urlscan.io logo urlscan.io
SecurityTrails logo

www.theonedayflip.com Open in urlscan Pro
104.16.13.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwF...
Effective URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ET...
Submission: On October 25 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 104.16.13.194, located in and belongs to CLOUDFLARENET, US. The main domain is www.theonedayflip.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 20th 2024. Valid for: a year.
This is the only time www.theonedayflip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.138.106.62 16509 (AMAZON-02)
2 2 18.160.10.34 16509 (AMAZON-02)
1 1 104.18.8.159 13335 (CLOUDFLAR...)
4 4 104.18.7.143 13335 (CLOUDFLAR...)
3 3 104.18.31.235 13335 (CLOUDFLAR...)
6 104.16.13.194 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
11 5
1    108.138.106.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-62.jfk50.r.cloudfront.net
links.from.empiretradinginsider.com
2    18.160.10.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-34.iad12.r.cloudfront.net
secure.empiretradinginsider.com
1    104.18.8.159 (None, )

ASN13335 (CLOUDFLARENET, US)
m1mm.isrefer.com
4    104.18.7.143 (None, )

ASN13335 (CLOUDFLARENET, US)
m1mm.infusionsoft.com
3    104.18.31.235 (None, )

ASN13335 (CLOUDFLARENET, US)
m1mm.infusionsoft.app
6    104.16.13.194 (None, )

ASN13335 (CLOUDFLARENET, US)
www.theonedayflip.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Domain Requested by
6 www.theonedayflip.com www.theonedayflip.com
static.cloudflareinsights.com
4 m1mm.infusionsoft.com 4 redirects
3 m1mm.infusionsoft.app 3 redirects
2 challenges.cloudflare.com www.theonedayflip.com
challenges.cloudflare.com
2 secure.empiretradinginsider.com 2 redirects
1 static.cloudflareinsights.com www.theonedayflip.com
1 m1mm.isrefer.com 1 redirects
1 links.from.empiretradinginsider.com 1 redirects
11 8

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.theonedayflip.com
Cloudflare Inc ECC CA-3		 2024-01-20 -
2024-12-31		 a year crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Frame ID: 5B9C9AD98D435F240698D8372DA5300D
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/txtvw/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 9053D6B56F043BAC0FC869CC5F4BDE53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785... HTTP 303
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain... HTTP 307
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&doma... HTTP 302
    https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZ... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZ... HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vlemin... HTTP 301
    https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 301
    https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 302
    https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

5
IPs

2
Countries

93 kB
Transfer

209 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwFsuVfobaZ0TndKdyt_pqOwl0yZP-7fvRfwlstDpE9pHVkLTWgfdH13hlWm0Q_xpDuOmbWzc-6tabHGhxYKLUizPqFOeyobBopMISMPMWd_xS8_YctRFQhEUeH3ajuwlQrqmbbbCcdwXhQZGC__i_3oQstmFfpWXm4jChEuGMgAgriSQpTmrYlyNOom4hK0xa0nHMsxLpsl7kN-E8i6dzCOGoKma-6QWj4BlUB0-VwzqizH6SSKGi0Xy9ULjV_zuYE9sLqUM2BYEvhxtavJ08ASV9_xTFb54tpMIBTreZlwU1hqznGYCm9wj7cehSOW6pLROwny8ViJfxGabyQ4pBaqK4dZ_wd5Q= HTTP 303
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 307
    https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2 HTTP 302
    https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk%3D&store=MTcyMjBDNzY1ODM4ODM1MkQxRkE3Mjg3MzdBM0E1MEU%3D HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbmNreCU0MGdtYWlsLmNvbSZ1dG1fdGVybT0xMjJFVEkmZWw9ZmFuZGk=&SessionCopyComplete=true HTTP 301
    https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi HTTP 301
    https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9 HTTP 301
    https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9 HTTP 301
    https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8 HTTP 302
    https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request odf-vsl
www.theonedayflip.com/
Redirect Chain
  • https://links.from.empiretradinginsider.com/u/click?_t=e4c71e8f81824581a8129cbc5d827404&_m=a6e34960751e45d4bffd298fa0785fcb&_e=vi1rAM-m53FwFsuVfobaZ0TndKdyt_pqOwl0yZP-7fvRfwlstDpE9pHVkLTWgfdH13hlWm...
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2
  • https://secure.empiretradinginsider.com/24071974-38f4-4191-9ca5-273c88a7562e/2?email=carl.vleminckx%40gmail.com&domain=122ETI&copy=IMG0855_2JS2
  • https://m1mm.isrefer.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1p...
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9mYW5kaS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWZhbmRpJnV0bV9jYW1wYWlnbj1jYXJsLnZsZW1pbm...
  • https://m1mm.infusionsoft.com/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi
  • https://m1mm.infusionsoft.app/go/odf-vsl/fandi/?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9
  • https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd...
  • https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd...
  • https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=9...
12 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7902d582f22e76de88739400fa07974cb2934916f11143ca62aac1d8f2b71b41
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
v7W6RQ+cLDEf7n0rWvIuVhQMoku+VorQTnf+V1YJxP+EC8m614z5xEJPIWRzL0hemniFGCgKqdtTqAaYR9mxuYMzzUHcrzdjpDouc+ulOmc/U39yv5inR4hknXjmAts15YYf4oqcn15XUvHnJLmh3g==$wt8CZySxpyj+HTKR6MDWQQ==
cf-mitigated
challenge
cf-ray
8d832f022e06a24a-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 25 Oct 2024 15:19:13 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8d832f010bb9aabd-YYZ
content-encoding
gzip
content-security-policy
frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
date
Fri, 25 Oct 2024 15:19:12 GMT
expires
Fri, 25 Oct 2024 15:19:12 GMT
location
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d832f0489f436a4-YYZ
access-control-allow-origin
*
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
v1
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832f022e06a24a
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fec29cd4495d1c58b8605bd11d295a401e7c7b68fb0ea88cb820801e9195086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477&__cf_chl_rt_tk=vJHZjRYYAZOEKbQUE7cFB2N3zeVGQmbQrfWbicjs6kc-1729869552-1.0.1.1-vr2Fa9PeIVNx7GnE_kLeSHm9ItcQskZ7yZ6PBJaFMWI

Response headers

cf-ray
8d832f02beb3a24a-YYZ
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
52604c9f-b728-4159-92e2-6f209de03135
https://www.theonedayflip.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832f022e06a24a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.theonedayflip.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d832f035949b405-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 21:21:17 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.theonedayflip.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theonedayflip.com/favicon.ico
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c206991264934387efc557203482101d70a76eca8719c762a378e9173be234
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
nKxkEL0kaqbVEVbBlSTR+DZ8BTFtAX4sM0oHwfHL2KRRtU8zu1jFG9lfJuItj9H147aNEDSko66pNRvI3PgORx7MKqSiHkCU/st7fNUr59LHkFYFsT8Qv2LgCXRj4qPk9d+L+zVagn6pmYBbEGYp8A==$gmMCbUlsXVWX3LWthkyOVw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832f033f5ba24a-YYZ
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
QqjQxQXlhC_qm_XRZ8yG7bkj05K1y04e1F2Zl7_TH2w-1729869552-1.2.1.1-VifkFjmhMToGVL3iiaXeIMZr.T9suuTcL4VNuEFp9Fs61BAmS5n5MpYLqekSDuuK
www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1251966178:1729865527:G2Ga1Y7oC6TJD3_fZpCjRSGjsDu2JilBBY932DOSPR4/8d832f022e06a24a/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1251966178:1729865527:G2Ga1Y7oC6TJD3_fZpCjRSGjsDu2JilBBY932DOSPR4/8d832f022e06a24a/QqjQxQXlhC_qm_XRZ8yG7bkj05K1y04e1F2Zl7_TH2w-1729869552-1.2.1.1-VifkFjmhMToGVL3iiaXeIMZr.T9suuTcL4VNuEFp9Fs61BAmS5n5MpYLqekSDuuK
Requested by
Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d832f022e06a24a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a22e5a36f8272ad040bcdc1b4db26da269c64493c53fea268ee40acedf59c2

Request headers

Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
QqjQxQXlhC_qm_XRZ8yG7bkj05K1y04e1F2Zl7_TH2w-1729869552-1.2.1.1-VifkFjmhMToGVL3iiaXeIMZr.T9suuTcL4VNuEFp9Fs61BAmS5n5MpYLqekSDuuK

Response headers

cf-ray
8d832f03e858a24a-YYZ
content-encoding
br
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
BS+BfnXm2YhYGUIjUsqm5+pToQJETcA36MZcrVB+lqskaZ3ifTnc7SJpez0KmlvAWbijbt2H2ec=$Ka4tl89pKejz470/
server
cloudflare
d1bf0d2a-a045-400d-8e94-0397db7ec2a8
https://www.theonedayflip.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/txtvw/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 9053 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/txtvw/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d832f049af2ab21-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 15:19:13 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
rum
www.theonedayflip.com/cdn-cgi/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d832f058aa9a24a-YYZ
access-control-allow-origin
https://www.theonedayflip.com
date
Fri, 25 Oct 2024 15:19:13 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
www.theonedayflip.com/ 		9 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.theonedayflip.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7c7632f4e32dfb200783b774b56ff93c7b10907b789e3fab77af2064d89f15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Fri, 25 Oct 2024 15:19:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
tWFUxN/67pXSRv3A7/eVxQTKwwroErZl1BpJ+osdZTztrp1rK47MwqieVWcV7HjxctV8HfTXAfdzJiY0qfgexvru0m/iPmfZXVamJv0IrThXQQXkqw3UZkWoOXctX09Xhm5DUYBxw3BaC9MjF2XszQ==$dIZXdiZ47Lvew2jeTLISzw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d832f077da9a24a-YYZ
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/52604c9f-b728-4159-92e2-6f209de03135
Domain
www.theonedayflip.com
URL
blob:https://www.theonedayflip.com/d1bf0d2a-a045-400d-8e94-0397db7ec2a8

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| eLZdk2 function| QyLSu7 function| OkUJb2 function| pqPjZ5 function| gFEi8 function| Lsws0 object| xpuJb1 object| ZQkn8 function| tDpp4 boolean| QIKX0 function| gQBhC1 object| XXnfe7 number| qGJle3 object| angular object| VBhX8 object| turnstile boolean| Toah6 function| _ string| HShN1 boolean| blpi3 object| __cfBeacon

21 Cookies

Domain/Path Name / Value
.empiretradinginsider.com/ Name: iterableEmailCampaignId
Value: 11487538
.empiretradinginsider.com/ Name: iterableTemplateId
Value: 15104282
.empiretradinginsider.com/ Name: iterableMessageId
Value: a6e34960751e45d4bffd298fa0785fcb
.empiretradinginsider.com/ Name: iterableEndUserId
Value: carl.vleminckx%40gmail.com
links.from.empiretradinginsider.com/ Name: XSRF-TOKEN
Value: 366ca1f13968270b6207ee9ba0c3301822395346-1729869550962-ac6c3e554c86e8bc6577697f
.secure.empiretradinginsider.com/ Name: 24071974-38f4-4191-9ca5-273c88a7562e-v4
Value: H8n1ntKjfokKbjdavKdq04qnAx3zaAa8PNw51jNmVkk
.secure.empiretradinginsider.com/ Name: cc-v4
Value: GN6XNtmb9WlJr3rSeF3sBSnXYiVyUHPy42jUG9M7I67x8VXsD%2BLR4JD%2Brpb2%2B1y3EYJCt3ssSMOH0czNemc4l5pYFwcXWHtGE%2Fj9z3AXwRzg%2BbJXAwKW13i07bbQtpyqRoRjUBBGKPILRbAVcFllOw%3D%3D
m1mm.isrefer.com/ Name: JSESSIONID
Value: 8A83AD07A3E69BE5F853EE8EE5DF8169
m1mm.isrefer.com/ Name: GCLB
Value: CJ-zprmRi7yF0wEQAw
m1mm.infusionsoft.com/ Name: JSESSIONID
Value: 17220C7658388352D1FA728737A3A50E
m1mm.infusionsoft.com/ Name: GCLB
Value: CILXjcrfrb7MrwEQAw
.infusionsoft.com/ Name: __cf_bm
Value: CD3N3bvJCFxRs9kUsrE7K6NaljZSvx9X3TWfBDQ1SVA-1729869551-1.0.1.1-MIxOtdzPtfNX95uykyDkEXZYk6MXa9lLdveGtLZgMSjdskOWUKuJSAZnEUrzvoVYt_xCrd154jxxZlFydI2xoA
m1mm.infusionsoft.app/ Name: JSESSIONID
Value: 17220C7658388352D1FA728737A3A50E
m1mm.infusionsoft.app/ Name: GCLB
Value: CLX35u7I5MeY1gEQAw
.infusionsoft.app/ Name: __cf_bm
Value: AM24rn1zOCRCJZtZKR4fUq9aE90az4htyARPhb.5Z.Q-1729869552-1.0.1.1-i.XkcD.B.S3EaFwcwP4lojOA2bSaODYSu.0WqJaSejTs9PSxjFx7Yy7BOzVesdaTZwROrZ33V0T5U.8PRYfR30ofkqz.R0UTbVqnxvoQpsM
m1mm.infusionsoft.com/ Name: NewDomainSessionCached
Value: 1729869552380
m1mm.infusionsoft.app/ Name: affiliate
Value: fandi
m1mm.infusionsoft.app/ Name: contactId
Value: 0
m1mm.infusionsoft.app/ Name: jumpLog
Value: 36881909
m1mm.infusionsoft.app/ Name: linkedJumpLog
Value:
.www.theonedayflip.com/ Name: __cf_bm
Value: RU3V4uSas9LHQ82YkGNG718zw.wTmOX9WmdsrlGWofs-1729869552-1.0.1.1-U.yJnbLdd0IouFD0TSegZO8ouBnmF216HfKsr3KUW6k7YIb5pWIxUBCxNf.bRezss.ZQCk2qDfCkJruqiLBZvwRbalHOzdVDkfGUJbGQaKg

3 Console Messages

Source Level URL
Text
network error URL: https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=fandi&utm_campaign=carl.vleminckx%40gmail.com&utm_term=122ETI&el=fandi&cookieUUID=72053fd8-0c01-4496-8f02-9e13f6276aa9&cookieUUID=99e63802-dad3-40e9-9e4e-2fb81187a5e8&affiliate=1477
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.theonedayflip.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN