urlscan.io logo urlscan.io
SecurityTrails logo

ephemeralelixir.com Open in urlscan Pro
2606:4700:3036::6815:20d9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Effective URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxff...
Submission: On April 02 via manual from CA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3036::6815:20d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ephemeralelixir.com.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.
This is the only time ephemeralelixir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 141.98.232.193 205220 (RHC-HOSTING)
2 2 34.76.98.215 396982 (GOOGLE-CL...)
1 1 34.76.75.249 396982 (GOOGLE-CL...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... ()
5 172.67.136.121 ()
28 6
3    141.98.232.193 (Bromley, United Kingdom)

ASN205220 (RHC-HOSTING, GB)
PTR: full.websiteconversionsecrets.com
ncalrfxlghhs.acuteseowordpresswebdesign.com
2    34.76.98.215 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com
swederlands.com
1    34.76.75.249 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.75.76.34.bc.googleusercontent.com
airhockeyloserkiek.com
1    2606:4700:3032::6815:1d4c (United States)

ASN13335 (CLOUDFLARENET, US)
www.keysearchonline.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
onelikeservices.com
8    2606:4700:3036::6815:20d9 (United States)

ASN13335 (CLOUDFLARENET, US)
ephemeralelixir.com
1    2a00:1450:4001:81c::200a (None, )

ASN- ()
fonts.googleapis.com
5    172.67.136.121 (None, )

ASN- ()
ephemeralelixir.com
Domain Requested by
13 ephemeralelixir.com ephemeralelixir.com
3 ncalrfxlghhs.acuteseowordpresswebdesign.com ncalrfxlghhs.acuteseowordpresswebdesign.com
2 onelikeservices.com 1 redirects ncalrfxlghhs.acuteseowordpresswebdesign.com
2 swederlands.com 2 redirects
1 fonts.googleapis.com ephemeralelixir.com
1 www.keysearchonline.com 1 redirects
1 airhockeyloserkiek.com 1 redirects
0 blaclclubmoon.com Failed ephemeralelixir.com
28 8

This site contains no links.

Subject Issuer Validity Valid
onelikeservices.com
E1		 2024-02-14 -
2024-05-14		 3 months crt.sh
ephemeralelixir.com
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Frame ID: 6174BD4CEEFE4D9B4033265A00325263
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
    https://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
    http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 Page URL
  2. http://ncalrfxlghhs.acuteseowordpresswebdesign.com/t/4_17600_1169_20_3992_6704_11_9_38_74101 Page URL
  3. https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704 HTTP 302
    https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redi... HTTP 302
    https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redi... HTTP 302
    https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361377818 HTTP 302
    https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=8a5818526edf4657b... HTTP 307
    https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=209... Page URL
  4. https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=209793... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

54 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

449 kB
Transfer

773 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
    https://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
    http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 Page URL
  2. http://ncalrfxlghhs.acuteseowordpresswebdesign.com/t/4_17600_1169_20_3992_6704_11_9_38_74101 Page URL
  3. https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704 HTTP 302
    https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg HTTP 302
    https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg&ckmguid=352d2122-3a6f-4156-b557-446bdcb81825 HTTP 302
    https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361377818 HTTP 302
    https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=8a5818526edf4657bafeb17f9fc4562a&source=10-6253&subid=10 HTTP 307
    https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL
  4. https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
  • https://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101 HTTP 307
  • http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Request Chain 3
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704 HTTP 302
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg HTTP 302
  • https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg&ckmguid=352d2122-3a6f-4156-b557-446bdcb81825 HTTP 302
  • https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361377818 HTTP 302
  • https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=8a5818526edf4657bafeb17f9fc4562a&source=10-6253&subid=10 HTTP 307
  • https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4_17600_1169_20_3992_6704_11_9_38_74101
ncalrfxlghhs.acuteseowordpresswebdesign.com/
Redirect Chain
  • http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
  • https://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
  • http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
458 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Apr 2024 13:21:18 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
496
X-Ratelimit-Reset
1712067188

Redirect headers

Location
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
ncalrfxlghhs.acuteseowordpresswebdesign.com/ 		0
261 B 		Other
General
Check archive.org
Download Go to
Full URL
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/favicon.ico
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Tue, 02 Apr 2024 13:21:18 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Reset
1712067188
X-Ratelimit-Limit
500
Content-Length
0
X-Ratelimit-Remaining
495
Content-Type
text/plain; charset=utf-8
4_17600_1169_20_3992_6704_11_9_38_74101
ncalrfxlghhs.acuteseowordpresswebdesign.com/t/ 		310 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/t/4_17600_1169_20_3992_6704_11_9_38_74101
Requested by
Host: ncalrfxlghhs.acuteseowordpresswebdesign.com
URL: http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
6a44e96a59918952f296cc2cde4a1e46fa1633da99c64f0b1c1da4cefce38523

Request headers

Referer
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/4_17600_1169_20_3992_6704_11_9_38_74101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
310
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Apr 2024 13:21:19 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
494
X-Ratelimit-Reset
1712067188
index.html
onelikeservices.com/go/caaircanada/
Redirect Chain
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg
  • https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17600&s3=20-3992-6704&ch-redir=1&ckmxid=co60ck260001kd20sufg&ckmguid=352d2122-3a6f-4156-b557-446bdcb81825
  • https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361377818
  • https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=8a5818526edf4657bafeb17f9fc4562a&source=10-6253&subid=10
  • https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&fi...
846 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Requested by
Host: ncalrfxlghhs.acuteseowordpresswebdesign.com
URL: http://ncalrfxlghhs.acuteseowordpresswebdesign.com/t/4_17600_1169_20_3992_6704_11_9_38_74101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
ea3d95e2259b945ef49ccb3fdefaf6d647f8f20de13ec4d5497264614a71bff3

Request headers

Referer
http://ncalrfxlghhs.acuteseowordpresswebdesign.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86e11f1f3fc594f9-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Apr 2024 13:21:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QIp77PkMf3tP1pFzoAY6jL08rR4UiM0%2BKTWkwUWp4I4fQUqdD9BtkYJRP9YSpLPieuD1PP3QTL43ypneCiBSmRvZg9lfx%2Bi0BbPUGFNsHiMXOH4vWpnGrnyrPfC9d7qzr04v6vPaYVhqjkH1RIFb1hi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86e11f1e9eaa94f9-LHR
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 13:21:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://onelikeservices.com/go/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thcyHLE1bs6QZpGnp5SubS9TPGU4XKCXFIZaX%2B2bL4%2B48D0qeTobhKL63ltSE9Y1y4Xs6sH5%2BNhCUfC2dtry1ujzTADVqzcrp7sZ4vBVzMr752SuZ12jWKJP20cL4d7GvcvcNXZ4noRhCXAAJIg4s%2BZW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
x-robots-tag
noindex, noarchive, nofollow
Primary Request index.html
ephemeralelixir.com/caaircanada/ 		25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73

Request headers

Referer
https://onelikeservices.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86e11f2259f163ad-LHR
content-encoding
br
content-type
text/html
date
Tue, 02 Apr 2024 13:21:22 GMT
last-modified
Thu, 01 Feb 2024 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYqq%2FeAGhFd%2FB%2B6aFimZ6%2BVb1S8O%2BPHzRU19Rw7Y2y6L9dWE3OurQMgogK6CWJQ%2BJ9G%2FpaUWQ1hfmnYZIdrpJLGYu836BHOvDFi34TMz6QRUYQ16WzcPFLAiPD4vG2Z2kaC9%2B7tPj6RvfcUJ%2BAOLu9cy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;800&display=swap
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Apr 2024 13:21:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Apr 2024 13:21:22 GMT
bootstrap.min.css
ephemeralelixir.com/caaircanada/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/css/bootstrap.min.css
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab75-2f88b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mJ1Ox2IlB9uZxhj2CeTsITsoQWpTui8g%2Fv6fkhaAQUpNR%2FYcGUl%2BMNTQ9Rl9uJ3MhQineiAEhOD7DMpe8cf6Rb%2Bx05B954w6Q4zS2LAo6FTX3tQ4gfcmhE0nnGaHdJRnkYxyVzIQGpQzzgy8EEkDqBb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86e11f22faf963ad-LHR
alt-svc
h3=":443"; ma=86400
style.css
ephemeralelixir.com/caaircanada/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/css/style.css
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab76-31c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFc95twLYBCll2hgFz%2FYTVE5Ppj1e5TC2albg5L4pjnsNhW1TAH8GQALXPWp5s8BfPwhJ6iOA8ByhWsLjsU0wTC4ydzVhA4b1lqd1JjpHGT4bnT9eHroXk38EHPEnMksbJHGmnjcnWN1bNuymWlXQMS8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86e11f22fafa63ad-LHR
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
ephemeralelixir.com/caaircanada/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/jquery-3.6.0.min.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab77-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pANE4uaSIw3T%2BmgHCMMbAJrzLxs4b%2F6IPpdtNqACjOfnlThMonqrKScZzZoXn3w8L96PHNrIa3RJqVeFLN5MPQTFV4NVIJ4u8Rb%2FwfCR0xAzg%2Foh%2BriH1dPxE1Djle%2BB4gE1i1rSOrVEGir7EFAmteSo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e11f22fafb63ad-LHR
alt-svc
h3=":443"; ma=86400
script.js
ephemeralelixir.com/caaircanada/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/script.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab78-1a9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUGlp5xTEn2PeaZ6rX1FyU4vvg8eThFst5k27fZgWNiizwQlCbR%2BFLHHKUe8mwkO60%2BuloGyGGn5JRzuq1xL%2Bnd9wFC6LJVGNke9A2ygXPVeu1RbN%2Bh88MC3K%2F%2Bg5je1xWMYzbGeu10T9ajIzJ7PC8WE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e11f22fafc63ad-LHR
alt-svc
h3=":443"; ma=86400
woodbar.js
ephemeralelixir.com/caaircanada/js/ 		1 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/woodbar.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab78-51d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFcTcFKETpS%2FEdzTXcmq5wKnzM6VPaAAPRNj%2BB1Dggqcqi6kEXFATCh1fCgmq%2BMN9VcFhuv6flaaFcBBE4uGznWW6ZMAYqjH62NgQrvv0fdTMF9Je1M9HSAJcwcRNgjTRYETROZfti2JCFJr%2By6ilR7A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e11f22fafe63ad-LHR
alt-svc
h3=":443"; ma=86400
logo.png
ephemeralelixir.com/caaircanada/rp-assets/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/logo.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7e-f82a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVjnyM%2Ffl703%2BSvsTgyLyRoNui6%2FjPOMqF%2FPR9XupUmuFKSaNN0jlQ6LJcfjSTwUEuTf6Dh7n6Qu%2FShw%2BG6yYZqwvaTE7Vcx2pn93lf1S9DewmZ5TrLJeRKeGxV1rQEcH8kcifrJ6vYa2sHBb0NOtJ9l"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f22faff63ad-LHR
alt-svc
h3=":443"; ma=86400
content-length
63530
flag.png
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/flag.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-925"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOCdx6BRSRkYHbTBrzrz2RT4qvYjoOcfzRBrb3bFfJlNpt6Q6%2FMYcS55fSJpOIBVgQen79LPQKAVYNERslhNec%2F4g5lEGbL55oTSnbp13M3P4BnNY%2F6wHCR6Ye9oYCp%2FV6SfHaWJeR8L1CktUEs92zMf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f22fb0263ad-LHR
alt-svc
h3=":443"; ma=86400
content-length
2341
image1.png
ephemeralelixir.com/caaircanada/rp-assets/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image1.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-253d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCZE%2FMFw5O5wgziqtyYIGIQfp8u8pNXD%2F%2Fo%2BendV9%2BdY75Q81t%2BR1uO0bmbUPVyATP5uIHZZf6VChTmsgfCX6WMq7jkwH0JGciRxft6nH0jw7VjH8E5MamQNGnYJhN%2F7NsboBesf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f23cef823ed-LHR
alt-svc
h3=":443"; ma=86400
content-length
152536
image2.png
ephemeralelixir.com/caaircanada/rp-assets/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image2.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-26790"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sc19%2FWQB%2F9%2FNHuYksxo7kpNdxj3uanJ9%2BOIPolSwlyhgzosJLzRi03Z7OWdIUA1bHVWGC7F0z1Dhk6s0PNaCmlTb9rLPS1261ikvlRMkVNRqSuADQVb4HpoG%2Ft2otlrs3gHXDBxU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f23cf0523ed-LHR
alt-svc
h3=":443"; ma=86400
content-length
157584
image3.png
ephemeralelixir.com/caaircanada/rp-assets/ 		75 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image3.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7e-2d831"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRTw4zMc4M8IY7c84NKWxp0Fi6uVq0X9nuCgjFU3AXoiw2ZFtmM0nmKq%2B1md3Oly8SA1xS9EQLeNMf66HDgppd%2FaXQ9Yl8H7pnQgoni3ZqU0HJYy7b%2BXngGAR26yeqOQpgDbw7mZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f23ff3f23ed-LHR
alt-svc
h3=":443"; ma=86400
content-length
186417
1.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/1.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab79-80d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJDXdcWSJqMEhYkrfTpSwE2uT8d6EAkQgy1CS7v%2Foqp1U1APT13OExpn0%2FzF5KV75RIY%2FT9UX0Bs0DVqXqVj%2BvFEmVlS%2FKJm5xfrA%2BJK1KclHzQcvyLu4Uz2frYGgNBMT8TokxAC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f23ff4023ed-LHR
alt-svc
h3=":443"; ma=86400
content-length
2061
2.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
3.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/3.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=e3b1156969cc8731191f2397b793c304&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:21:22 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab79-7ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEL5iPxFwO0IngQQqyxgmB5EGgDjL4lUI7D6yyqdbcn1aaPiOl%2Fgn8oxBBQXwJvfIB6GzO5qE8HMaImSAXkkcxDsYf3%2F4FOldkfuJNWGQjEhlI2t2Clbs5eIPzeurUWO0KF%2BaFjr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e11f23ff4223ed-LHR
alt-svc
h3=":443"; ma=86400
content-length
2028
8.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
5.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
7.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
6.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
4.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
embed.js
blaclclubmoon.com/ 		0
0
bg.jpg
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
alert.png
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0
verified.png
ephemeralelixir.com/caaircanada/rp-assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/2.jpeg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/8.jpeg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/5.jpeg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/7.jpeg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/6.jpeg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/4.jpeg
Domain
blaclclubmoon.com
URL
https://blaclclubmoon.com/embed.js
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/bg.jpg
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/alert.png
Domain
ephemeralelixir.com
URL
https://ephemeralelixir.com/caaircanada/rp-assets/verified.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

7 Cookies

Domain/Path Name / Value
.airhockeyloserkiek.com/ Name: sfd
Value: LXI18cPJe7oUbGHDtKGOMDhRW3TqUJgEdsp0xlowWoZRYYVBxJlKpQ==
.airhockeyloserkiek.com/ Name: ti
Value: LFAvvH3CBDpVk67sXj7aRDhRW3TqUJgEdsp0xlowWoZRYYVBxJlKpQ==
.airhockeyloserkiek.com/ Name: c20088
Value: LXI18cPJe7pyd8MZ8bdPJSQ4zaYpYdT2tS5sp3ybCnSU3KsYguTmig==
www.keysearchonline.com/ Name: uniqueClick_WT23LQ
Value: 76384db6-3cea-44af-812a-1407209aad7f:1712064081
www.keysearchonline.com/ Name: transaction_id
Value: 8a5818526edf4657bafeb17f9fc4562a
onelikeservices.com/ Name: PHPSESSID
Value: e3b1156969cc8731191f2397b793c304
onelikeservices.com/ Name: csid3
Value: e3b1156969cc8731191f2397b793c304

2 Console Messages

Source Level URL
Text
network error URL: http://ncalrfxlghhs.acuteseowordpresswebdesign.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://blaclclubmoon.com/embed.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airhockeyloserkiek.com
blaclclubmoon.com
ephemeralelixir.com
fonts.googleapis.com
ncalrfxlghhs.acuteseowordpresswebdesign.com
onelikeservices.com
swederlands.com
www.keysearchonline.com
blaclclubmoon.com
ephemeralelixir.com
141.98.232.193
172.67.136.121
2606:4700:3032::6815:1d4c
2606:4700:3036::6815:20d9
2a00:1450:4001:81c::200a
2a06:98c1:3120::3
34.76.75.249
34.76.98.215
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73
4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866
553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f
6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5
647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
6a44e96a59918952f296cc2cde4a1e46fa1633da99c64f0b1c1da4cefce38523
85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e
c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf
e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3d95e2259b945ef49ccb3fdefaf6d647f8f20de13ec4d5497264614a71bff3
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e