ephemeralelixir.com Open in urlscan Pro
172.67.136.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
Effective URL:
https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxff...
Submission: On April 01 via manual (April 1st 2024, 1:39:03 pm UTC) from CA — Scanned from GB

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 29 HTTP transactions. The main IP is 172.67.136.121, located in United States and belongs to CLOUDFLARENET, US. The main domain is ephemeralelixir.com.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.

This is the only time ephemeralelixir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	141.98.232.193 141.98.232.193	205220 (RHC-HOSTING) (RHC-HOSTING)
2 2	34.76.98.215 34.76.98.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.76.75.249 34.76.75.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.67.148.151 172.67.148.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	172.67.136.121 172.67.136.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
29	5

3 141.98.232.193 (Bromley, United Kingdom)

ASN205220 (RHC-HOSTING, GB)
PTR: full.websiteconversionsecrets.com

uywcaducveyy.acuteseowordpresswebdesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.76.98.215 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com

swederlands.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.76.75.249 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.75.76.34.bc.googleusercontent.com

airhockeyloserkiek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.148.151 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.keysearchonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onelikeservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.136.121 (United States)

ASN13335 (CLOUDFLARENET, US)

ephemeralelixir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ephemeralelixir.com ephemeralelixir.com	804 KB
3	acuteseowordpresswebdesign.com uywcaducveyy.acuteseowordpresswebdesign.com	2 KB
2	onelikeservices.com 1 redirects onelikeservices.com	2 KB
2	swederlands.com 2 redirects swederlands.com	812 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	866 B
1	keysearchonline.com 1 redirects www.keysearchonline.com	813 B
1	airhockeyloserkiek.com 1 redirects airhockeyloserkiek.com	762 B
0	blaclclubmoon.com Failed blaclclubmoon.com Failed
29	8

	Domain	Requested by
23	ephemeralelixir.com	ephemeralelixir.com
3	uywcaducveyy.acuteseowordpresswebdesign.com	uywcaducveyy.acuteseowordpresswebdesign.com
2	onelikeservices.com	1 redirects uywcaducveyy.acuteseowordpresswebdesign.com
2	swederlands.com	2 redirects
1	fonts.googleapis.com	ephemeralelixir.com
1	www.keysearchonline.com	1 redirects
1	airhockeyloserkiek.com	1 redirects
0	blaclclubmoon.com Failed	ephemeralelixir.com
29	8

This site contains no links.

Subject Issuer	Validity	Valid
onelikeservices.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
ephemeralelixir.com GTS CA 1P5	`2024-03-13` - `2024-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Frame ID: BAD16A591FA762C318991497DCF0E5ED
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reward Pending

Page URL History Show full URLs

http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
https://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 Page URL
http://uywcaducveyy.acuteseowordpresswebdesign.com/t/4_17609_1169_95_1361_6701_11_2_38_61578 Page URL
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701 HTTP 302
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redi... HTTP 302
https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redi... HTTP 302
https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361308352 HTTP 302
https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=dfaecfa3038d4c299... HTTP 307
https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=209... Page URL
https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=209793... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

86 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

807 kB
Transfer

1052 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
https://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 Page URL
http://uywcaducveyy.acuteseowordpresswebdesign.com/t/4_17609_1169_95_1361_6701_11_2_38_61578 Page URL
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701 HTTP 302
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0 HTTP 302
https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0&ckmguid=692e2bd7-fb47-4a13-9144-d4c06f9603e0 HTTP 302
https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361308352 HTTP 302
https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=dfaecfa3038d4c299b9cad1a6d1bb8a0&source=10-6253&subid=10 HTTP 307
https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL
https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
https://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578 HTTP 307
http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578

Request Chain 3

https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701 HTTP 302
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0 HTTP 302
https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0&ckmguid=692e2bd7-fb47-4a13-9144-d4c06f9603e0 HTTP 302
https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361308352 HTTP 302
https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=dfaecfa3038d4c299b9cad1a6d1bb8a0&source=10-6253&subid=10 HTTP 307
https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

4_17609_1169_95_1361_6701_11_2_38_61578 Show response
uywcaducveyy.acuteseowordpresswebdesign.com/
Redirect Chain

http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
https://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578

458 B
712 B

34ms
34ms

Document
text/html

141.98.232.193
RHC-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
Protocol: HTTP/1.1
Server: 141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS: full.websiteconversionsecrets.com
Software: /
Resource Hash: 0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 458
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Apr 2024 13:38:58 GMT
X-Address: gin_throttle_mw_7200000000_217.138.196.99
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 499
X-Ratelimit-Reset: 1711982338

Redirect headers

Location: http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 404
Not Found favicon.ico
uywcaducveyy.acuteseowordpresswebdesign.com/ 0
260 B 38ms
38ms Other
text/plain 141.98.232.193
RHC-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/favicon.ico
Protocol: HTTP/1.1
Server: 141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS: full.websiteconversionsecrets.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 01 Apr 2024 13:38:58 GMT
X-Address: gin_throttle_mw_7200000000_217.138.196.99
X-Ratelimit-Reset: 1711982338
X-Ratelimit-Limit: 500
Content-Length: 0
X-Ratelimit-Remaining: 498
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK 4_17609_1169_95_1361_6701_11_2_38_61578 Show response
uywcaducveyy.acuteseowordpresswebdesign.com/t/ 310 B
564 B 106ms
106ms Document
text/html 141.98.232.193
RHC-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/t/4_17609_1169_95_1361_6701_11_2_38_61578
Requested by: Host: uywcaducveyy.acuteseowordpresswebdesign.com
URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
Protocol: HTTP/1.1
Server: 141.98.232.193 Bromley, United Kingdom, ASN205220 (RHC-HOSTING, GB),
Reverse DNS: full.websiteconversionsecrets.com
Software: /
Resource Hash: bf22243942685f13bcda3453cbb8c7fb8f2af58786522d2e4d27434584f5167f

Request headers

Referer: http://uywcaducveyy.acuteseowordpresswebdesign.com/4_17609_1169_95_1361_6701_11_2_38_61578
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 310
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Apr 2024 13:38:59 GMT
X-Address: gin_throttle_mw_7200000000_217.138.196.99
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 497
X-Ratelimit-Reset: 1711982338

GET
H3

200

index.html Show response
onelikeservices.com/go/caaircanada/
Redirect Chain

https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701
https://swederlands.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0
https://airhockeyloserkiek.com/?a=6253&oc=20140&c=54393&p=r&m=3&s1=11&s2=1169-17609&s3=95-1361-6701&ch-redir=1&ckmxid=co5bhteh0000hh1oqll0&ckmguid=692e2bd7-fb47-4a13-9144-d4c06f9603e0
https://www.keysearchonline.com/cmp/7Z82H/WT23LQ/?source_id=6253&sub2=361308352
https://onelikeservices.com/?flux_fts=qzacaxooicoxtqqpaqietpqpooqtaocxptptltx5bfec&nrp=dfaecfa3038d4c299b9cad1a6d1bb8a0&source=10-6253&subid=10
https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&fi...

846 B
805 B

104ms
104ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Requested by: Host: uywcaducveyy.acuteseowordpresswebdesign.com
URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/t/4_17609_1169_95_1361_6701_11_2_38_61578
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: ceb3d1eb6db996da90067e7e185aff9d4c9b7ee35f4a3908bde5f492691c42f5

Request headers

Referer: http://uywcaducveyy.acuteseowordpresswebdesign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86d8fba2799f941e-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 01 Apr 2024 13:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cemwAcW1%2Fk7KMzY8YQCU5%2B3%2Fgdj6b5p8LWTkA4u9yU8TIgo3GGGmLFrGU50RqMjD5o7uWfWAwW4VDybZCKSh25Q0wBinX3caFT8bpsfLjrBEClB1HZmzrFKttgnmLwq9bKgC7%2BeD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86d8fba1c89f941e-LHR
content-type: text/html; charset=utf-8
date: Mon, 01 Apr 2024 13:39:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://onelikeservices.com/go/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This is not a P3P policy"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q67qiFz0FI6%2B0EwLuPlMDndJscpG6HkYm2ws0zOXkAsjo%2BHEFIn8hTLYY8wYFPn%2B8PXFg%2FAo7WsManISnOIRDRpj2Bpjh9P0dzsXdkyzhxeWxF8k2yLYiRsIzAVWGsESAhYh1rLp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 Primary Request index.html Show response
ephemeralelixir.com/caaircanada/ 25 KB
5 KB 237ms
131ms Document
text/html 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73

Request headers

Referer: https://onelikeservices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86d8fba4282a9577-LHR
content-encoding: br
content-type: text/html
date: Mon, 01 Apr 2024 13:39:02 GMT
last-modified: Thu, 01 Feb 2024 14:32:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KE1BWw2bB0Mf1WI%2FI9PD%2Fa1Z%2BuMsMHYeUcf01AE%2Bskuxak7e0ZUv8%2F%2FmDakI1mdslccJJyLovyw8tEF5PTH2CJVtGNviZTKo0AZ4B%2FTnC0qrFytbuiAnlqXjCCJC8Hm1XcBLy%2FAM"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
866 B 146ms
52ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;800&display=swap

Requested by

Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 Apr 2024 13:39:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Apr 2024 13:39:02 GMT

GET
H3 200 bootstrap.min.css
ephemeralelixir.com/caaircanada/css/ 190 KB
29 KB 191ms
191ms Stylesheet
text/css 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/css/bootstrap.min.css
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbab75-2f88b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ug52g6KxapQsSBRgqFhW8c2luH9Th5suNln2EcJONglieSDCcJ9pSPncw%2BEpz8y683iB5W6vzKeuwJoy1j9uBlZe5wF3rLKW8bbB9K8q9xE3LK6RQxqDxbciUEZbZ03blQ4s4wSB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86d8fba4f9569577-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
ephemeralelixir.com/caaircanada/css/ 12 KB
4 KB 112ms
111ms Stylesheet
text/css 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/css/style.css
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbab76-31c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DM3p7HTkZYcx989HyyxDeg%2BTC278Txz8HQMt9LqVSF9xLZeiBFnBuYTpnu5YDRf%2BxAANp%2BF40EdLNVIAGeg0wmAwryDApOe%2F4VGM0DTSVlxd17DumOj7O9P9Vn9hrg40UTybbbc8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86d8fba4f9579577-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-3.6.0.min.js Show response
ephemeralelixir.com/caaircanada/js/ 87 KB
32 KB 159ms
159ms Script
application/javascript 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/js/jquery-3.6.0.min.js
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbab77-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vcd1%2FjsmfiAF8QO2%2Fk%2BF27GkW3gxYFm3XzkKX4PimNNFNUJN5BdoLgMc%2FM5G6EPtrGsKcBu3jhbtcxAkDWl5vFPk%2BJbdYWHUGMGkenClWYXfNZENKc8LVLSvGqaA5vgU1M8ZLjg0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86d8fba4f9589577-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
ephemeralelixir.com/caaircanada/js/ 7 KB
2 KB 113ms
112ms Script
application/javascript 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/js/script.js
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbab78-1a9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6JH%2FdfSeRB%2BEluob7%2BUwYC5%2BosCzizLittfxsjyxFwd%2BZ0ZW4MizTX9o94iS8%2BCnlMzSK7oi9%2BwDcWvN%2F5%2Bs9ClOdnZ4pSLM4g%2FJbZpcUKqaxo733joVgYvzR%2F%2Fuxna2epoJgfz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86d8fba4f95b9577-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 woodbar.js Show response
ephemeralelixir.com/caaircanada/js/ 1 KB
897 B 82ms
81ms Script
application/javascript 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/caaircanada/js/woodbar.js
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbab78-51d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAnIQ9P79Kpsxd3fHVZMzwWWSnPOxOT80r9oWRLpPMD3coDZXA7u6MV5%2BrZ%2Bfg0FIj4pKgtN6mBv67cWC%2FYnZaGAejVW8l0U1an%2BFaLUVdJhoLX6Q0SQc0b519J94rnM%2BPM99Qf5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86d8fba4f95c9577-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
ephemeralelixir.com/caaircanada/rp-assets/ 62 KB
63 KB 127ms
127ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/logo.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7e-f82a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFIVPy5wvcl0xr5ZpQvBTpl6ClC4iy6ApI7nV6ACRdH5pO7CqiSVzehvNoWO2hLE%2FWmv1JIgnqadIR1tboaenMMGB8yiA6cCloE3VMhDQivbnnTPAQhtUFHrG%2FJZ50D0VWmPnduw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba4f9609577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 63530

GET
H3 200 flag.png
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
3 KB 88ms
88ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/flag.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7d-925"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4qg7ZCwXSViFnf6NANQqaQcAHZt%2FA6wgRP5HPyje9HIPzvRa97y%2Bs9gGnmyOsVP17CR1OpaD9OUSfWngnyHp61LI0MvFF3jIMMUJ29wngPx76548jc7PSz6JlcFFBn3IbN5lbqt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba4f9659577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2341

GET
H3 200 image1.png
ephemeralelixir.com/caaircanada/rp-assets/ 149 KB
149 KB 146ms
146ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/image1.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7d-253d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvkUYN1BU0rftA7Myl0%2BsB5KvXFh5giMibpjK0kmrw9TQ5Bo01TLg3DTmdOL2%2BeCqZoXa7MwZQyWMuJ1aBAvIjhyFZkEYzOx6SspJWRZyn%2FMFkiWNP8j%2FR%2B0fsAuTHNhBa3meMHF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba589fd9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 152536

GET
H3 200 image2.png
ephemeralelixir.com/caaircanada/rp-assets/ 154 KB
154 KB 149ms
149ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/image2.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7d-26790"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5c8t6t1o49CgkuHrOw4aU0x0lbS4%2FKC0gOgMHNdM7QlOFCzfG3vozBovY%2FIdwiNUlo8Tqc3NZjOcvjwovwFOHoULhv0%2FGo434MpzzmuPGQ63aPVCMOhGWyEPp1qnzVtS2MlB6p1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b179577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 157584

GET
H3 200 image3.png
ephemeralelixir.com/caaircanada/rp-assets/ 182 KB
183 KB 127ms
126ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/image3.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48548a79e35bb6ed2f5fa41a789511631c556ea3ae5a4c7b8e33419cd3c60103

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7e-2d831"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1R1L4en4e%2Bd7FMAZy5HKcD%2BnGw5H1EvqiOofJaVHtQAa34tdQuxcEOWXy0IdD1tzooR71MuY8DodIoZcG1joLGz532k%2Bbjdg8sy6qX19WgglU%2FSF6iC1HCYoNrgf1E28P%2Bp32ILs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b1b9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 186417

GET
H3 200 1.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 96ms
95ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/1.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab79-80d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rqi32AIBRzkavT9hu5zNCITzjBiQ347f7gIDiaVvzHmBmVJWPijBdr1L9xJiPtDZoWn4xSQIduYKTGXGRwUaV9koVk9gIxWiSLYs9zEEMSP2h4KN%2FO2EZMyUCSD0NAf6JdFmQKB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b1d9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2061

GET
H3 200 2.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
3 KB 84ms
82ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/2.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab79-88e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KduZBm1tp%2FPMiLym0h7fsDXDedtsjTJLzgLYfThf47%2BOrY%2FmowKXd8JbG2xsb6xwakFIDoNBkYPnUOSHcLGSIxwUsCUFmaWKDVUZu8uVLculok78trdOYOvP3bfhIlFRNCTV8L4%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b1f9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2190

GET
H3 200 3.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 103ms
102ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/3.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab79-7ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syOLqLyuI8Q1VV189pyzxHAAmZbdVRzUp61iFf7eYCNWopVeS6V66TXhcysQNK0GkdgU5N4Dez96Gg1%2FDRYuDR9fFHuSJYl8rziH5hCEOl3OsrOe0oHHC1yTLc%2FuhF7DZIx544LD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b209577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2028

GET
H3 200 8.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 84ms
83ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/8.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7b-815"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2%2F08vs9kCCBMJeGpmYRg4jn9x4PQ1vvxB6BYPkduT9Y8oF4JnwU9mjacEgEqCDzy5yJcIDEqx7PqVPQsKtCSMEOKMNQ7m4bpDz7SoAunDxvS7XHqgct%2BFBHEjTkUX%2F11c9kcxvD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b239577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2069

GET
H3 200 5.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 85ms
85ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/5.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7a-785"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lglYaIktM9H8zQBD%2BKALbRbqENV%2Bj%2FffbOgp7p%2FsmuavLgYSYo4o0kFOI1Htpf%2F7XW3i5%2Fuuqg7UnJ2TIANHXPtTbbOOH2ti3jcFmSCrjvHO%2FL0RHKQSgqSbwlx8ykL0XJmEvh4F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b249577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1925

GET
H3 200 7.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 99ms
99ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/7.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7a-73f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tW8GhZug9JodxB%2Bxl1r1NoTQR62%2BPSFMNOQYk71KfzbHAR9WY4OPCzm5pKSX2SKNC3cPJZ%2BLLbKxEiQo%2B87yX1Lu%2F5dd2hSnBpiLMGoGX0jbBINX5ZRY2euFegLGZKtgJVsQZJvY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b259577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1855

GET
H3 200 6.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 103ms
103ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/6.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7a-756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmQbHO%2FDs9xiJmzKTVdRYNjmfn0RoRULBFQ04vO1iT%2FLgfOnD3rTg%2BXyW56N%2FzrxgIthoRsucyErAnR6RzSGOGYdqhbJtWt6eN0NONkF7PiWRwptqJfCfPLMI%2BdPydGGMQB6fmMX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b269577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1878

GET
H3 200 4.jpeg
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 100ms
100ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/4.jpeg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7a-817"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SG6PCL0lY3Sdi7dZRw3iZG5bXqxJeLE2AoHThSfIxuSNHiq2vmDBn2sB3bLyanwTA78zJZMXuVWBUO3pKJQFT8lEnt7vDgOdHINtLeDmxnbQrVl6hhzw4ouwqfp0kdOkBz7lt6p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b279577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2071

GET embed.js
blaclclubmoon.com/ 0
0

GET
H3 200 bg.jpg
ephemeralelixir.com/caaircanada/rp-assets/ 149 KB
150 KB 177ms
177ms Image
image/jpeg 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/bg.jpg
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc64bfae8f67920364d4fc89fcb9f80794411a02f198619a833072c115d065e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/css/style.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7c-254b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILWZZKPiTYzC7RMXjBC8KNejcByA%2FD6UlysXmPAzP2KYJu3O7yx%2FNfnFwrmV4qb764fGNlTfr9FlKVHzFOeT5tuMzekpZsv17wUXBAyugDezWRmYsZiR10v0qfYIw7GKAcCDTbc7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b299577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 152759

GET
H3 200 alert.png
ephemeralelixir.com/caaircanada/rp-assets/ 2 KB
2 KB 106ms
106ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/alert.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e746affcc5738708ce0a7eb2f3e4e5469406050181561dc44ecb47cd6606f711

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/css/style.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7b-7a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMx41BxMMmqErUTsXs6QC8kZbpKS3WR6Pgn8%2BKzVXwdkIEuUkC03HZXjUTmZ%2BKWz6p25Qm%2BlAYsZ7O1WBW1h8aPUH10jxDCb2b9NqNRgiEByZSEw5chOMoSnN5bbNybKOMptDu26"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b2a9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1957

GET
H3 200 verified.png
ephemeralelixir.com/caaircanada/rp-assets/ 8 KB
8 KB 86ms
86ms Image
image/png 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemeralelixir.com/caaircanada/rp-assets/verified.png
Requested by: Host: ephemeralelixir.com
URL: https://ephemeralelixir.com/caaircanada/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/css/style.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:02 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:32:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bbab7f-1f6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0QQkQtOPnhdvgzW75E%2BXo%2F88HoUGqyFe38kasCHljEM3e3TgSlS%2BqLMmBkQqxLkHiPknAY%2FI9JDUKLgT8AUcs39lU2MoaePaY%2FnSl5J%2BWUOt5I8HPLqbiGLuOhHxTr7AEpX0LRK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86d8fba65b2b9577-LHR
alt-svc: h3=":443"; ma=86400
content-length: 8047

GET
H3 404 favicon.ico
ephemeralelixir.com/ 564 B
572 B 40ms
39ms Other
text/html 172.67.136.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemeralelixir.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ephemeralelixir.com/caaircanada/index.html?session=7d7f39124d8081c209a5bb3e9348a41d&fluxf=2097938847831226924&fluxffn=2097939812755003311&ffdomain=onelikeservices.com&category=default&firstname=&surname=
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:39:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErsGMb1oEZ87x88oVQNbvbIrPinAti6m24OEtdUgxWsE%2BqCJbT028mwydYTbYUdIVe%2B%2B54SC9HkcvGWJIf5lANraaT9wCHtuk%2B18K9EYMnZIbDJG8JTVq2AXNUyFnHvjwydoV38n"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 86d8fba7cd1a9577-LHR
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blaclclubmoon.com
URL: https://blaclclubmoon.com/embed.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.airhockeyloserkiek.com/	1969-12-31 23:59:59	Name: sl Value: OdvWY0vRFLeklMylUbDkp2wd/J37brkabqGNIfxbQ2wrKL4Ka0neIA==
.airhockeyloserkiek.com/	1970-01-21 05:08:58	Name: tm Value: 2c/KSOl4ktXxRapSxFwK02wd/J37brkabqGNIfxbQ2wrKL4Ka0neIA==
.airhockeyloserkiek.com/	1970-01-20 20:16:10	Name: c20088 Value: OdvWY0vRFLeMmuUYWvi6s7IQEQYyC434PA5OFaRgeLyU3KsYguTmig==
www.keysearchonline.com/	1970-01-20 19:34:25	Name: uniqueClick_WT23LQ Value: cd15c518-87a7-4516-a444-e86503665f88:1711978741
www.keysearchonline.com/	1970-01-20 21:42:34	Name: transaction_id Value: dfaecfa3038d4c299b9cad1a6d1bb8a0
onelikeservices.com/	1970-01-20 19:34:25	Name: PHPSESSID Value: 7d7f39124d8081c209a5bb3e9348a41d
onelikeservices.com/	1970-01-21 04:18:34	Name: csid3 Value: 7d7f39124d8081c209a5bb3e9348a41d

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://uywcaducveyy.acuteseowordpresswebdesign.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://blaclclubmoon.com/embed.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ephemeralelixir.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airhockeyloserkiek.com
blaclclubmoon.com
ephemeralelixir.com
fonts.googleapis.com
onelikeservices.com
swederlands.com
uywcaducveyy.acuteseowordpresswebdesign.com
www.keysearchonline.com
blaclclubmoon.com
141.98.232.193
172.67.136.121
172.67.148.151
188.114.97.3
2a00:1450:4001:81c::200a
34.76.75.249
34.76.98.215
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3e07bee49ad726d7eefc82c545f82567daded6017c9cf757057a082b6fa9de73
48548a79e35bb6ed2f5fa41a789511631c556ea3ae5a4c7b8e33419cd3c60103
4c0ade33d65998846b535729fb39b5c9149f28fd60bbb0c6f17f24801cabf866
553b348a08db5babb6772a1c61d037020703d2226fcca5ca2bb739dad2ec6b5f
6236b58f4399f4e4ba973a31565b2a159d67d86d3d8c7c71beaea5f58c1d92b5
647de546a24e3ad286e787cd549bba5ca0a2f464d31ceae020afac0c52338042
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
85c364dbcdc66e07a0015809c2bcca39222789c9d62625d5a4a12a0fa54c97bd
9837c0365ab8f0d0c21fe5a29701ab5eea341ccd63ebf0265a88dceacb14f59e
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bc64bfae8f67920364d4fc89fcb9f80794411a02f198619a833072c115d065e4
bf22243942685f13bcda3453cbb8c7fb8f2af58786522d2e4d27434584f5167f
c0a8de574d0c0b8d24a56ea713deb4e0c08e13f98fa3bc5b6d8ffa92454609bf
ceb3d1eb6db996da90067e7e185aff9d4c9b7ee35f4a3908bde5f492691c42f5
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e12fffcd1ece8df01e5e6889fb06b781365f15a673a932d2cb3d57d319756e39
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e746affcc5738708ce0a7eb2f3e4e5469406050181561dc44ecb47cd6606f711
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ephemeralelixir.com Open in urlscan Pro 172.67.136.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

86 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

5 IPs

5 Countries

807 kBTransfer

1052 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ephemeralelixir.com Open in urlscan Pro
172.67.136.121 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

86 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

807 kB
Transfer

1052 kB
Size

7
Cookies

29 HTTP transactions
0 data transactions