urlscan.io logo urlscan.io
SecurityTrails logo

www.theonedayflip.com Open in urlscan Pro
2606:4700::6810:ec2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwF...
Effective URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ET...
Submission: On October 25 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6810:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theonedayflip.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 20th 2024. Valid for: a year.
This is the only time www.theonedayflip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:216... 16509 (AMAZON-02)
2 2 2600:9000:26d... 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
24 4
1    2600:9000:2165:d800:9:f218:5080:93a1 (United States)

ASN16509 (AMAZON-02, US)
links.from.empiretradinginsider.com
2    2600:9000:26db:c200:1a:d319:7e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure.empiretradinginsider.com
1    2606:4700::6812:89f (United States)

ASN13335 (CLOUDFLARENET, US)
m1mm.isrefer.com
4    2606:4700::6812:78f (United States)

ASN13335 (CLOUDFLARENET, US)
m1mm.infusionsoft.com
3    2606:4700::6812:1feb (United States)

ASN13335 (CLOUDFLARENET, US)
m1mm.infusionsoft.app
13    2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.theonedayflip.com
2    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Domain Requested by
13 www.theonedayflip.com www.theonedayflip.com
static.cloudflareinsights.com
4 challenges.cloudflare.com www.theonedayflip.com
challenges.cloudflare.com
4 m1mm.infusionsoft.com 4 redirects
3 m1mm.infusionsoft.app 3 redirects
2 static.cloudflareinsights.com www.theonedayflip.com
2 secure.empiretradinginsider.com 2 redirects
1 m1mm.isrefer.com 1 redirects
1 links.from.empiretradinginsider.com 1 redirects
24 8

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.theonedayflip.com
Cloudflare Inc ECC CA-3		 2024-01-20 -
2024-12-31		 a year crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Frame ID: DC91A3E5022A4223CB9AC4975C05306E
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1k9d8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: EC58C6FBC110C5DDE1542A0B7C30F796
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eg1en/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: B9A8D1C6269960E5E0862C91A442C85F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785... HTTP 303
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain... HTTP 307
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&doma... HTTP 302
    https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZ... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZ... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 301
    https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 302
    https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmai... Page URL
  2. https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

24
Requests

79 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

4
IPs

1
Countries

156 kB
Transfer

410 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwFsuVfobaZ0TndKdyt_pqOwl0yZP-7fvRfwlstDpE9pHVkLTWgfdH13hlWm0Q_xpDuOmbWzc-6tabHGhxYKLUizPqFOeyobBopMISMPMWd_xS8_YctRFQhEUeH3ajuwlQrqmbbbCcdwXhQZGC__i_3oQstmFfpWXm4jChEuGMgAgriSQpTmrYlyNOom4hK0xa0nHMsxLpsj-mMFlBeeR_Dz8jXjW0KSOSSCDDZgidorc3gTNpQ2hZuhuBB5ZBzkC6XYrQjduIwwrrfwJ8KVfbPZo0sycBBbj07w0OerVYyW55TP1-2YD7iaNGx1eaK3C3VaRZgxZlCtVkR6ubbQFXbnnJU8l9xdo= HTTP 303
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 307
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 302
    https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk%3D&store=NEU5MzU4NURGQTg2MUQ5MTVEMjNDRjZENUE1RjQzNUU%3D HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk=&SessionCopyComplete=true HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b HTTP 301
    https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b HTTP 301
    https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd HTTP 302
    https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477 Page URL
  2. https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwFsuVfobaZ0TndKdyt_pqOwl0yZP-7fvRfwlstDpE9pHVkLTWgfdH13hlWm0Q_xpDuOmbWzc-6tabHGhxYKLUizPqFOeyobBopMISMPMWd_xS8_YctRFQhEUeH3ajuwlQrqmbbbCcdwXhQZGC__i_3oQstmFfpWXm4jChEuGMgAgriSQpTmrYlyNOom4hK0xa0nHMsxLpsj-mMFlBeeR_Dz8jXjW0KSOSSCDDZgidorc3gTNpQ2hZuhuBB5ZBzkC6XYrQjduIwwrrfwJ8KVfbPZo0sycBBbj07w0OerVYyW55TP1-2YD7iaNGx1eaK3C3VaRZgxZlCtVkR6ubbQFXbnnJU8l9xdo= HTTP 303
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 307
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 302
  • https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk%3D&store=NEU5MzU4NURGQTg2MUQ5MTVEMjNDRjZENUE1RjQzNUU%3D HTTP 301
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk=&SessionCopyComplete=true HTTP 301
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b HTTP 301
  • https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b HTTP 301
  • https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd HTTP 302
  • https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
odf-vsl
www.theonedayflip.com/
Redirect Chain
  • https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwFsuVfobaZ0TndKdyt_pqOwl0yZP-7fvRfwlstDpE9pHVkLTWgfdH13hlWm...
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2
  • https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1p...
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbm...
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b
  • https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec17...
  • https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec17...
  • https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a...
12 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17da5a04770ef3a74226e5c1e29590d94148aa93a5380621017f3f738f9c02b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
txcK31YV3a8T3jDL8VMWxMR6Yn3bPxUQTc0EO+SfG12aTR8V2dbup1zYGR4O+G6CzO3LaVBB7zygAnribd2OOOSUJ4tFgOvvBJEoBpG8J0DWsUhhtBNrAe95PA+8q4L+mQ3PfW138+9xkmnvtq1aPA==$kE/+OQ+DRQ8Rv/Iz2EbEGQ==
cf-mitigated
challenge
cf-ray
8d832d8c293dd9d4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 25 Oct 2024 15:18:13 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8d832d8a9d8e5b26-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
date
Fri, 25 Oct 2024 15:18:13 GMT
expires
Fri, 25 Oct 2024 15:18:12 GMT
location
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d832d8caa5b363b-FRA
access-control-allow-origin
*
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
v1
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832d8c293dd9d4
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab9a318d3e938324782d9cd48074582ae3752b66835a5cec3a03534f3f01eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477&__cf_chl_rt_tk=yHTn9yob__8OMysgabG_hzT6BdZy3zuF7OVEhk7gRoI-1729869493-1.0.1.1-9cV6YGL5rwK3EP9FVRFBIFP1rImVNVvOiCtqHjttX_M

Response headers

cf-ray
8d832d8c8a1cd9d4-FRA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
45495cc2-0271-431a-bc73-b1e1ba83942e
https://www.theonedayflip.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832d8c293dd9d4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d832d8cfe19dbf3-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 21:21:17 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.theonedayflip.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theonedayflip.com/favicon.ico
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cb6f3cb8178dabf4091ca41f1e4e5ea6f6486d0fd1032cab1d0af64df8e1a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
28DZ6OzKdnzR9PsOnlqGzv/rbnnKc35q4esdcDqal8pFTrfQbqOnMT9DK4YHclBTEqeVcEEZFoWUaPdUCZGzrebGktyiZpXJCyvMmQtU/lwxPZLFaO51au40E/hr67+fIEibLGbFjfv0gpVtioWC3w==$X7yhn+QWpuBf5Aoy30uI4Q==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832d8cfb0ed9d4-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
rum
www.theonedayflip.com/cdn-cgi/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d832d8d2b80d9d4-FRA
access-control-allow-origin
https://www.theonedayflip.com
date
Fri, 25 Oct 2024 15:18:13 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
www.theonedayflip.com/ 		8 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c2fbadb683e167235f5f6cbd36528d340d0c352201371acafd36c6562a042c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
vclX715Zjkf1be4S7ruRJ3Pi/v1li68o0GkN5tV6aC3Jd3XrSQNqeXwne9nvs9bcGIaHSmHQ2b2dgnP77jgaKVs6O6m3pUryY7qJPhHt6E6Ls4x94Ysl3tCH/lOacTAbkj/gWVovcCJyXoybaDx+Bw==$aFl1tzxamqXoUnK/mBHFEQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832d8d2b83d9d4-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/289344781:1729865479:0zebJqWT5du4ftghcrdkWnUHe6Cf-vqUU20I11I2oKk/8d832d8c293dd9d4/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/289344781:1729865479:0zebJqWT5du4ftghcrdkWnUHe6Cf-vqUU20I11I2oKk/8d832d8c293dd9d4/CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832d8c293dd9d4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2341dd2ed22ce2e055bd5aebe95be0b8c913020f480ba19e9ec3073e4fe0e86

Request headers

Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz

Response headers

cf-ray
8d832d8d9cb5d9d4-FRA
content-encoding
br
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
q8Ts57uwSfcbdDG2Bo+xgsFcds1DDx3nnFktalXnQDiXe0hGUANAjQ+STJBV7fRN5e156syhyIE=$Zizj4MUMRkG69HtK
server
cloudflare
02626870-76f7-4558-ab30-dc3240f220bf
https://www.theonedayflip.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1k9d8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame EC58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1k9d8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d832d8e1b811979-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 15:18:13 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/289344781:1729865479:0zebJqWT5du4ftghcrdkWnUHe6Cf-vqUU20I11I2oKk/8d832d8c293dd9d4/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/289344781:1729865479:0zebJqWT5du4ftghcrdkWnUHe6Cf-vqUU20I11I2oKk/8d832d8c293dd9d4/CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832d8c293dd9d4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c65e950d5a944af5f48b7db0dcee735f819cf03f699a5289e244b6bcdfd48c6

Request headers

Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
CKJwXH5JXgDciZNEhBb5IRoB3VxCbvjXxLfBxgksEq0-1729869493-1.2.1.1-X8BXv3_LscoR._f7U05xdvkitoilTTJ1KTkewtJb_YhJSsmDPrI.1Ozl1diteSqz

Response headers

cf-chl-out
HBtdqgavMjHG5G17fyAhBzTW1L77NzY/RcI9nrrqUxyeTngoSC+tastf9ulhJDlUcRNrcPbXIPKG6kG9ip2epKHAlxeIdKhxflRI0a2d6x/wVHoPRpO2hJ8=$d2Mx6irWrE8R99Vi
cf-ray
8d832d938a27d9d4-FRA
content-encoding
br
cf-chl-out-s
Fnwq0fCaDtyoB6uu4zxRAMdCE/cxLEJAS5TfKhcNmaxsExCBYPMTHBSbq/Ou5R5KTWhTFmJYsyR5gPEdDZot59takINASWVbdCbA7FG7FK08kzcAK40b3BuHhcrqteOJ6RJ7OFk7cMFkSdjkkRnoUKsew/kcW1JOmazsBfuPK6EKVtV7gUZJmDbj0ByUSdgU+R0XvG9o0XujxJ8p2OeGLbKAy46gDQ87uQ4dXs3eneb8QEZXg4L49+Ua3u28l/v0rBrdk9cQSFFioX6z3uGbWlMgFrsOsVsnEZBUImPCrtLEhGHuQcgBSmtLpiBT3ujgek4T5LUaxMQYfVkHMdKg5NUYV49S8a0fF9B+BiWtY3rkLU5RC66XSfhZ23ihPVy2dkywsqnKq3N5bGJyd8PBOFY+sypTk+LNlF7Fy3hbLGZvtAg71+HMpgOOzxuyxuB7D8yX+jtcV/aNVomPEfooZNPRJ4M9v7AAO6B8Gs164swgpcsO576KWybIK8FhhB8uO05BY52m0IADlcpAhV9ljstesGWy5UamvTj3+99Zh+LKvNiKUlx+L1hyL7fUZHhu0NNcdkny3W2mVVTnEHcwiS6Jfziw1AB0eNcEUGSX9hPPhWLDp+F9DlL8SljI5ESom7bbFJzju56s9slBSVqv29Zxf8Br4tyuUrvnmtdWbHE1mfcw5u3uCW8eLxvRbAAKVt3syIpOTkhiAzmZvYlU6dBxYD8rJpXvARlMjOqGTY+Khc2GIJA2wILb5LaCZIZmm0jCyc7NNQNO3Cr1ECKInmpjcwv4v4pF2HzU92O9u5potic3IrzkzNobw0Ad+kjtxZRNOAK+ytY=$AXwNwYadddSmP8Km
date
Fri, 25 Oct 2024 15:18:14 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
Primary Request odf-vsl
www.theonedayflip.com/ 		10 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a0dc999f31f979916d53818e3057694dfb86e43ae723da582aa0a7d9214d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
uqY1jRXfboAyPZ+lSE8MRV52uLMZau7Uwnb28R2fM0bfGgdOLuiAB8qEy+XffoKeUKR03l5gFivkJQetRwyp9/DUjAReznKSekgZoe/D9J0h67rOtLExqGjsQr3eaExLAqFbBTY8ZICS5qlzEJoH/w==$m61PkuhA/h+5xWUANgYDnQ==
cf-mitigated
challenge
cf-ray
8d832da08a6cd9d4-FRA
content-encoding
br
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=QA7VdbvWqvdwcsyRfopZ5m1efAtv.G3wiOxNjg7TV20-1729869496-1.0.1.1-aPRWA3cUCvRlTu5T_cZS5W.V3NJ3WDqo6kR49U7vpsOgqxkuZS5LsOE91ZaV.8FSWpWHmye3LStb93CHvNOkInioMleHqY3w621bzxkFfMIQvoSfHNpu509vgsci4db3kkUoar_vyXgYqNf9YdrlWsscuKQKbCoz6i_4YYmhtVM; report-to cf-csp-endpoint
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 25 Oct 2024 15:18:16 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=QA7VdbvWqvdwcsyRfopZ5m1efAtv.G3wiOxNjg7TV20-1729869496-1.0.1.1-aPRWA3cUCvRlTu5T_cZS5W.V3NJ3WDqo6kR49U7vpsOgqxkuZS5LsOE91ZaV.8FSWpWHmye3LStb93CHvNOkInioMleHqY3w621bzxkFfMIQvoSfHNpu509vgsci4db3kkUoar_vyXgYqNf9YdrlWsscuKQKbCoz6i_4YYmhtVM"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
rum
www.theonedayflip.com/cdn-cgi/ 		0
0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d832d8caa5b363b-FRA
access-control-allow-origin
*
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
v1
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c89ba0007a31a1663d80e3e5be78db2c3b10b682457f153fbb76d23cb3e8d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477&__cf_chl_rt_tk=zQXnu881HdmMBpSv.2eed60Dw.NdoEcbfbIxE1OPcVU-1729869496-1.0.1.1-AwrghaPvYjvB9E_utfvphUoHyKcpyGbeEsF_ifXMefM

Response headers

cf-ray
8d832da10b78d9d4-FRA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Fri, 25 Oct 2024 15:18:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d832d8cfe19dbf3-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 15:18:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 21:21:17 GMT
server
cloudflare
vary
Accept-Encoding
0fdf3453-0781-403c-bd8d-ce5a37e73eaf
https://www.theonedayflip.com/ Frame 		0
0
favicon.ico
www.theonedayflip.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theonedayflip.com/favicon.ico
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3beb8a299513ed38f11007a3373de3c84386867c243e353a9b15c65fb65020f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:18:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
a9oQKOkPiAuoC3FslEsX3/IWPeUKixBW2YxZsNO9ow348VPdWAULms2R75P1FLrgL5aBCQuJYPdVMlNc7Hvr50wwzakb9YU/HwN8jUH+cGwaW4w0gk7FQORNPT1b5yaoCDcLgsOW/b16J7+cWEBJlw==$qCrwkR8Vxr/HM939Mu3vpg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832da1dd81d9d4-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
rum
www.theonedayflip.com/cdn-cgi/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d832da21e13d9d4-FRA
access-control-allow-origin
https://www.theonedayflip.com
date
Fri, 25 Oct 2024 15:18:16 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
www.theonedayflip.com/ 		8 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2b80223408f666c597e5abc2abae90506e943f822d531082f307645cfae0a7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:18:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
mRlpmTfZsshraGZhRDb2jC+pyJ9ZOdWsZ4e0CNgPp/Yw5ntIXSVFLdzDv5lB4iJG1jTIYDYLBmffOE0FQjYMcs12vvtwnt2Io4RVso+KXb1p6z5r1hPZs+SkMjN0DImTFvUNas9UdupMUMniG+DSqQ==$q8M85D4RNXQPTLsMVTyk3Q==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832da21e15d9d4-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
Sse_qrKJQqMAskXDhw4Mf4WLNLt_ZTC.quGCMlij4No-1729869496-1.2.1.1-Bu9ngSZWJn2GkLCiBLqyUkH58ulbcpwWeDNfosfBQ9XVQUL9JBWw3pSJHxcy0OEs
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/682165462:1729865392:DWbJyeAJAZhDYJRI0uk71jTZtiXe9GNayET1s2eR5Ic/8d832da08a6cd9d4/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/682165462:1729865392:DWbJyeAJAZhDYJRI0uk71jTZtiXe9GNayET1s2eR5Ic/8d832da08a6cd9d4/Sse_qrKJQqMAskXDhw4Mf4WLNLt_ZTC.quGCMlij4No-1729869496-1.2.1.1-Bu9ngSZWJn2GkLCiBLqyUkH58ulbcpwWeDNfosfBQ9XVQUL9JBWw3pSJHxcy0OEs
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6697aea66ef4286042c3a0cc458b04a84f3692d266c0dd6f51d0c23e8f0780d4

Request headers

Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
Sse_qrKJQqMAskXDhw4Mf4WLNLt_ZTC.quGCMlij4No-1729869496-1.2.1.1-Bu9ngSZWJn2GkLCiBLqyUkH58ulbcpwWeDNfosfBQ9XVQUL9JBWw3pSJHxcy0OEs

Response headers

cf-ray
8d832da29f2dd9d4-FRA
content-encoding
br
date
Fri, 25 Oct 2024 15:18:16 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
T9lLcqjM2XchdhRN8rG+fF55dI2g9HactT59aUxgyeyI7ENFeSJJIK6Vc2a8RGF+8BVrjizpwwQ=$PM+Fkj+X+RsPzk4l
server
cloudflare
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eg1en/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame B9A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/eg1en/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d832da30c361979-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 15:18:16 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
507aea7c-b66e-45ab-bdd0-77dbf4d74d73
https://www.theonedayflip.com/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/45495cc2-0271-431a-bc73-b1e1ba83942e
Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/02626870-76f7-4558-ab30-dc3240f220bf
Domain
www.theonedayflip.com
URL
https://www.theonedayflip.com/cdn-cgi/rum?
Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/0fdf3453-0781-403c-bd8d-ce5a37e73eaf
Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/507aea7c-b66e-45ab-bdd0-77dbf4d74d73

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt object| __cfBeacon function| pqPjZ5 function| gFEi8 function| Lsws0 object| xpuJb1 object| ZQkn8 function| tDpp4 function| gQBhC1 function| QyLSu7 function| OkUJb2 function| eLZdk2 object| XXnfe7 number| qGJle3 object| angular object| VBhX8 object| turnstile boolean| Toah6 function| _ string| HShN1 boolean| blpi3

22 Cookies

Domain/Path Name / Value
.empiretradinginsider.com/ Name: iterableEmailCampaignId
Value: 11487538
.empiretradinginsider.com/ Name: iterableTemplateId
Value: 15104282
.empiretradinginsider.com/ Name: iterableMessageId
Value: a6e34960751e45d4bffd298fa0785fcb
.empiretradinginsider.com/ Name: iterableEndUserId
Value: carl.vleminckx%40gmail.com
links.from.empiretradinginsider.com/ Name: XSRF-TOKEN
Value: 47a6a93f464a010313288ae6745511a2f34b6f68-1729869491173-269621cb642ccd376fefc2ec
.secure.empiretradinginsider.com/ Name: 24071974-38f4-4191-9ca5-273c88a7562e-v4
Value: 4wEX1yPVBxegEhlLz_gG0eT1U8-VBOA3Pb6_1ABDmNM
.secure.empiretradinginsider.com/ Name: cc-v4
Value: G9FKJggh2FKvdAgPzSqw%2Bz6%2FRJywMWBicrhPHYxw2PcOijwbdpU%2BOvWeCrfEAkjf22vqo4mR2IbhPMD6NpL6OUQdpCFS9KA6fpnurTR7LOOvgvLBEBklmlvyiK6AgfE89LOPgsPoGVcSfyHDJCL1wA%3D%3D
m1mm.isrefer.com/ Name: JSESSIONID
Value: 27C7CC6BCB88071036E5265E722AB7DD
m1mm.isrefer.com/ Name: GCLB
Value: CPf914yD8v-blwEQAw
m1mm.infusionsoft.com/ Name: JSESSIONID
Value: 4E93585DFA861D915D23CF6D5A5F435E
m1mm.infusionsoft.com/ Name: GCLB
Value: CMm_yJuc0sKH8QEQAw
.infusionsoft.com/ Name: __cf_bm
Value: SOZcmynKkCU5NdtW3vPoMVdVP30PPQE9KzFMUZZCb1s-1729869491-1.0.1.1-Q4txz8ztdOnWaYBfrBd.hg2L9wEXlmM_1afcs6lhvDYzBSw2fP7kib6tkrsmKBGuxdCFKZh0dRquQNimD.vKIg
m1mm.infusionsoft.app/ Name: JSESSIONID
Value: 4E93585DFA861D915D23CF6D5A5F435E
m1mm.infusionsoft.app/ Name: GCLB
Value: CLfvq9blz4fNqAEQAw
.infusionsoft.app/ Name: __cf_bm
Value: m8wC9MDwllzaOm8V5KLvNSZqjFgxVwcuWL4M0Nexsx4-1729869492-1.0.1.1-AHKIHB6Oc4vfk3flWCWM9TQ_b66RB6Zz_1OjYWeYXQ1m3gUs8TczEWMgwbPPgb.iW8s2UImALhr6ETNONwP8YEhVdMDSYsQpRz0BtYyJwT8
m1mm.infusionsoft.com/ Name: NewDomainSessionCached
Value: 1729869492276
m1mm.infusionsoft.app/ Name: affiliate
Value: fandi
m1mm.infusionsoft.app/ Name: contactId
Value: 0
m1mm.infusionsoft.app/ Name: jumpLog
Value: 36881775
m1mm.infusionsoft.app/ Name: linkedJumpLog
Value:
.www.theonedayflip.com/ Name: __cf_bm
Value: lurqdtZ9HvHE53rIUS4VhKmvuA4V4ok7O1YMDOB1Bms-1729869493-1.0.1.1-hmGo2lf8dHX_1xKkkgAXxFbndyY244Tsb.plbehE1bj1kVrkzDmEoXPp9YksyGbGYkM_1CXUq.V4T4w9iQUvi9790DOoJBIP33Lp6.OzUuc
www.theonedayflip.com/ Name: cf_chl_rc_ni
Value: 1

16 Console Messages

Source Level URL
Text
network error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-dg2e1/zhHIDstTsjumyr34godai0wmA+bonhYjwLytM='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477
Message:
[Report Only] Refused to load the script 'https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=812ec170-f713-4c49-8afe-93d3004d077b&cookieUUID=a5391119-027e-49b4-a64f-2970282bb3fd&affiliate=1477&__cf_chl_rt_tk=zQXnu881HdmMBpSv.2eed60Dw.NdoEcbfbIxE1OPcVU-1729869496-1.0.1.1-AwrghaPvYjvB9E_utfvphUoHyKcpyGbeEsF_ifXMefM
Message:
[Report Only] Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to create a worker from 'blob:https://www.theonedayflip.com/0fdf3453-0781-403c-bd8d-ce5a37e73eaf' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to load the script 'https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".
security error (Line 73)
Message:
[Report Only] Refused to create a worker from 'blob:https://www.theonedayflip.com/507aea7c-b66e-45ab-bdd0-77dbf4d74d73' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832da08a6cd9d4
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
links.from.empiretradinginsider.com
m1mm.infusionsoft.app
m1mm.infusionsoft.com
m1mm.isrefer.com
secure.empiretradinginsider.com
static.cloudflareinsights.com
www.theonedayflip.com
www.theonedayflip.com
2600:9000:2165:d800:9:f218:5080:93a1
2600:9000:26db:c200:1a:d319:7e00:93a1
2606:4700::6810:5049
2606:4700::6810:ec2
2606:4700::6812:1feb
2606:4700::6812:5e29
2606:4700::6812:78f
2606:4700::6812:89f
17da5a04770ef3a74226e5c1e29590d94148aa93a5380621017f3f738f9c02b7
6697aea66ef4286042c3a0cc458b04a84f3692d266c0dd6f51d0c23e8f0780d4
6e2b80223408f666c597e5abc2abae90506e943f822d531082f307645cfae0a7
76a0dc999f31f979916d53818e3057694dfb86e43ae723da582aa0a7d9214d67
77c89ba0007a31a1663d80e3e5be78db2c3b10b682457f153fbb76d23cb3e8d3
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
93c2fbadb683e167235f5f6cbd36528d340d0c352201371acafd36c6562a042c
9c65e950d5a944af5f48b7db0dcee735f819cf03f699a5289e244b6bcdfd48c6
c2341dd2ed22ce2e055bd5aebe95be0b8c913020f480ba19e9ec3073e4fe0e86
d3beb8a299513ed38f11007a3373de3c84386867c243e353a9b15c65fb65020f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9a318d3e938324782d9cd48074582ae3752b66835a5cec3a03534f3f01eda
f1cb6f3cb8178dabf4091ca41f1e4e5ea6f6486d0fd1032cab1d0af64df8e1a9
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf