www.eftours.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: DMiQsSKE_Z5fVUD2QcvW6zBFOm4SVga9DfGFblcl-rYY7v3ZwioEf-MxWI4m1EwSGAJuLxTo4d-DIgsHY9jqLOtx4BBWC0c-ly99X7VLumI1
.eftours.com/	1969-12-31 23:59:59	Name: PriceDefault Value: e0RlcGFydHVyZURhdGU6MDAwMS0wMS0wMX0=
.eftours.com/	1969-12-31 23:59:59	Name: recent Value: e0lzUHJpY2VBdmFpbGFibGVGb3JUb3VyOkZhbHNlLFJlbGVhc2VBZ3JlZW1lbnRDaGVja2VkOnt9fQ==
.eftours.com/	1970-01-20 21:08:53	Name: __cf_bm Value: AcYjUqsr3HdLDi5OhQHN4glLToNEKG0lS_UTUg57oG4-1717731620-1.0.1.1-6XytSXzLkro.S.j8kfJ.2EdBflRVLAAVIRPNMoLdN3ib8jJOVFQD4E5brzynETO79diLVbzA6Zfe5Irhi6kujXJyYvJa.l2epeDRNWDZhPM
.eftours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: jaMZYriq8thNNNFj.iyc0vYr0chbNtHLKeSlF5Cr4fg-1717731620135-0.0.1.1-604800000
media.eftours.com/	1970-01-20 21:18:56	Name: AWSALB Value: IwEQuWDY1TuZ1rsVMxa1PJMcnHVTOdJElKhAm8PAdaC3t7eJeDVZmHSup+ZUTKgJH0icdQA+bjoUhB0IJtZMyGjroMgrCPVjtQ9a6rYn2OQv6GwZeIOIwTpuKsb5
media.eftours.com/	1970-01-20 21:18:56	Name: AWSALBCORS Value: IwEQuWDY1TuZ1rsVMxa1PJMcnHVTOdJElKhAm8PAdaC3t7eJeDVZmHSup+ZUTKgJH0icdQA+bjoUhB0IJtZMyGjroMgrCPVjtQ9a6rYn2OQv6GwZeIOIwTpuKsb5
.eftours.com/	1970-01-20 23:18:27	Name: _gcl_au Value: 1.1.88537119.1717731621
.tiktok.com/	1970-01-21 06:30:27	Name: _ttp Value: 2hXDeC7Peuo7DZMC9Mw6XyUBwYj
.eftours.com/	1970-01-21 06:44:51	Name: _ga Value: GA1.1.1086623516.1717731621
.www.eftours.com/	1970-01-20 21:08:53	Name: seerses Value: e
.eftours.com/	1970-01-21 05:54:27	Name: cf_clearance Value: QQHtpabDq16IOZUhNSSXdhB16pAPuC1UbApKtAAkHw8-1717731621-1.0.1.1-IS5beyh4G47v_5_H5BAsxtJMd.I2G1R1WQkdSmLIlQTB9DC.moLIuovaVhJNLs45ROCQW4mzUxJaTZ1Cya9ekQ
.www.eftours.com/	1970-01-21 06:44:51	Name: seerid Value: a6e308c1-c6eb-44b5-98f4-c088b695fdd3
.lytics.io/	1970-01-21 06:44:51	Name: seerid Value: a6e308c1-c6eb-44b5-98f4-c088b695fdd3
.eftours.com/	1970-01-21 01:28:03	Name: optimizelyEndUserId Value: oeu1717731621472r0.7827270398415325
.eftours.com/	1970-01-20 21:10:18	Name: _uetsid Value: aab20d60247f11efb8b0d7c5192270f6
.eftours.com/	1970-01-21 06:30:27	Name: _uetvid Value: aab220c0247f11efa417f506351bf659
.eftours.com/	1970-01-20 23:18:27	Name: _fbp Value: fb.1.1717731621522.575110584913503458
.bing.com/	1970-01-21 06:30:27	Name: MUID Value: 064AFB98DB9762193A63EF0FDABD6315
.bat.bing.com/	1970-01-20 21:18:56	Name: MR Value: 0
.eftours.com/	1970-01-21 06:30:27	Name: _tt_enable_cookie Value: 1
.eftours.com/	1970-01-21 06:30:27	Name: _ttp Value: CmktsMNVDO9-zFIkkfxMnT7-M64
.pinterest.com/	1970-01-21 05:54:27	Name: ar_debug Value: 1
.eftours.com/	1970-01-21 05:54:27	Name: _pin_unauth Value: dWlkPVl6TTJabVZsTmpJdE1XVmxZeTAwT0dVMkxUZ3dOalV0WWpNME9XWmxPR1UxWm1Jdw
.www.eftours.com/	1970-01-20 21:18:56	Name: ly_segs Value: %7B%22ly_unknown_email%22%3A%22ly_unknown_email%22%2C%22all%22%3A%22all%22%7D
.eftours.com/	1970-01-21 05:54:27	Name: _hjSessionUser_157276 Value: eyJpZCI6IjE4MTIxZWJiLTJjYzYtNWJhNy1iZTA3LTQ4ZjQwNzkwMmFlZSIsImNyZWF0ZWQiOjE3MTc3MzE2MjE2MjksImV4aXN0aW5nIjpmYWxzZX0=
.ct.pinterest.com/	1970-01-21 05:54:27	Name: _pinterest_ct_ua Value: "TWc9PSZBc25YY1VLWFg1WCtLSEhOOFZsSWhZeGJqNFpwcjJoYllGdmZtRzhUL3kyTXRWN0EzR3VZMDZRUU9IUmY0NVRIQ0NlM3R0ZXAyN2ljRlhNZmtIOCtuZFc2RlBlejdZNDljU0p3YmxhRXFEWT0mYmlRSGZ4elVDS3gxYkZLSFRlT1VwVTFCb0drPQ=="
.eftours.com/	1970-01-20 21:08:53	Name: _hjSession_157276 Value: eyJpZCI6ImUzODM2MjkyLWJkYmQtNGZmOS1iMzQ1LWYzMzJmZWE3MDA5MCIsImMiOjE3MTc3MzE2MjE2MzEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.eftours.com/	1970-01-21 06:44:51	Name: _ga_9JLH500JCE Value: GS1.1.1717731621.1.1.1717731621.60.0.0
.doubleclick.net/	1970-01-21 06:44:51	Name: IDE Value: AHWqTUlX3pj1BQMpAYEmZjtS6suQXG5_W6E1ZtwJUnHozhyfYuGcAyLExNxM4UTEhBA

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1717731900000/5by59bm3fdyy.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.eftours.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a24099230963.cdn.optimizely.com
analytics.google.com
analytics.tiktok.com
bat.bing.com
c.lytics.io
cdn.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
fast.wistia.com
js.driftt.com
logx.optimizely.com
media.eftours.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vc.hotjar.io
widget.trustpilot.com
www.eftours.com
www.facebook.com
www.google.ca
www.googletagmanager.com
104.16.0.167
151.101.66.132
172.217.197.97
172.253.115.155
172.253.115.94
172.67.73.236
18.160.18.39
18.160.18.96
18.160.41.112
18.160.46.82
204.79.197.237
216.239.34.181
23.212.248.8
23.220.136.202
23.39.174.203
23.44.210.81
3.162.125.42
3.162.125.82
31.13.66.19
31.13.66.35
34.49.241.189
74.125.192.157
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
071197dcb65d5e709b4aae71ff3044e0b127cb38b1eba1f806fb25591eb1d698
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
0e944d06eb8b887f1121c81ed7df623bf5520780b0e443830992c36fbf9ea6e9
0ed865db4401e8f2c6e51d61d0c1f09473e9ad2b97a986afe4e101033e9018ab
14786480849eab724f447843ae737486dab003732877919f4f57eac9f0ae2cdc
14c3e4fec9a00378798eae4928b6e3a2a9c97daad06f58d38aabdadc5d3a2902
1b3b76d75083800b17b19ba7b1076a24aa843e551efc2a994551eb2ece8d61fa
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
24688043f67a45e79662f6fc9b64ddf8ddccafaf458458fe066db7a1be89d05d
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
296954fb9c911c3d94b959446cedb61bd22e93713fb8dcdc5a0da2518c4c1dae
2b9b50fce751b687f3dcfe2d1f92dc8d0a075732ed39c95b091e08460995e7f6
32d04c204ae18088cd6c5315a5bf4f9e89a10eea0c170b3bb1aa5614774068ac
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
389c9647c6c700b608453680dd0e7b9977ca3ff76204d290cf54ee1c60d6f0ca
3bb63fe09113fd05d8c429ec85d360db0fd08225f9e12a54510b8dee7e9783f9
40880bfa367812281a53188e8902d17719a77433537145904542451fbe8c1faf
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
4844fb8e90185473b005feba5c25c6aa87918b3bfd8e28c9f852844fff7ad36b
4de14cfce7e001b01a73eaba1161b0fa8aac467252373a8f9739d864cdecb120
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
590cee96d7577fa8e3139f05860c80201caf5ceb1272bf9415d88f9e35b3582e
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
5b073a24c28534f3fb65fb3df6e6838d044d7cfc88f386b54846f770675ec3cd
5e55e9e74807da0c8017e186f1db7e422b240451903357cf12231de87bee56c6
6774282cb931d544bd5511917ad35772e5d96c63527f9e8f52311c8eaaad1f20
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b403b670a417834b0ec0d6a79275352ca4b924392c2a6807cbd249c7c693ee0
72fe6910251402f3babe24e2eeb4a6793709c4d730c58b24ea2c18fce098dcd7
789f6d6ae38ce9221a547ce6b8cf31ad0f5e7cc6b2d05220540dd670813653f1
78d934da3e24b36f9a8277d5e19146710033d8460432d35297530efec5843477
7cb5768516c7e8d64859f6178d011abcc9e976ef4dd866e77760bf47c33326fe
7cd3dbc4daca59cf92be84e023fcb1080c59b6302b4e667d35036381f2c3da02
7ede27073e295f477104984536724ab02563bca058eab4617ec6a50a14878a48
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
937c31448fbbe49d66eef6520e203d60c37bc5a92d620b0f89c2c35c8ea59f89
94e5016cb773333a092b5981f94090e523ecd2292be83b5d947a8f0e5033da46
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b04eb3b69380e8b660d7fee971585aeb2295a328f0cd3abfb1cdf698e7f2cf5b
bc5a137304edd845ac025a63b2a14394b462d2d526b2391c05c588926093365f
bf7fcc971555f95a1bc67bcdb64c21d46febdb997f62bd3f885ed861644f21c1
c1a7bea21f8b7d89f158002dbc3372e8835647d35b6df0fa1987c1473519fde3
c4bf99e02ddaf9cb1f45e5f3f074e5771a52a0a73f093bfe4c0c435aec23994f
c55adc844258324a96facfedadbd892316c8d06ec7fc0e09b5532d8953123a13
c5e1a8b9d9fbf8b2e885feb3c40e4b8f76b4308c266ab98e3ef4855ce427e1cf
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce6af0cf51fdf5eb76149ce34ab71f66ec0fc155707cc55aa0a9bac21ad9f1e6
d1d4fdfd9452dd70132ee200440e55254adfa546de907014b2ddc2a271c8a4c1
d2819bacd81133f4813d73da06af3fafbff473af74b2d0c66e5add8c3f103507
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb20588b9831b96e07df923b7910a7153cd67fdef9b732d08b4e1d8c9ccf9777
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3da1bd725fc63b91c6a13f686f16b2819299b0cfbd12de5a1021bb4fa9dad75
f9bed6cd5b5a692a33c05816bf01aef42aee06db4cb67bb8887e9ebceb0cc07a

www.eftours.com Open in urlscan Pro 104.16.0.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

98 %HTTPS

0 %IPv6

18 Domains

23 Subdomains

21 IPs

2 Countries

19134 kBTransfer

22402 kBSize

33 Cookies

18 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eftours.com Open in urlscan Pro
104.16.0.167 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

21
IPs

2
Countries

19134 kB
Transfer

22402 kB
Size

33
Cookies

86 HTTP transactions
0 data transactions