www.theonedayflip.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305L...
Effective URL:
https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may...
Submission: On April 20 via manual (April 20th 2023, 11:30:51 am UTC) from US — Scanned from FR

Summary HTTP 64 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 31 domains to perform 64 HTTP transactions. The main IP is 2606:4700::6810:10c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theonedayflip.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 19th 2023. Valid for: a year.

This is the only time www.theonedayflip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	1.179.112.196 1.179.112.196	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:1f68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:ff60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6812:161a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2606:4700::68... 2606:4700::6812:1936	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2606:4700::68... 2606:4700::6812:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	52.217.100.60 52.217.100.60	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:440... 2606:4700:4400::ac40:944b	() ()
5	2606:4700::68... 2606:4700::6810:cc2	() ()
1	2606:4700::68... 2606:4700::6810:5714	() ()
1	2606:4700::68... 2606:4700::6810:3865	() ()
2	2a00:1450:400... 2a00:1450:4001:80b::2008	() ()
4	2a00:1450:400... 2a00:1450:4001:80b::2003	() ()
1	2a00:1450:400... 2a00:1450:4001:811::2002	() ()
2	2001:4860:480... 2001:4860:4802:32::178	() ()
4	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1	146.75.120.157 146.75.120.157	() ()
1	34.199.5.193 34.199.5.193	() ()
3	2a00:1288:80:... 2a00:1288:80:807::2	() ()
2	2.16.186.193 2.16.186.193	() ()
1	2600:9000:223... 2600:9000:223e:9200:15:a0d3:77c0:93a1	() ()
2	2001:4860:480... 2001:4860:4802:34::36	() ()
2	2a00:1450:400... 2a00:1450:400c:c00::9a	() ()
3	2a00:1450:400... 2a00:1450:4001:811::2003	() ()
1	104.244.42.69 104.244.42.69	() ()
2	2a00:1450:400... 2a00:1450:4001:806::2004	() ()
64	26

1 1.179.112.196 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112196.mailinblue.me

r.sib.awesomerei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f68 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ff60 (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

awesomerei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:161a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m1mm.isrefer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1936 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

m1mm.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:6ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

m1mm.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:10c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.theonedayflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.100.60 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

arei.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:944b (None, ) 1 redirects

ASN- ()

www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:cc2 (None, )

ASN- ()

classic.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (None, )

ASN- ()

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (None, )

ASN- ()

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.5.193 (None, )

ASN- ()

178029.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.193 (None, )

ASN- ()

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:9200:15:a0d3:77c0:93a1 (None, )

ASN- ()

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (None, )

ASN- ()

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (None, )

ASN- ()

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	theonedayflip.com 1 redirects www.theonedayflip.com	778 KB
6	clickfunnels.com 1 redirects www.clickfunnels.com classic.clickfunnels.com app.clickfunnels.com	4 KB
4	google.com region1.analytics.google.com www.google.com	865 B
4	bing.com bat.bing.com	13 KB
4	gstatic.com fonts.gstatic.com	74 KB
4	infusionsoft.com 4 redirects m1mm.infusionsoft.com	1 KB
3	google.fr www.google.fr	669 B
3	yimg.com s.yimg.com	7 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
3	infusionsoft.app 3 redirects m1mm.infusionsoft.app	1 KB
2	tiktok.com analytics.tiktok.com	69 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	169 KB
2	amazonaws.com arei.s3.amazonaws.com	1 MB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	17 KB
2	awesomerei.com 1 redirects r.sib.awesomerei.com awesomerei.com	2 KB
1	t.co t.co	378 B
1	clickcease.com www.clickcease.com	54 KB
1	hyros.com 178029.tracking.hyros.com 178029.t.hyros.com Failed	37 KB
1	ads-twitter.com static.ads-twitter.com	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com	7 KB
1	jsdelivr.net cdn.jsdelivr.net	22 KB
1	isrefer.com 1 redirects m1mm.isrefer.com	391 B
1	sendinblue.com in-automate.sendinblue.com — Cisco Umbrella Rank: 28305	327 B
1	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 26957	1 KB
0	yahoo.com Failed sp.analytics.yahoo.com Failed
0	twitter.com Failed analytics.twitter.com Failed
0	deviatetracking.com Failed deviatetracking.com Failed
0	vidalytics.com Failed quick.vidalytics.com Failed
0	addevent.com Failed track.addevent.com Failed
64	31

	Domain	Requested by
8	www.theonedayflip.com	1 redirects r.sib.awesomerei.com www.theonedayflip.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com www.theonedayflip.com
4	fonts.gstatic.com	fonts.googleapis.com
4	app.clickfunnels.com	www.theonedayflip.com
4	m1mm.infusionsoft.com	4 redirects
3	www.google.fr	www.theonedayflip.com
3	s.yimg.com	r.sib.awesomerei.com s.yimg.com
3	fonts.googleapis.com	www.theonedayflip.com
3	m1mm.infusionsoft.app	3 redirects
2	www.google.com	www.theonedayflip.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	analytics.tiktok.com	r.sib.awesomerei.com analytics.tiktok.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.theonedayflip.com www.googletagmanager.com
2	arei.s3.amazonaws.com	www.theonedayflip.com
2	use.fontawesome.com	www.theonedayflip.com
1	t.co	www.theonedayflip.com
1	www.clickcease.com	r.sib.awesomerei.com
1	178029.tracking.hyros.com	r.sib.awesomerei.com
1	static.ads-twitter.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	www.theonedayflip.com
1	cdn.jsdelivr.net	www.theonedayflip.com
1	classic.clickfunnels.com	www.theonedayflip.com
1	www.clickfunnels.com	1 redirects
1	m1mm.isrefer.com	1 redirects
1	awesomerei.com	1 redirects
1	in-automate.sendinblue.com	sibautomation.com
1	sibautomation.com	r.sib.awesomerei.com
1	r.sib.awesomerei.com
0	178029.t.hyros.com Failed	178029.tracking.hyros.com
0	sp.analytics.yahoo.com Failed	www.theonedayflip.com
0	analytics.twitter.com Failed	www.theonedayflip.com
0	deviatetracking.com Failed	www.googletagmanager.com
0	quick.vidalytics.com Failed	r.sib.awesomerei.com
0	track.addevent.com Failed	www.theonedayflip.com
64	37

This site contains links to these domains. Also see Links.

Domain
awesomerei.com

Subject Issuer	Validity	Valid
r.sib.awesomerei.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
sendinblue.com Cloudflare Inc ECC CA-3	`2022-09-26` - `2023-09-25`	a year	crt.sh
www.theonedayflip.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
*.google.fr GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Frame ID: 72A5CCB2D028684CCD0DB26ECFFA675D
Requests: 61 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=4945404
Frame ID: CDE117F1F1CD287826697EF6FF4E614B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The One-Day Flip

Page URL History Show full URLs

https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-... Page URL
https://awesomerei.com/odf-may3?utm_source=sendinblue&utm_campaign=internal&utm_medium=email HTTP 307
https://m1mm.isrefer.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC... HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC... HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cooki... HTTP 301
https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 301
https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_sourc... HTTP 302
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=1... HTTP 302
https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el... Page URL

Detected technologies

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

64
Requests

84 %
HTTPS

77 %
IPv6

31
Domains

37
Subdomains

26
IPs

4
Countries

2353 kB
Transfer

5341 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://awesomerei.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://awesomerei.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://awesomerei.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://awesomerei.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M Page URL
https://awesomerei.com/odf-may3?utm_source=sendinblue&utm_campaign=internal&utm_medium=email HTTP 307
https://m1mm.isrefer.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9hOS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWE5JnV0bV9jYW1wYWlnbj1tYXkyMyZlbD1hOQ%3D%3D&store=RTVDQTc3QjlGMEFFQjdFOEZBQTI3MzBDMUYyRjNEMUI%3D HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9hOS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWE5JnV0bV9jYW1wYWlnbj1tYXkyMyZlbD1hOQ==&SessionCopyComplete=true HTTP 301
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9 HTTP 301
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681 HTTP 301
https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681 HTTP 301
https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf HTTP 302
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&affiliate=9 HTTP 302
https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.clickfunnels.com/images/closemodal.png HTTP 301
https://classic.clickfunnels.com/images/closemodal.png

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qK... Show response
r.sib.awesomerei.com/mk/cl/f/ 823 B
983 B 145ms
37ms Document
text/html 1.179.112.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

1.179.112.196 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

m1179112196.mailinblue.me

Software

Resource Hash

fb39520a34b64e038853f527e3f062c3dc7af8ae7a0fbe01e57500f05d949ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 823
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 11:30:45 GMT
x-content-type-options: nosniff
x-sib-server: gke-gke-public-clust-gke-public-clust-1946d9d6-tqqs
x-xss-protection: 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame CDE1 2 KB
1 KB 104ms
49ms Document
text/html 2606:4700::6812:1f68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?id=4945404
Requested by: Host: r.sib.awesomerei.com
URL: https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 45f58354f7a6f2e2ebd695e4e669af42f9b081f0cbc3ca1fc513d0905f79993f

Request headers

Referer: https://r.sib.awesomerei.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=7200
cf-cache-status: MISS
cf-ray: 7bad0e98bd3fd3d8-CDG
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 11:30:45 GMT
expires: Thu, 20 Apr 2023 13:30:45 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2 204 cm
in-automate.sendinblue.com/ Frame CDE1 0
327 B 100ms
48ms XHR
text/plain 2606:4700::6810:ff60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.sendinblue.com/cm?uuid=f914ca9d-799b-464f-b88a-906248ad097e&key=z6re0qmneuikkujffypqqr9p&trans=0&user_id=60261
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=4945404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ff60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
cf-apo-via: origin,host
cf-ray: 7bad0e997ecb0173-CDG

GET
H2

200

Primary Request odf-vsl-v1-14 Show response
www.theonedayflip.com/
Redirect Chain

https://awesomerei.com/odf-may3?utm_source=sendinblue&utm_campaign=internal&utm_medium=email
https://m1mm.isrefer.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9hOS8%2FdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWE5JnV0bV9jYW1wYWlnbj1tYXkyMyZlbD1hOQ%3D%3D&st...
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?return=aHR0cHM6Ly9tMW1tLmluZnVzaW9uc29mdC5jb20vZ28vb2RmLXZzbC9hOS8/dXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWE5JnV0bV9jYW1wYWlnbj1tYXkyMyZlbD1hOQ==&SessionC...
https://m1mm.infusionsoft.com/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9
https://m1mm.infusionsoft.app/go/odf-vsl/a9/?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681
https://m1mm.infusionsoft.com/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681
https://m1mm.infusionsoft.app/aff.html?to=https://www.theonedayflip.com/odf-vsl&utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681&cookieUUID=9f...
https://www.theonedayflip.com/odf-vsl?utm_medium=email&utm_source=a9&utm_campaign=may23&el=a9&cookieUUID=136983b6-a068-497c-b721-261d2a7bd681&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&affilia...
https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9

104 KB
28 KB

671ms
670ms

Document
text/html

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9

Requested by

Host: r.sib.awesomerei.com
URL: https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

fbec8ceb8d7651d22cc125dea9705e090f966f4b433bffb25d2bdd7c1f734926

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: MISS
cf-ray: 7bad0eac68f00483-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 11:30:49 GMT
last-modified: Wed, 05 Apr 2023 20:11:54 GMT
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-digest: 440acf767700b439d949c143664db3385e84666c
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: adc4c1cc85fb12060b09945a83d7204e
x-runtime: 0.236617

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
cf-cache-status: MISS
cf-ray: 7bad0eaa4f5b0483-CDG
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 11:30:48 GMT
location: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
server: cloudflare
status: 302 Found
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 7850b0a87523a01424a4578c9ef49c84
x-runtime: 0.191400

GET
H2 200 lander.css
www.theonedayflip.com/assets/ 425 KB
70 KB 53ms
50ms Stylesheet
text/css 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/assets/lander.css

Requested by

Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 68
last-modified: Thu, 06 Apr 2023 15:26:12 GMT
server: cloudflare
etag: W/"642ee494-6a514"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb0ccb00483-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 20 Apr 2023 11:50:49 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
12 KB 81ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BA4F2HSJTWF559PS
age: 1268352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NLSGab56IFWc6FARuaYasRNk6BQ6l6drFStW1HqWYKTBxijELFEdMTIcr5uwSJf46aH739kgqx1yY8yzcsZJ2Q==
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiGJFbC0yXtSROQkCuoQVsv2Z3QCNzN%2Bp23WkAwzb0NbZtSyi7opCYIUGkJX7xFQzCS34XPiFZ4SVylWl1Ava9F%2FdILOuwmzW6hAPPbOQdRRW7uxQ8eSGlY7OSoAAtAHLdS%2Bj%2FNFOKtw4KxmCJkpGOIw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7bad0eb11f7623e2-LHR

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 77ms
28ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J2XW272F55Q8XMWG
age: 1058924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Txapr/ufTkVDw/YvyQL0z+i3Z1k8XFYPX+D3ustfZuiEDXVNAbgfzDTZjdsppkN1G7zgmmIhcfc=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVCM8YMFo61NOwSYtGkUwnXXasJwGUYN%2BJdIUj1oo%2BgqoLY76Pnhx%2F%2FCVbLr2LCKjLseI3NrTkg80hgf4iK0tuOYaJhp37iiMIJywXSvtby1QHVre0Zo2XA%2BZcPimV7UCcdQDZqHPN66nw20O7mPiTlH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7bad0eb11f7823e2-LHR

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 97ms
36ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

626addfb580440892ea2efe5f627083c743e26576a5f979966a2c03a4005a8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 11:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 09:46:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 11:30:49 GMT

GET
H2 200 application.js Show response
www.theonedayflip.com/assets/userevents/ 5 KB
2 KB 46ms
44ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/assets/userevents/application.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 516
last-modified: Thu, 06 Apr 2023 15:26:12 GMT
server: cloudflare
etag: W/"642ee494-147c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb0ccb20483-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 20 Apr 2023 11:50:49 GMT

GET
H/1.1 200
OK moment.js Show response
arei.s3.amazonaws.com/misc-assets/ 147 KB
148 KB 341ms
119ms Script
application/javascript 52.217.100.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arei.s3.amazonaws.com/misc-assets/moment.js
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.100.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 11:30:50 GMT
Last-Modified: Mon, 27 Jan 2020 21:56:03 GMT
Server: AmazonS3
x-amz-request-id: 8QYQPY664DQR49DV
ETag: "0941fc7ec3988352c959e5b3da86f666"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 150941
x-amz-id-2: 5oQn3uoqyAy/nFMejBCNMruXP8J8E2bMWHfifmNxttz1c2VSzT7FP0zdNggGX/nGcNSf8RQ13lQ=

GET
H/1.1 200
OK moment-timezone-with-data.min.js Show response
arei.s3.amazonaws.com/misc-assets/ 909 KB
909 KB 346ms
123ms Script
application/javascript 52.217.100.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arei.s3.amazonaws.com/misc-assets/moment-timezone-with-data.min.js
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.100.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 06486cabfb771c2f089c450b8a00c03c02014c682f44b9c3989123bb206f03a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 11:30:50 GMT
Last-Modified: Mon, 27 Jan 2020 21:56:27 GMT
Server: AmazonS3
x-amz-request-id: 8QYQXD2B1PH8BN98
ETag: "5c8ed7bc8a7199103cd998e0d33f92c9"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 930654
x-amz-id-2: EDemUym/NjzN/qw90NZGzOQEMydtn76zVWtUFrWuKv+n80aPpZIioEbRD/LRFMr/5pdrUC/moyM=

GET
H2

200

closemodal.png
classic.clickfunnels.com/images/
Redirect Chain

https://www.clickfunnels.com/images/closemodal.png
https://classic.clickfunnels.com/images/closemodal.png

672 B
908 B

63ms
52ms

Image
image/webp

2606:4700::6810:cc2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://classic.clickfunnels.com/images/closemodal.png

Requested by

Protocol

Server

2606:4700::6810:cc2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
age: 127367
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Thu, 06 Apr 2023 15:26:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "642ee494-314"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
access-control-max-age: 1728000
accept-ranges: bytes
cf-ray: 7bad0eb78d35f18c-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sun, 21 May 2023 11:30:50 GMT

Redirect headers

date: Thu, 20 Apr 2023 11:30:50 GMT
server: cloudflare
vary: Accept-Encoding
location: https://classic.clickfunnels.com/images/closemodal.png
cache-control: max-age=3600
cf-ray: 7bad0eb67b631546-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Apr 2023 12:30:50 GMT

GET
H2 200 credit-only.png
www.theonedayflip.com/hosted/images/fb/604f4019ec11e9872473a15375f941/ 7 KB
8 KB 255ms
253ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonedayflip.com/hosted/images/fb/604f4019ec11e9872473a15375f941/credit-only.png
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 761ec14345b4b0fb3f3d269a38a5283a856f34361f6173b60eae116675dea345

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Jan 2019 00:15:25 GMT
server: cloudflare
etag: "50a23bcbc4cea0c0325c78900a6bb903"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bad0eb639420483-CDG
content-length: 7677
expires: Sun, 14 May 2023 11:30:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
813 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%7CLato%7CRoboto%7CLato%7CNoto+Sans%7CRoboto%7CNoto+Sans%7CRoboto%7CNoto+Sans%7CLato%7C%7C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

233d18311a0effad520fad799b277cd065ffc83f055336824f5421113bf87a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 11:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 11:30:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 11:30:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
974 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800|Roboto:400,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7a2bdda423b652565e3b439631fabc241aa0a5f055f07132703b8cb82825027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 11:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 11:30:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 11:30:49 GMT

GET
H2 200 lander.js Show response
www.theonedayflip.com/assets/ 2 MB
663 KB 38ms
38ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/assets/lander.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5a698ff3c64f3816318327c9d9229af2110a7e97042cb084d4628a269622d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 346
last-modified: Thu, 06 Apr 2023 15:27:32 GMT
server: cloudflare
etag: W/"642ee4e4-2381fa"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb538680483-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 20 Apr 2023 11:50:49 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
2 KB 125ms
59ms Script
application/x-javascript 2606:4700::6810:cc2

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 6541
last-modified: Thu, 06 Apr 2023 15:26:12 GMT
server: cloudflare
etag: W/"642ee494-a8d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
cf-ray: 7bad0eb69c51f18c-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 pushcrew.js Show response
www.theonedayflip.com/assets/ 637 B
437 B 51ms
49ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/assets/pushcrew.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 443
last-modified: Thu, 06 Apr 2023 15:26:12 GMT
server: cloudflare
etag: W/"642ee494-27d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb639430483-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Thu, 20 Apr 2023 11:50:49 GMT

GET
H2 200 handlebars.min.js Show response
cdn.jsdelivr.net/handlebarsjs/4.0.5/ 71 KB
22 KB 74ms
29ms Script
application/javascript 2606:4700::6810:5714

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/handlebarsjs/4.0.5/handlebars.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3831332
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA, cache-yyz4558-YYZ
server: cloudflare
etag: W/"11ba6-FsvEwKZxF6Wj5s/XitRXNZ+C+vg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv3j%2FV4hcTOAL9En%2Bc7QsZG9lmGn%2BsTkJCj0oVmRcwXQo6XyzN1yN4Xo1nDmJuNffIj3IncMCuj7yHWqRWP%2BX9FbHTpVxcwMXp4Z3zVH%2FhIf8IkqqFYtC4IOD%2B%2BlAWC636k2WblHzdFsWZDzAXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bad0eb6396a2a0b-CDG

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 118ms
49ms Script
text/javascript 2606:4700::6810:3865

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.theonedayflip.com/
Origin: https://www.theonedayflip.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7bad0eb6aa0e2a73-CDG

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
91 KB 115ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd8bf18595650bb0ec79584d531a19315c31e851925b49bfbf7da68f8ff5595d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93031
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 11:30:50 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 104ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonedayflip.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:03:21 GMT
x-content-type-options: nosniff
age: 88049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:03:21 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 128ms
51ms Font
font/woff2 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonedayflip.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:51 GMT
x-content-type-options: nosniff
age: 176279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 139ms
63ms Font
font/woff2 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800|Roboto:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonedayflip.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:06:36 GMT
x-content-type-options: nosniff
age: 87854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:06:36 GMT

GET
H2 200 vendor.js Show response
www.theonedayflip.com/ 18 KB
6 KB 143ms
142ms Script
application/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonedayflip.com/vendor.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/odf-vsl-v1-14?affiliate=9&cookieUUID=9fba265e-085c-49ee-930c-b5b870659ebf&el=a9&utm_campaign=may23&utm_medium=email&utm_source=a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: MISS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: d0d29221fb599eeb94d78f99a8e7d373
x-runtime: 0.012153
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb79a300483-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: fresh

GET /
track.addevent.com/atc/ 0
0

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
756 B 210ms
168ms XHR
text/html 2606:4700::6810:cc2

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MEY5SHJVeStlcjltRzdQaURvcnF6Zz09LS1jMmowNUlBbWVCcWhDdUE3MHdLSmNBPT0%3D--3bb52b200ccc5668cf3c5e1b7937c564d0694ebd&page_id=UUw2UHNTUDg4NzVNQ0FvTVYxOVdqUT09LS02NWlzaFlZajZmMjY0S3NIR0NoUHdnPT0%3D--87ecf3a5d908ddf2ed3614b03e02ec83dc78f206&funnel_step_id=STRvZHNZT0Y1cS9NcnRhSmZENDdRUT09LS00SWhFblZtZzhxa1VKV1RSaFByS2h3PT0%3D--6a4169c27b2ec97648c61f5e78ba967810bbbdf9&user_id=ZUhUa0NHR0tNUGRlTkU5M0ROTmFvUT09LS1FVVBRN0JLYXc4MXRCRlBVeVVrVVNnPT0%3D--46421a7b8c52ee62ad953391c98a5908847e6502&account_id=Z1NCRlkzMnJUa09DZjJkMmhGMkxpQT09LS1SRERkWmFGa1BJTG5qbHYyaUJueUVBPT0%3D--2bca3abb15b4fd0978945e54b6bdfb3122fbf533&page_code=NTQ1NTM2MTU%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=email&name=&source=a9&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=f3b01947-59e5-46c4-b8aa-c0a4f4cad97b&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9

Requested by

Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 -, , ASN (),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: 34fcbea89aa23312a775896a4243309e
pragma: no-cache
x-runtime: 0.023391
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb7ffea3c8c-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
308 B 255ms
215ms XHR
text/html 2606:4700::6810:cc2

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MEY5SHJVeStlcjltRzdQaURvcnF6Zz09LS1jMmowNUlBbWVCcWhDdUE3MHdLSmNBPT0%3D--3bb52b200ccc5668cf3c5e1b7937c564d0694ebd&page_id=UUw2UHNTUDg4NzVNQ0FvTVYxOVdqUT09LS02NWlzaFlZajZmMjY0S3NIR0NoUHdnPT0%3D--87ecf3a5d908ddf2ed3614b03e02ec83dc78f206&funnel_step_id=STRvZHNZT0Y1cS9NcnRhSmZENDdRUT09LS00SWhFblZtZzhxa1VKV1RSaFByS2h3PT0%3D--6a4169c27b2ec97648c61f5e78ba967810bbbdf9&user_id=ZUhUa0NHR0tNUGRlTkU5M0ROTmFvUT09LS1FVVBRN0JLYXc4MXRCRlBVeVVrVVNnPT0%3D--46421a7b8c52ee62ad953391c98a5908847e6502&account_id=Z1NCRlkzMnJUa09DZjJkMmhGMkxpQT09LS1SRERkWmFGa1BJTG5qbHYyaUJueUVBPT0%3D--2bca3abb15b4fd0978945e54b6bdfb3122fbf533&page_code=NTQ1NTM2MTU%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=email&name=&source=a9&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=ffc2d93e-e061-470b-8024-39576167dede&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9

Requested by

Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 -, , ASN (),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: bf7501dd8009a8d6a5e8f11b94f21cfe
pragma: no-cache
x-runtime: 0.064020
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb7ffeb3c8c-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
308 B 227ms
187ms XHR
text/html 2606:4700::6810:cc2

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MEY5SHJVeStlcjltRzdQaURvcnF6Zz09LS1jMmowNUlBbWVCcWhDdUE3MHdLSmNBPT0%3D--3bb52b200ccc5668cf3c5e1b7937c564d0694ebd&page_id=UUw2UHNTUDg4NzVNQ0FvTVYxOVdqUT09LS02NWlzaFlZajZmMjY0S3NIR0NoUHdnPT0%3D--87ecf3a5d908ddf2ed3614b03e02ec83dc78f206&funnel_step_id=STRvZHNZT0Y1cS9NcnRhSmZENDdRUT09LS00SWhFblZtZzhxa1VKV1RSaFByS2h3PT0%3D--6a4169c27b2ec97648c61f5e78ba967810bbbdf9&user_id=ZUhUa0NHR0tNUGRlTkU5M0ROTmFvUT09LS1FVVBRN0JLYXc4MXRCRlBVeVVrVVNnPT0%3D--46421a7b8c52ee62ad953391c98a5908847e6502&account_id=Z1NCRlkzMnJUa09DZjJkMmhGMkxpQT09LS1SRERkWmFGa1BJTG5qbHYyaUJueUVBPT0%3D--2bca3abb15b4fd0978945e54b6bdfb3122fbf533&page_code=NTQ1NTM2MTU%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=email&name=&source=a9&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=e9afd76e-eaeb-4328-a393-166295ed3ca6&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9

Requested by

Host: www.theonedayflip.com
URL: https://www.theonedayflip.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 -, , ASN (),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: d17c7cfba2fef9be854b56b9b8510351
pragma: no-cache
x-runtime: 0.028307
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7bad0eb7ffec3c8c-CDG
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonedayflip.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:15 GMT
x-content-type-options: nosniff
age: 176375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:15 GMT

GET loader.min.js
quick.vidalytics.com/embeds/Y_1586Xh/UZ3c1uXYZMhkHLoS/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10904221328/ 3 KB
2 KB 232ms
67ms Script
text/javascript 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10904221328/?random=1681990250295&cv=11&fst=1681990250295&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&ref=https%3A%2F%2Fr.sib.awesomerei.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20One-Day%20Flip&auid=56969148.1681990250&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

44d048cf78e677aeb3df5c3295e21346fce9a2d58807f5884de5b66d677b4464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 176ms
19ms Script
text/javascript 2001:4860:4802:32::178

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 11:12:02 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1128
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 13:12:02 GMT

GET deviatetracking-5.2.js
deviatetracking.com/wp-content/deviatetracking/ 0
0

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 199ms
37ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 20 Apr 2023 11:30:49 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C249E9109AE4FC28CEDA8BE71128BBB Ref B: PAR02EDGE0820 Ref C: 2023-04-20T11:30:50Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 185ms
25ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220077-HHN

GET
H2 200 universal-script
178029.tracking.hyros.com/v1/lst/ 37 KB
37 KB 301ms
112ms Script
text/javascript 34.199.5.193

General

Check archive.org

Show headers Download Go to

Full URL: https://178029.tracking.hyros.com/v1/lst/universal-script?ph=29b3954553b735bb0e5ad86fb8e8d04f4e92f866679a96a21f7d59d69ce373c9&tag=!hyros
Requested by: Host: r.sib.awesomerei.com
URL: https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 37785
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 197ms
40ms Script
application/javascript 2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:29:20 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: RZVY62BP726NM0AW
age: 91
x-amz-server-side-encryption: AES256
x-amz-id-2: u8SYtInGjFUirCCcCehqsvmLoZx5zOTOYDqG3cd2/Kc+rKSDhOU/vF2aAhS7YICMMlXMqN2OBJg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 293ms
137ms Script
application/javascript 2.16.186.193

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCR1663C77U4JVV1DP3G&lib=ttq
Requested by: Host: r.sib.awesomerei.com
URL: https://r.sib.awesomerei.com/mk/cl/f/Ti89Jl3OYSsD1F3fq21CvKZK436xPAsNc1bx8XTY8a2x5UxHRncBJkAOUP-3xzfSyEr-evT5R7pLDWXl7Cnd305LJSGtrvu3Yj5OlHEOaXtnhHhhqPmBXJM-e_N-dIaShbd34MMOvoxbrcEh35hGuAr-wSj4DurRz06EPqX-98hVYYR7YeM3W_mbH-sqBk2QSy0qKkVmXhaCbsABkHw1bNG2hwhBWDfFppwTvUamX1xLDPv1qc0bptHc2WGAxBSS_H_SUfnuJ4tj5HQdluoTON2wV4PYiznbiZsatRZE96um76M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.193 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3e5012d471f2cb79e93c8b7e7f381777e3ac3c737d95d6efab937d8a05b34446

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 12b614b
date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=3, origin; dur=105
content-length: 1373
pragma: no-cache
server: nginx
x-tt-logid: 202304201130502A4CE50B5040B740DE82
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,2.16.186.189
x-tt-trace-host: 01e60c37ace2c75e29ea3fc2db813c3303777a4b7b2f56b7652b8001a1d7f6f948d99e7b0012f3bec68ed455e40ef7346b4d5c4c7325c702a8025ce0713e1d33801b70bbd56e91d5aa6a7e371735580950c9ac50fb55dcf98c54934b5e06475899
expires: Thu, 20 Apr 2023 11:30:50 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 182ms
32ms Script
application/javascript 2600:9000:223e:9200:15:a0d3:77c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:9200:15:a0d3:77c0:93a1 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 11:30:47 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA56-P4
age: 7
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: r0BLSblne2ZLJ7RoZBAFaqDiLfLwiCLzzBq0jNqCAnC8U-tQoOmtFQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GX0KH6HL6Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW2PQ95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38f331d502c39ae03e345a83bb6f0c6d683f4c1d664d5982f53d0cc53c65dc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 11:30:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 86ms
24ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GX0KH6HL6Q&gtm=45je34c0&_p=674926096&_gaz=1&cid=1574441364.1681990251&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681990250&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&dr=https%3A%2F%2Fr.sib.awesomerei.com%2F&dt=The%20One-Day%20Flip&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GX0KH6HL6Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonedayflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 96ms
24ms Ping
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GX0KH6HL6Q&cid=1574441364.1681990251&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GX0KH6HL6Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonedayflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 116ms
50ms Image
image/gif 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GX0KH6HL6Q&cid=1574441364.1681990251&gtm=45je34c0&aip=1&z=1396934733

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 71ms
25ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GX0KH6HL6Q&gtm=45je34c0&_p=674926096&cid=1574441364.1681990251&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1681990250&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&dr=https%3A%2F%2Fr.sib.awesomerei.com%2F&dt=The%20One-Day%20Flip&en=split_test_page_view&epn.split_test_page_view=1&ep.device_category=desktop&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GX0KH6HL6Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonedayflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 186ms
128ms Image
image/gif 104.244.42.69

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=89d4e216-2931-4eb5-a731-dc9a014fb086&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=3ebe06f7-88e7-415e-a475-bc2a4f1ce307&tw_document_href=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&tw_iframe_status=0&txn_id=odr6n&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 -, , ASN (),

Reverse DNS

Software

tsa_f /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 20 Apr 2023 11:30:50 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 0a3c7c1389e4965f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c4e897b2cb14483ab13c586d745f4ffa6371af8b4c2191cd4c083bc0e90bb432
content-length: 43

GET adsct
analytics.twitter.com/1/i/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 24ms
24ms XHR
text/plain 2001:4860:4802:32::178

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=674926096&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&dr=https%3A%2F%2Fr.sib.awesomerei.com%2F&ul=en-us&de=UTF-8&dt=The%20One-Day%20Flip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1495539410&gjid=1473046491&cid=1574441364.1681990251&tid=UA-132909260-15&_gid=1831312012.1681990251&_r=1&_slc=1&gtm=45He34c0n81WW2PQ95&z=661928174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonedayflip.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonedayflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10109886.json
s.yimg.com/wi/config/ 46 B
678 B 110ms
41ms XHR
application/json 2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10109886.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:12:19 GMT
x-amz-version-id: JanljKSADxh5Xopa630yz_mEvpwBZrjT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: RT0JQ26Q1AT1070T
age: 1113
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: qXBsqzzoemaGDBJiGM08uHLG0UCqRPb877SUc0LK/tJQMkUbVprcQ2trFS0GoJ80RDXW6pX2Z2A=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:03 GMT
server: ATS
etag: "931662d7dbca360b4659e725d6d0e6b0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10157038.json
s.yimg.com/wi/config/ 2 B
178 B 111ms
42ms XHR
application/json 2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10157038.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:12:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: RT0JABF0M2T4BB3S
age: 1113
content-length: 2
x-amz-id-2: JdfKymG4ma+IFmBKLs5/qLQaiw7kvOrFUX06eUXpVszHwuX+J7QCpY1FkPPfSy9XotKxSZsWzNM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 /
www.google.com/pagead/1p-user-list/10904221328/ 42 B
455 B 103ms
39ms Image
image/gif 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10904221328/?random=1681990250295&cv=11&fst=1681988400000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&ref=https%3A%2F%2Fr.sib.awesomerei.com%2F&frm=0&tiba=The%20One-Day%20Flip&fmt=3&is_vtc=1&random=3326818099&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/10904221328/ 42 B
455 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/10904221328/?random=1681990250295&cv=11&fst=1681988400000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&ref=https%3A%2F%2Fr.sib.awesomerei.com%2F&frm=0&tiba=The%20One-Day%20Flip&fmt=3&is_vtc=1&random=3326818099&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 187018062.js
bat.bing.com/p/action/ 0
118 B 124ms
124ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187018062.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 20 Apr 2023 11:30:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 90F82A9A95E04E769749F75ED5CF086F Ref B: PAR02EDGE0820 Ref C: 2023-04-20T11:30:50Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 37ms
37ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187018062&tm=gtm002&Ver=2&mid=90be1445-0c7b-41a4-ba9d-2927f109c27f&sid=cd85b940df6e11edb60747f1dcc2731e&vid=cd85ee50df6e11edb77f9df074321565&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20One-Day%20Flip&p=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&r=https%3A%2F%2Fr.sib.awesomerei.com%2F&lt=4961&pt=1681990245301,,,,,3082,3082,3082,3082,3082,,3084,3753,3762,3766,4879,4883,4961,,,&pn=0,0&evt=pageLoad&sv=1&rn=570497

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 11:30:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49B242237CC04C8B80603D8EF343E39B Ref B: PAR02EDGE0820 Ref C: 2023-04-20T11:30:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
229 B 49ms
42ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187018062&tm=gtm002&Ver=2&mid=90be1445-0c7b-41a4-ba9d-2927f109c27f&sid=cd85b940df6e11edb60747f1dcc2731e&vid=cd85ee50df6e11edb77f9df074321565&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=gtm.js&en=Y&p=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14&sw=1600&sh=1200&sc=24&evt=custom&rn=197910

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 11:30:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 921F791A304242348B20BFDA07E9E93B Ref B: PAR02EDGE0820 Ref C: 2023-04-20T11:30:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 27ms
23ms XHR
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132909260-15&cid=1574441364.1681990251&jid=1495539410&gjid=1473046491&_gid=1831312012.1681990251&_u=YCDACEAABAAAACAAI~&z=11498013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonedayflip.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 11:30:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonedayflip.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 76ms
49ms Image
image/gif 2a00:1450:4001:806::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132909260-15&cid=1574441364.1681990251&jid=1495539410&_u=YCDACEAABAAAACAAI~&z=1013214934

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 53ms
51ms Image
image/gif 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132909260-15&cid=1574441364.1681990251&jid=1495539410&_u=YCDACEAABAAAACAAI~&z=1013214934

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 11:30:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTFlZGFkNDkwMA.js
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 31ms
30ms Script
application/javascript 2.16.186.193

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCR1663C77U4JVV1DP3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.193 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.theonedayflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 12b61c4
date: Thu, 20 Apr 2023 11:30:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202304181346424ED8929874DE14A90C33
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-189.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0129f2b73e97d90a64af281a63eae5c9514acb9f02ae9710c29e7d59bba3a4732136d108936e3ec8e9360059dd1c3770a1f7dc582cf3ff9b9ca86620e20225fc5b89b56d46c5696c9731b5c31fa6181c19904db16eee245ca1a6cf4d3bfc3495a8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 67663

GET sp.pl
sp.analytics.yahoo.com/ 0
0

GET gusid
178029.t.hyros.com/v1/lst/ 0
0

OPTIONS gusid
178029.t.hyros.com/v1/lst/ Frame 0
0

GET identify_d1af3.js
analytics.tiktok.com/i18n/pixel/static/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=0f4679ba-26ae-4bff-3747-f5a776867cd2&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&cache=1681990250166

Domain: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/Y_1586Xh/UZ3c1uXYZMhkHLoS/loader.min.js

Domain: deviatetracking.com
URL: https://deviatetracking.com/wp-content/deviatetracking/deviatetracking-5.2.js?ver=1681990250

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=89d4e216-2931-4eb5-a731-dc9a014fb086&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=3ebe06f7-88e7-415e-a475-bc2a4f1ce307&tw_document_href=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&tw_iframe_status=0&txn_id=odr6n&type=javascript&version=2.3.29

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2020%20Apr%202023%2011%3A30%3A50%20GMT&n=0&b=The%20One-Day%20Flip&.yp=10109886&f=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&e=https%3A%2F%2Fr.sib.awesomerei.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20One-Day%20Flip&.yp=10157038&f=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&e=https%3A%2F%2Fr.sib.awesomerei.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Domain: 178029.t.hyros.com
URL: https://178029.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9

Domain: 178029.t.hyros.com
URL: https://178029.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/identify_d1af3.js

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sibautomation.com/	1970-01-20 15:34:35	Name: uuid Value: f914ca9d-799b-464f-b88a-906248ad097e
awesomerei.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 63901f9087a9c825d5570fdcbf59fdf0
awesomerei.com/	1970-01-20 11:56:22	Name: prli_click_1337 Value: odf-may3
awesomerei.com/	1970-01-20 19:58:46	Name: prli_visitor Value: 6441226523544
m1mm.isrefer.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 736037497938CF51E8665C878BF42676
m1mm.isrefer.com/	1970-01-20 11:13:53	Name: GCLB Value: CMmG6vWDquvLuwE
m1mm.infusionsoft.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: E5CA77B9F0AEB7E8FAA2730C1F2F3D1B
m1mm.infusionsoft.com/	1970-01-20 11:13:53	Name: GCLB Value: CPSTqfqry5K9Qw
.infusionsoft.com/	1970-01-20 11:13:12	Name: __cf_bm Value: v_Nx0zejIpnR07xK2iCSVok6P75_NltxhXd7R.40U6Q-1681990246-0-AVwKoI7VtG/3eHNe/bb8IFvLnpDfG8yK/4q9OXrnqPpt5q4KBPzHgiGFICPTWc4U6H4OPvvxUzYccBwvts8gYf8=
m1mm.infusionsoft.app/	1969-12-31 23:59:59	Name: JSESSIONID Value: E5CA77B9F0AEB7E8FAA2730C1F2F3D1B
m1mm.infusionsoft.app/	1970-01-20 11:13:53	Name: GCLB Value: CPbj0LWI6tO8Ag
.infusionsoft.app/	1970-01-20 11:13:12	Name: __cf_bm Value: QeiuR6wRF3JhjZFz7Fb6jFkpSYrirvYuhaQNihD.oak-1681990247-0-AbdQtDPuJi52NrnjHZx4kJRkkQKgI055StCmAp0425FerEO4cUyoYOiMoPUS+F2fwVYIbEpAWBx4hG4G1c7hynWXcH9Z301vlXfRxTWvaN/z
m1mm.infusionsoft.com/	1970-01-20 11:13:10	Name: NewDomainSessionCached Value: 1681990247146
m1mm.infusionsoft.app/	1970-01-20 20:49:10	Name: affiliate Value: a9
m1mm.infusionsoft.app/	1970-01-20 20:49:10	Name: contactId Value: 0
m1mm.infusionsoft.app/	1970-01-20 20:49:10	Name: jumpLog Value: 20669990
m1mm.infusionsoft.app/	1970-01-20 20:49:10	Name: linkedJumpLog Value:
.www.theonedayflip.com/	1970-01-20 11:13:12	Name: __cf_bm Value: cZ8PULi4f_.3j4r4R6XkN7KW_Wo0RuVk0XgjK7NP3Lo-1681990248-0-ARJAExluvNqC+yvDOAxS3cZwV30dg+FR2+2q8XjRAhWCsqYzOBJFc+MJ/foqnVgjdV5MIzrxCmRIY6Ydv4LOnzyuizQl9+9rfbVgNkGJ8NLz
.www.clickfunnels.com/	1970-01-20 11:13:12	Name: __cf_bm Value: ytB_i1CTx0BfTiWrw6RrHUZLNEMj9KP..PSc.MdarCo-1681990250-0-AVOawJzC5IOSHx8J5t9M2fpREAXQIuisqsj2IYjKUTaBxsCCdUEl+rKAfH1/CobT3hA8o9Vw9O+4ItIXyJHtUAE=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=0f4679ba-26ae-4bff-3747-f5a776867cd2&url=https%3A%2F%2Fwww.theonedayflip.com%2Fodf-vsl-v1-14%3Faffiliate%3D9%26cookieUUID%3D9fba265e-085c-49ee-930c-b5b870659ebf%26el%3Da9%26utm_campaign%3Dmay23%26utm_medium%3Demail%26utm_source%3Da9&cache=1681990250166 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178029.t.hyros.com
178029.tracking.hyros.com
analytics.tiktok.com
analytics.twitter.com
app.clickfunnels.com
arei.s3.amazonaws.com
awesomerei.com
bat.bing.com
cdn.jsdelivr.net
classic.clickfunnels.com
deviatetracking.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in-automate.sendinblue.com
m1mm.infusionsoft.app
m1mm.infusionsoft.com
m1mm.isrefer.com
quick.vidalytics.com
r.sib.awesomerei.com
region1.analytics.google.com
s.yimg.com
sibautomation.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
track.addevent.com
use.fontawesome.com
www.clickcease.com
www.clickfunnels.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.theonedayflip.com
178029.t.hyros.com
analytics.tiktok.com
analytics.twitter.com
deviatetracking.com
quick.vidalytics.com
sp.analytics.yahoo.com
track.addevent.com
1.179.112.196
104.244.42.69
146.75.120.157
188.114.96.3
2.16.186.193
2001:4860:4802:32::178
2001:4860:4802:34::36
2600:9000:223e:9200:15:a0d3:77c0:93a1
2606:4700:4400::ac40:944b
2606:4700::6810:10c2
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6810:cc2
2606:4700::6810:ff60
2606:4700::6812:161a
2606:4700::6812:1936
2606:4700::6812:1f68
2606:4700::6812:6ad
2606:4700:e2::ac40:850f
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::200a
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:400c:c00::9a
34.199.5.193
52.217.100.60
06486cabfb771c2f089c450b8a00c03c02014c682f44b9c3989123bb206f03a5
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
233d18311a0effad520fad799b277cd065ffc83f055336824f5421113bf87a79
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
38f331d502c39ae03e345a83bb6f0c6d683f4c1d664d5982f53d0cc53c65dc0b
3e5012d471f2cb79e93c8b7e7f381777e3ac3c737d95d6efab937d8a05b34446
44d048cf78e677aeb3df5c3295e21346fce9a2d58807f5884de5b66d677b4464
45f58354f7a6f2e2ebd695e4e669af42f9b081f0cbc3ca1fc513d0905f79993f
4a5a698ff3c64f3816318327c9d9229af2110a7e97042cb084d4628a269622d1
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
626addfb580440892ea2efe5f627083c743e26576a5f979966a2c03a4005a8cf
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
761ec14345b4b0fb3f3d269a38a5283a856f34361f6173b60eae116675dea345
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bd8bf18595650bb0ec79584d531a19315c31e851925b49bfbf7da68f8ff5595d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f7a2bdda423b652565e3b439631fabc241aa0a5f055f07132703b8cb82825027
fb39520a34b64e038853f527e3f062c3dc7af8ae7a0fbe01e57500f05d949ed1
fbec8ceb8d7651d22cc125dea9705e090f966f4b433bffb25d2bdd7c1f734926

www.theonedayflip.com Open in urlscan Pro 2606:4700::6810:10c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

84 %HTTPS

77 %IPv6

31 Domains

37 Subdomains

26 IPs

4 Countries

2353 kBTransfer

5341 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theonedayflip.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

84 %
HTTPS

77 %
IPv6

31
Domains

37
Subdomains

26
IPs

4
Countries

2353 kB
Transfer

5341 kB
Size

19
Cookies

64 HTTP transactions
0 data transactions