urlscan.io logo urlscan.io
SecurityTrails logo

sirtuin.gamedayready.me Open in urlscan Pro
2606:4700::6810:ec2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.cp20.com/click/g4x7-3q2948-8cac1z-f5ddgdm6/
Effective URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oc...
Submission: On December 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6810:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is sirtuin.gamedayready.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2022. Valid for: a year.
This is the only time sirtuin.gamedayready.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.24.224.100 17358 (MOZGROUP-...)
1 2 54.225.150.6 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
20 6
1    216.24.224.100 (United States)

ASN17358 (MOZGROUP-CAMPAIGNER, US)
PTR: click.skem1.com
trk.cp20.com
2    54.225.150.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-150-6.compute-1.amazonaws.com
1jgrcum.elnk8.com
4    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
sirtuin.gamedayready.me
Apex Domain
Subdomains		 Transfer
9 gamedayready.me
sirtuin.gamedayready.me
121 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
383 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 16
42 KB
2 elnk8.com
1jgrcum.elnk8.com
2 KB
1 cp20.com
trk.cp20.com — Cisco Umbrella Rank: 40146
239 B
20 5
Domain Requested by
9 sirtuin.gamedayready.me sirtuin.gamedayready.me
1jgrcum.elnk8.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com 1jgrcum.elnk8.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 1jgrcum.elnk8.com 1 redirects
1 trk.cp20.com 1 redirects
20 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
elnk8.com
Amazon		 2022-02-18 -
2023-03-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sirtuin.gamedayready.me
Cloudflare Inc ECC CA-3		 2022-06-27 -
2023-06-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Frame ID: 0DF8EEB464A74327D19F2EC6019C6912
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Frame ID: 96D131C7E232BA3C18844A6A33DFF26C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://trk.cp20.com/click/g4x7-3q2948-8cac1z-f5ddgdm6/ HTTP 302
    https://1jgrcum.elnk8.com/ Page URL
  2. https://1jgrcum.elnk8.com/ HTTP 303
    https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

547 kB
Transfer

1181 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.cp20.com/click/g4x7-3q2948-8cac1z-f5ddgdm6/ HTTP 302
    https://1jgrcum.elnk8.com/ Page URL
  2. https://1jgrcum.elnk8.com/ HTTP 303
    https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://trk.cp20.com/click/g4x7-3q2948-8cac1z-f5ddgdm6/ HTTP 302
  • https://1jgrcum.elnk8.com/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1jgrcum.elnk8.com/
Redirect Chain
  • https://trk.cp20.com/click/g4x7-3q2948-8cac1z-f5ddgdm6/
  • https://1jgrcum.elnk8.com/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1jgrcum.elnk8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.150.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-150-6.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
0d4a1b7e3cff8782daf75464e061b395682ece08da9498e884587a78e1ee1c7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1299
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 14:47:02 GMT
server
awselb/2.0

Redirect headers

Cache-Control
private
Content-Length
142
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Dec 2022 14:47:02 GMT
Location
https://1jgrcum.elnk8.com
Refresh
0; URL=https://1jgrcum.elnk8.com
Server
TRK05
api.js
www.google.com/recaptcha/ 		884 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo
Requested by
Host: 1jgrcum.elnk8.com
URL: https://1jgrcum.elnk8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
542325ec4a34c302a768b3c52238db59c19327cdd1721f4e439b74d77dda614d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 14:47:02 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://1jgrcum.elnk8.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 14:04:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 96D1 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61b156d93468d7ba386f9a4e1b8e92a1690d833b0a17dadddcf64f1333e74d84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_JJre8TFT4IRVrXY_R8qDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22450
content-security-policy
script-src 'report-sample' 'nonce-_JJre8TFT4IRVrXY_R8qDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 14:47:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 96D1 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 12:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 12:01:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 96D1 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 14:04:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 96D1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
500814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 29 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 96D1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 09:20:58 GMT
x-content-type-options
nosniff
age
451565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 09:20:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 96D1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:15:01 GMT
x-content-type-options
nosniff
age
491522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:15:01 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 96D1 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 14:47:03 GMT
reload
www.google.com/recaptcha/api2/ Frame 96D1 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83b2776e53350a9e9ef51020372106dc59dc52405b02cbc2b6cb128e030e2171
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc4MaQUAAAAAGeV85igUnejUuezhWPplUTSdLlo&co=aHR0cHM6Ly8xamdyY3VtLmVsbms4LmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=f0lb18rng2jn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18651
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 14:47:03 GMT
Primary Request youth-gene-activation56253056
sirtuin.gamedayready.me/
Redirect Chain
  • https://1jgrcum.elnk8.com/
  • https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ff73f69bcb93ec740fe1a036bd797ad11106ca601cbbdd18931dd0ee4e3539
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
780b16c839949180-FRA
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 28 Dec 2022 14:47:03 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 14:47:03 GMT
location
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
server
awselb/2.0
challenges.css
sirtuin.gamedayready.me/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/styles/challenges.css
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:00 GMT
server
cloudflare
etag
W/"63a1e470-1896"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
780b16c88a0f9180-FRA
expires
Wed, 28 Dec 2022 16:47:03 GMT
favicon.ico
sirtuin.gamedayready.me/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sirtuin.gamedayready.me/favicon.ico
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435a7d241d97e2aaedcd3365829081c94f471ba31d77f7e5a6d988e2f2c01ad1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-resource-policy
same-origin
cf-ray
780b16c88a119180-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=780b16c839949180
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674da14a023e6179cf5b8569b267725e7988fa088b91a87df1b8da0f1f683781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722&__cf_chl_rt_tk=eHMbNSClDxQGwNgXhRDpNTXhcbckCQ7cuexFp1dpVXg-1672238823-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
780b16c8aa569180-FRA
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
transparent.gif
sirtuin.gamedayready.me/cdn-cgi/images/trace/jsch/js/ 		42 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=780b16c839949180
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722&__cf_chl_rt_tk=eHMbNSClDxQGwNgXhRDpNTXhcbckCQ7cuexFp1dpVXg-1672238823-0-gaNycGzNCFE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722&__cf_chl_rt_tk=eHMbNSClDxQGwNgXhRDpNTXhcbckCQ7cuexFp1dpVXg-1672238823-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:00 GMT
server
cloudflare
etag
"63a1e470-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
780b16c8aa589180-FRA
content-length
42
expires
Wed, 28 Dec 2022 16:47:03 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
4a0c1a5f4f71b99
sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/flow/ov1/0.0467154246492302:1672236499:GDQuuZk13sl6lGsskTxvFknGF-sPH7mVTYRcaIuK9ZM/780b16c839949180/ 		127 KB
74 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/flow/ov1/0.0467154246492302:1672236499:GDQuuZk13sl6lGsskTxvFknGF-sPH7mVTYRcaIuK9ZM/780b16c839949180/4a0c1a5f4f71b99
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=780b16c839949180
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a3adb0a4c43030b9a51307bd1b02887e5dd3abc44cc53feacf114f2c710dec

Request headers

Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge
4a0c1a5f4f71b99
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Dec 2022 14:47:04 GMT
content-encoding
br
cf_chl_gen
ZqmamXfMAW+UyYyAynFPp5Xvq/T5T04srHtC1Rj0sQhcLwdNdpB/++wlngsAbd9sp86vBujmcW0FTR/Ofzb17svwtiuLo+7yaX/NpQ7jJBiyP22gM0s5zH6nNEJcF+yZrx3C2gKz2TeTXG/0Og0/i6RpTScAnDCbYBRRhI+e8o5uXnAimZOhydjWd7CeUL9sH1D5nZkrI7ToFqgHJrppels0kKATkO8L+BpSx9/WUraZFayy07xsg6tum/Zwl4q3MSIutBOF3OdN0D4N9AmrdQK95g6tNEwDYAeqIjCunbtAYVL+ofxNvOCQsduxvemXwiHmMnjde7ier6WVlvVY/vwnk7ni52shc7dpRlQR2Sf3aeN3QlVFpt53htt3kCv+$p7uhLbQAEMF5BxWBg+q9Ig==
server
cloudflare
cf-ray
780b16c9bc029180-FRA
content-type
text/plain; charset=UTF-8
ozH6XRaelpDJIV-
sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/img/780b16c839949180/1672238823978/ 		61 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/img/780b16c839949180/1672238823978/ozH6XRaelpDJIV-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28762ca5911bd4b069409a09b2023e174c6bd507d0a268747322e0d5fc2886e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:04 GMT
server
cloudflare
cf-ray
780b16cb1e779180-FRA
vary
Accept-Encoding
content-type
image/png
krlQVl9smH0bXhv
sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/pat/780b16c839949180/1672238823980/c0465fa4d20af40c77ac59b219db174166b32719ec251e55de130be6219f2e07/ 		1 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/pat/780b16c839949180/1672238823980/c0465fa4d20af40c77ac59b219db174166b32719ec251e55de130be6219f2e07/krlQVl9smH0bXhv
Requested by
Host: 1jgrcum.elnk8.com
URL: https://1jgrcum.elnk8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:47:04 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gwEZfpNIK9Ax3rFmyGdsXQWazJxnsJR5V3hML5iGfLgcAF3NpcnR1aW4uZ2FtZWRheXJlYWR5Lm1l, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxI23N9dHPV5pUViLmURuq16ZuftCiP9kaEJporcBwHIenBJmt2_wSCufslAU75nQo5Bi9MNHgbp8ZgtC1ervZMjlRduhYII-ZgxoL4RgvDvYhcPWfz5kvkrgr4nR__ge9VZAaBVwhlbB4_ZstiXzjUR5vNLG_wbEHcxi8IcWVXqZIG9pAUqp0-0IRjFFuWYSPm25VM4C0d1nPO5RfF8OK_X7yA9ZrbfucoW3t9KzvWBp7YvXMtuhNiufkWs2pJuom4lCx-PCwDbbep3aZWUPCaZoWT61VkrwzxjB57rsYtLoOgODcC4mFxYTs5uaVEj1eK59dBEzNbOvLJt7OSRNnwIDAQAB, max-age=15
server
cloudflare
cf-ray
780b16cd1a2d9180-FRA
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
4a0c1a5f4f71b99
sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/flow/ov1/0.0467154246492302:1672236499:GDQuuZk13sl6lGsskTxvFknGF-sPH7mVTYRcaIuK9ZM/780b16c839949180/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/flow/ov1/0.0467154246492302:1672236499:GDQuuZk13sl6lGsskTxvFknGF-sPH7mVTYRcaIuK9ZM/780b16c839949180/4a0c1a5f4f71b99
Requested by
Host: sirtuin.gamedayready.me
URL: https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=780b16c839949180
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb322b25866c7adc84b7c9a37fe79f5ecc12f0e3bf010452a07c524a8be447a

Request headers

Referer
https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge
4a0c1a5f4f71b99
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Dec 2022 14:47:05 GMT
content-encoding
br
cf_chl_out_s
T12TIFROw7OyAMJAr7aNkdId00EzR6hEd7EWiZMltisYdEJ3qihNj7wgemHg4jpL7SOCTpyVR8JP+gOLedkBga6Q0RHegVPSJkO7T7l2TSLl2IsriaebI1mkTTxQHmDFszaZGoxYG9qcIc6SakvkkPNKr4d2ttBV1Ayv6wZftl9lXuqsHWfoTi75CEicl3kjd/LLcpBOW/LU4HDHR6REEw2/6tCqHC06WxWZDWOJ3XKGnowlPROsLuYrZG7UzBGgkbVvXBKEDlqLexcXj0XAzhdu7Q++YGSW91e+pyDngmle7hVrhyc+EZZi0gY39Zbl$ZzOx0tQV+AhDtE+6TnjIVw==
server
cloudflare
cf-ray
780b16d408079180-FRA
cf_chl_out
bbxvVL4uCNxJT5nqbN/sNozjjLDpI3oN00MYLMjTBTGNIPE1Bw1ZbT9MVBgQXaNTNlynMvvxX0Ib4A5rW+L+KA==$pwUY3xPyxExHM1RN0Kiw5g==
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _cf_chl_opt function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| sendRequest object| _cf_chl_ctx string| prefix object| _ undefined| _cf_gcr

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ4Tk-5cI0dufA0DWZoH_yk-pChrzwSZ8TaYfVR8D8O5ar--C6oe2BGMKAQLZ6B2Pysp4F57AzRgpQeFGH4PLVQ
.elnk8.com/ Name: e-recaptcha
Value: 64b6581c4813740ce24ec76bbd94f297
.sirtuin.gamedayready.me/ Name: __cf_bm
Value: 4Pd4JmwP7lbNhQKrzQhfx3sC4u_8WipukkRCPrANJY8-1672238823-0-AdvAMMSiqR42OT6xMqek2s5v6p2ToglEAp0pxipGlys+XTO5+Dkso8Qk15V8ibVgRJAIgLE40Tsp50i5rTZfbRIilmIzoNIBtVM0e/ty+pkb
sirtuin.gamedayready.me/ Name: cf_chl_rc_ni
Value: 1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://sirtuin.gamedayready.me/youth-gene-activation56253056?utm_source=creative&utm_medium=email&utm_campaign=Sirt_1&utm_id=Oct.3&aff_sub1=rw122722
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sirtuin.gamedayready.me/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sirtuin.gamedayready.me/cdn-cgi/challenge-platform/h/g/pat/780b16c839949180/1672238823980/c0465fa4d20af40c77ac59b219db174166b32719ec251e55de130be6219f2e07/krlQVl9smH0bXhv
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1jgrcum.elnk8.com
fonts.gstatic.com
sirtuin.gamedayready.me
trk.cp20.com
www.google.com
www.gstatic.com
216.24.224.100
2606:4700::6810:ec2
2a00:1450:4001:806::2004
2a00:1450:4001:827::2003
2a00:1450:400d:80c::2003
54.225.150.6
0d4a1b7e3cff8782daf75464e061b395682ece08da9498e884587a78e1ee1c7a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
435a7d241d97e2aaedcd3365829081c94f471ba31d77f7e5a6d988e2f2c01ad1
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4bb322b25866c7adc84b7c9a37fe79f5ecc12f0e3bf010452a07c524a8be447a
542325ec4a34c302a768b3c52238db59c19327cdd1721f4e439b74d77dda614d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61b156d93468d7ba386f9a4e1b8e92a1690d833b0a17dadddcf64f1333e74d84
674da14a023e6179cf5b8569b267725e7988fa088b91a87df1b8da0f1f683781
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
83b2776e53350a9e9ef51020372106dc59dc52405b02cbc2b6cb128e030e2171
a4ff73f69bcb93ec740fe1a036bd797ad11106ca601cbbdd18931dd0ee4e3539
a6a3adb0a4c43030b9a51307bd1b02887e5dd3abc44cc53feacf114f2c710dec
e28762ca5911bd4b069409a09b2023e174c6bd507d0a268747322e0d5fc2886e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa