urlscan.io logo urlscan.io
SecurityTrails logo

ephemeralelixir.com Open in urlscan Pro
172.67.136.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Effective URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxff...
Submission: On April 02 via manual from CA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 28 HTTP transactions. The main IP is 172.67.136.121, located in United States and belongs to CLOUDFLARENET, US. The main domain is ephemeralelixir.com.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.
This is the only time ephemeralelixir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 141.98.232.193 205220 (RHC-HOSTING)
2 2 34.76.98.215 396982 (GOOGLE-CL...)
1 1 34.76.75.249 396982 (GOOGLE-CL...)
1 1 172.67.148.151 13335 (CLOUDFLAR...)
1 2 188.114.97.3 13335 (CLOUDFLAR...)
22 172.67.136.121 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
28 5
3    141.98.232.193 (Bromley, United Kingdom)

ASN205220 (RHC-HOSTING, GB)
PTR: full.websiteconversionsecrets.com
wjoiqzxpwuzm.acuteseowordpresswebdesign.com
2    34.76.98.215 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com
swederlands.com
1    34.76.75.249 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.75.76.34.bc.googleusercontent.com
airhockeyloserkiek.com
1    172.67.148.151 (United States)

ASN13335 (CLOUDFLARENET, US)
www.keysearchonline.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
onelikeservices.com
22    172.67.136.121 (United States)

ASN13335 (CLOUDFLARENET, US)
ephemeralelixir.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
22 ephemeralelixir.com ephemeralelixir.com
3 wjoiqzxpwuzm.acuteseowordpresswebdesign.com wjoiqzxpwuzm.acuteseowordpresswebdesign.com
2 onelikeservices.com 1 redirects wjoiqzxpwuzm.acuteseowordpresswebdesign.com
2 swederlands.com 2 redirects
1 fonts.googleapis.com ephemeralelixir.com
1 www.keysearchonline.com 1 redirects
1 airhockeyloserkiek.com 1 redirects
0 blaclclubmoon.com Failed ephemeralelixir.com
28 8

This site contains no links.

Subject Issuer Validity Valid
onelikeservices.com
E1		 2024-02-14 -
2024-05-14		 3 months crt.sh
ephemeralelixir.com
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Frame ID: 9B3035B45DEB92F41EE700C92FF0D9F3
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Reward Pending

Page URL History Show full URLs

  1. http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
    https://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
    http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 Page URL
  2. http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/t/4_17619_1169_152_112_6701_11_4_81_60350 Page URL
  3. https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701 HTTP 302
    https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redi... HTTP 302
    https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redi... HTTP 302
    https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361378448 HTTP 302
    https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=cb4db294d93e49788... HTTP 307
    https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=209... Page URL
  4. https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=209793... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

86 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

806 kB
Transfer

1051 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
    https://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
    http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 Page URL
  2. http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/t/4_17619_1169_152_112_6701_11_4_81_60350 Page URL
  3. https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701 HTTP 302
    https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg HTTP 302
    https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg&ckmguid=abc3aabc-6882-4d2a-91f3-81dcc5a526ad HTTP 302
    https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361378448 HTTP 302
    https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=cb4db294d93e49788be63ce22af171ad&source=10-6253&subid=10 HTTP 307
    https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL
  4. https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
  • https://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350 HTTP 307
  • http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Request Chain 3
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701 HTTP 302
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg HTTP 302
  • https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg&ckmguid=abc3aabc-6882-4d2a-91f3-81dcc5a526ad HTTP 302
  • https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361378448 HTTP 302
  • https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=cb4db294d93e49788be63ce22af171ad&source=10-6253&subid=10 HTTP 307
  • https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4_17619_1169_152_112_6701_11_4_81_60350
wjoiqzxpwuzm.acuteseowordpresswebdesign.com/
Redirect Chain
  • http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
  • https://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
  • http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
458 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Apr 2024 13:31:30 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
494
X-Ratelimit-Reset
1712067903

Redirect headers

Location
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
wjoiqzxpwuzm.acuteseowordpresswebdesign.com/ 		0
261 B 		Other
General
Check archive.org
Download Go to
Full URL
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/favicon.ico
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Tue, 02 Apr 2024 13:31:30 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Reset
1712067903
X-Ratelimit-Limit
500
Content-Length
0
X-Ratelimit-Remaining
493
Content-Type
text/plain; charset=utf-8
4_17619_1169_152_112_6701_11_4_81_60350
wjoiqzxpwuzm.acuteseowordpresswebdesign.com/t/ 		310 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/t/4_17619_1169_152_112_6701_11_4_81_60350
Requested by
Host: wjoiqzxpwuzm.acuteseowordpresswebdesign.com
URL: http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Protocol
HTTP/1.1
Server
141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS
full.websiteconversionsecrets.com
Software
/
Resource Hash
972533eb98c755adfbda5be821724f6e5b85c461c50e4ae4dbe188c5310d6da8

Request headers

Referer
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/4_17619_1169_152_112_6701_11_4_81_60350
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
310
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Apr 2024 13:31:31 GMT
X-Address
gin_throttle_mw_7200000000_217.138.196.101
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
492
X-Ratelimit-Reset
1712067903
index.html
onelikeservices.com/go/caaircanada/
Redirect Chain
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701
  • https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg
  • https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17619&s3=152-112-6701&ch-redir=1&ckmxid=co60hd0d0001go594ihg&ckmguid=abc3aabc-6882-4d2a-91f3-81dcc5a526ad
  • https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361378448
  • https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=cb4db294d93e49788be63ce22af171ad&source=10-6253&subid=10
  • https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&fi...
846 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Requested by
Host: wjoiqzxpwuzm.acuteseowordpresswebdesign.com
URL: http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/t/4_17619_1169_152_112_6701_11_4_81_60350
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
d6b6ac62e6b2a329ef8a76c07585d084c88b0deb352f535c8ad793cf8bd975b3

Request headers

Referer
http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86e12e113e969425-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Apr 2024 13:31:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BxXbaPsT3TFFhtob64PSSrlfF1Bn7qlgfDD3g4YYvOPxiIQlliUrFmZ9OeCdc7Ev%2BjET5ehkpgXiqhRgQVotPz9%2BMc9SvOKzRiphn8knWCzXPc5DT1wBVdgYQJE0PlqO3nh8AnR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86e12e106d859425-LHR
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 13:31:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://onelikeservices.com/go/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzjWnbWTFNYuxdz3icWUJ%2Bdh6bp3gR29PHzpkAfPRFPiZdF379nqLd5r8IkYw%2BdASYgwJkkQ%2B%2F5K5D7lJNbJYoXyWhrORq58WWDfosaTs%2Bmx99JbMv1VT3HszypV45HdJ%2BcuYKRC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
x-robots-tag
noindex, noarchive, nofollow
Primary Request index.html
ephemeralelixir.com/caaircanada/ 		25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73

Request headers

Referer
https://onelikeservices.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86e12e127db73693-LHR
content-encoding
br
content-type
text/html
date
Tue, 02 Apr 2024 13:31:34 GMT
last-modified
Thu, 01 Feb 2024 14:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOEqTfQep5FA5eKonL9c2cyr7XjN0Nde5vxP9gBeN%2FkZH95ZiNZ5F5tX1nOVZi%2BM%2BR3PD6J1%2FYwSrfeARdcz0nDVwiM58bO%2BH7E4ZGHZAa1fxnyhhLX1Mc55g9YN54sbiofwjcYN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;800&display=swap
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Apr 2024 13:26:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Apr 2024 13:31:34 GMT
bootstrap.min.css
ephemeralelixir.com/caaircanada/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/css/bootstrap.min.css
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab75-2f88b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xio3gB0H4UOzOt6VkVCFQ7rIX6eBtbZ8Kwm6zqigVOZ8HhdwD4YM3z%2B9ocjb%2FVCM9Fqu5CV3uXf1zLI9G94dgQFSW5osJVQkISztMT9qk%2B0GBvBDehUAdQpWQ0YwcwsSYP1maCBY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86e12e134eeb3693-LHR
alt-svc
h3=":443"; ma=86400
style.css
ephemeralelixir.com/caaircanada/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/css/style.css
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab76-31c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5P3jDc5bGpbLET1%2FMXy366Y07NqLCO66WXZ1102P7qG7DEVMJkwcJDaFutjeYqWLJviTNkoHnS7VXH7yrX3SsSVRTmGmjAr1bj%2BsRiVoHJKoM8eFYY9VsiN8z%2BQSJrzP9aXGUnT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86e12e134eed3693-LHR
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
ephemeralelixir.com/caaircanada/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/jquery-3.6.0.min.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab77-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiBdcRIu42eVkEfS6xps71o6f5iuuMrXEaCG8e1syZEjTqkOjMcHGMuC9bbdLjAstsm1zie%2B5K83%2Bef56nzc%2FfB9uhH6cV0b1ijAqE1Pu9hf9Gh3kxNo4BwkYckObpLQHQ3Ur%2B%2FG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e12e134eef3693-LHR
alt-svc
h3=":443"; ma=86400
script.js
ephemeralelixir.com/caaircanada/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/script.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab78-1a9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qI%2BowNoozJvOiyrmr9lIYdIXXCVdw3H1PeGnecDsjMXWzQOrh3BfBvU6%2BIQw21%2BTywj5SjKzJnLQCfRbWp8LUU2N7GIHpIs%2FUQbpN20lJsHYfYlLkoRQwj5DocOQvCM4%2BWTDoO03"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e12e134ef03693-LHR
alt-svc
h3=":443"; ma=86400
woodbar.js
ephemeralelixir.com/caaircanada/js/ 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemeralelixir.com/caaircanada/js/woodbar.js
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bbab78-51d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GrC4tFb5e68lBRiPtYxjXgQd5My2P8kVJY0%2B9CXxvEmyOILD0KvbvsrFpnYfGwyo1PbRZl4RWg6ap%2F%2FezLuup0ksqgNp5jKpBu2u6tXjBzGqdfV6XE13z%2FyDCheBgXphAil%2B%2Fzo%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86e12e134ef33693-LHR
alt-svc
h3=":443"; ma=86400
logo.png
ephemeralelixir.com/caaircanada/rp-assets/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/logo.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7e-f82a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LW95VfsTQJpkKFA%2FXrvVQ24swK2dJkpUk9BSJQsXeifsnOY08%2B%2BKd4AiW1iVySRhknHvycWrVcHOPqbs1kIf6ERZrlQnoAE5BRf8vCUCeH7Z5h12oYDIfyfY1dDWWfZCjiYP7%2FY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e134ef43693-LHR
alt-svc
h3=":443"; ma=86400
content-length
63530
flag.png
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/flag.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-925"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w18qB%2BxE7T1jbP6LK1uZ6YxnEpEX0dpCHscAhPSweX9yWYoL8heJr6R07dmAFw7wuGlvGcK%2FXsbpvMep3TeAXAQolNlDUGbmTRg2Gd6Xlsgs9kwQ2qONhMKlW2wgJCLWsOj4jJJq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e134ef63693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2341
image1.png
ephemeralelixir.com/caaircanada/rp-assets/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image1.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-253d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKSH6wl97I4kJHuWpgJWyWdyE4yU2r24wmjbDbr%2Fk%2BjId89k2GQ63Xr%2F7H87lzQgb2pDGjJiDmk8evpwL6PruOCk4Wtv4rtemZtnotmM%2B5mVe8csDQ%2BBKUR46dAbcLL%2BfxWc%2Bbjj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1418053693-LHR
alt-svc
h3=":443"; ma=86400
content-length
152536
image2.png
ephemeralelixir.com/caaircanada/rp-assets/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image2.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7d-26790"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ia9oN%2BcdGP6O%2B8sm71iZbDIQLmz5d0hJ%2FAmckYFWXigHevb930hp6V5BCkbZuIix6PU484%2FMZgwR1Me4Mj2kXQICJwqjSVR8mbI9xTINfZXA3X2qy9E84bwntOp3OhWuUoZt9bI%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569ef3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
157584
image3.png
ephemeralelixir.com/caaircanada/rp-assets/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/image3.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48548a79e35bb6ed2f5fa41a789511631c556ea3ae5a4c7b8e33419cd3c60103

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7e-2d831"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQqodSXVZNykfgrCEdja1vGraLmnVRgoUOXWYD7fHhzNzgkthh4SiuARofoHSltt%2BwYFI59%2Bbr6pq3sufzn%2BYayPb77v%2B3N2qmJXfjkgkOcmCnDIR5vq6ru4ZjYNF2DElYn0Yy%2Fk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569f43693-LHR
alt-svc
h3=":443"; ma=86400
content-length
186417
1.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/1.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab79-80d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hv%2Fr6DsYCTzjcoAKulrCmmDlPhynGbim%2BEgan%2BGWbFUmxiPlH%2FsRJzcRl%2FqS9PlW5FXc1dm8cvI3MaKgWcYEiM4XT3wTXnxMZ%2FSaBLXKj19EV8gt6Q%2Bo9WHmG%2FJwqC0wtRUvA%2FEd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569f83693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2061
2.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/2.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab79-88e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdTtjmLuj4i45m%2FJKLDTkuA%2FAavho%2FiLny4KYpo60Nqmod7fSHa6nsNwA9zB35Et11DLdm1Kx4DaLYpsyvILfhlmoeCMjXSu5ugx%2F4eZoOYcTPeU1mUDujUDSoaGyVD6VXpFNQwM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569fa3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2190
3.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/3.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab79-7ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7DIl%2BtSDApMPP78ja546nHYTk2HSe1idMScbmVaEnB5%2F5qLeDaGztoC6ZOTs%2BVQ4ZCRVtqE%2FjVJwHbe81nOlyzJAq%2FgYwhn9dpiU5xyBe6kGSyV2Q4NefT1QISwJIgT5umihszw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569fd3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2028
8.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/8.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7b-815"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDBsRt4fV9yNjP%2BM9oy3tZ52E4KZtHzbfWuHIw%2Fzjg6H308mnlIvwloonliOEAKSkKcL0EdeALv9jo%2BtEhyA55E9sXV5qkSNOe%2FanB7WH4o1YumU1kpaD7VONExsCh0JBriSx7Si"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e1569ff3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2069
5.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/5.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7a-785"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUX%2BUdjJfnPsGue%2B7aHMu7ek9fYhK54sUMi3oQ%2FI761jtajrCti1GaEyd6etRLcHGXgo2I8wkE6qlA%2B%2BkZm5Q%2BgKdpRoRxamjSexp696KHgtCS89nsLMkONQc%2F3NSCW1Bxeyc48C"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a013693-LHR
alt-svc
h3=":443"; ma=86400
content-length
1925
7.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/7.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7a-73f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9Hs8S3ETmeyym3XFE9uS3623YVYSKmHRthDXyWkA9CH4gNw4fusc%2BlGp5sFrUbRwHCFRVgPzk%2BZF7ltnEf%2FqMCA%2FuQ6rsoaoH6RWQtOE77fjX0cISRm0VKfzCpYo%2BUCKUAy2QIZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a063693-LHR
alt-svc
h3=":443"; ma=86400
content-length
1855
6.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/6.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7a-756"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPEMCBO9C%2BECrG5Da247jYV%2FrS9izNxyve6CdGD9NzS9t97uMRq6RnsguHMtCH80qYZ6SUl1%2F0mH6BZx%2Fq4qyMSKQ2KkQWivIvCcUInZm62bPkj48%2Btge5aA2cB28w%2BMRO7IqbYi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a093693-LHR
alt-svc
h3=":443"; ma=86400
content-length
1878
4.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/4.jpeg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/index.html?session=f95e845bac4fd9534b78743d6399a617&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7a-817"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNoJXawK%2FhKnNIk8olP5rAhy28sRx37VjJ1LczFMPeH9c%2BE0UUniTCEmglqMYo1%2FKHJmnZ%2BCuWGF7EKHngDuRscNXHkQUxAcfaonDELRZcTkLt8n9rzU2Hfrcu8u01RUCTd5lgjc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a0b3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
2071
embed.js
blaclclubmoon.com/ 		0
0
bg.jpg
ephemeralelixir.com/caaircanada/rp-assets/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/bg.jpg
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc64bfae8f67920364d4fc89fcb9f80794411a02f198619a833072c115d065e4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/css/style.css
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7c-254b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehwhXqmongBZDKdID%2FPYr%2FDvw7H%2BVZcsjJoKtluw3NAghWRcQhZoEToMGiAQ70z4eMSu5AFVZqDzfP6xwi6Plpq18LQF3qj1rZQ6k177j%2BAIlwbUUCpxj5QUBuZiZ39EmlLNVYhf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a0e3693-LHR
alt-svc
h3=":443"; ma=86400
content-length
152759
alert.png
ephemeralelixir.com/caaircanada/rp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/alert.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e746affcc5738708ce0a7eb2f3e4e5469406050181561dc44ecb47cd6606f711

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/css/style.css
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7b-7a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3V8ICW0jfrXjBgoWWlup%2FKCsuUDWY%2BNEZ9iAqpCrQVMxaHM8ARK%2FbmSUDsmrg5QHEQJNRwPtp98rdQBoORxCG9QzvhviYe4u8S2bsALDhdS%2BzaHlwiBcgX0O3y6uV1%2FFQR8BFXqt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a103693-LHR
alt-svc
h3=":443"; ma=86400
content-length
1957
verified.png
ephemeralelixir.com/caaircanada/rp-assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemeralelixir.com/caaircanada/rp-assets/verified.png
Requested by
Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ephemeralelixir.com/caaircanada/css/style.css
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 13:31:34 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Feb 2024 14:32:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65bbab7f-1f6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuCTSoidm5nR4y2P0%2FUUM6Vxc3FSuy3VekEEPqEwaOJEHqmdcCrqjUEoEJTJaB9IzmGsbcuonSWr8gRQAKgbIryx7VxGiunKI893zUMSHEyPLVOjB1uykY6hr3TdhfoJhMz7TfrO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86e12e156a113693-LHR
alt-svc
h3=":443"; ma=86400
content-length
8047

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blaclclubmoon.com
URL
https://blaclclubmoon.com/embed.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery function| getURLParameter string| subid string| subid2 string| firstname string| surname string| city string| zipcode string| address string| phone string| mobile string| pid string| nrp string| ffdomain string| session string| fluxf string| fluxffn function| ActionRedirect function| plushLoaded

7 Cookies

Domain/Path Name / Value
.airhockeyloserkiek.com/ Name: som
Value: 3V4Ulf0tEpcUbGHDtKGOMDhRW3TqUJgEd8yhDjg3Z9mA3cx25sTOPA==
.airhockeyloserkiek.com/ Name: tib
Value: 4K8NmEfIVYSChbvI9S9t9zhRW3TqUJgEd8yhDjg3Z9mA3cx25sTOPA==
.airhockeyloserkiek.com/ Name: c20088
Value: 3V4Ulf0tEpfDBZ/VZKtK/koyyl63h5q0qH7tMVPomgOU3KsYguTmig==
www.keysearchonline.com/ Name: uniqueClick_WT23LQ
Value: 15c7ae5c-cd1a-48bc-8e54-cbdb2838ad4a:1712064693
www.keysearchonline.com/ Name: transaction_id
Value: cb4db294d93e49788be63ce22af171ad
onelikeservices.com/ Name: PHPSESSID
Value: f95e845bac4fd9534b78743d6399a617
onelikeservices.com/ Name: csid3
Value: f95e845bac4fd9534b78743d6399a617

2 Console Messages

Source Level URL
Text
network error URL: http://wjoiqzxpwuzm.acuteseowordpresswebdesign.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://blaclclubmoon.com/embed.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airhockeyloserkiek.com
blaclclubmoon.com
ephemeralelixir.com
fonts.googleapis.com
onelikeservices.com
swederlands.com
wjoiqzxpwuzm.acuteseowordpresswebdesign.com
www.keysearchonline.com
blaclclubmoon.com
141.98.232.193
172.67.136.121
172.67.148.151
188.114.97.3
2a00:1450:4001:81c::200a
34.76.75.249
34.76.98.215
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73
48548a79e35bb6ed2f5fa41a789511631c556ea3ae5a4c7b8e33419cd3c60103
4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866
553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f
6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5
647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd
972533eb98c755adfbda5be821724f6e5b85c461c50e4ae4dbe188c5310d6da8
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bc64bfae8f67920364d4fc89fcb9f80794411a02f198619a833072c115d065e4
c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf
d6b6ac62e6b2a329ef8a76c07585d084c88b0deb352f535c8ad793cf8bd975b3
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e746affcc5738708ce0a7eb2f3e4e5469406050181561dc44ecb47cd6606f711
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e