rossturns40.com
Open in
urlscan Pro
162.159.138.47
Public Scan
Effective URL: https://rossturns40.com/de-DE/AgeGate
Submission: On September 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2022. Valid for: a year.
This is the only time rossturns40.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 108.138.7.9 108.138.7.9 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2606:4700:7::... 2606:4700:7::a29f:802f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 11 | 162.159.138.47 162.159.138.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:400a:808::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2606:4700:440... 2606:4700:4400::ac40:95f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 74.206.104.174 74.206.104.174 | 12025 (IMDC-AS12025) (IMDC-AS12025) | |
20 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-9.fra56.r.cloudfront.net
links.mkt3347.com |
ASN13335 (CLOUDFLARENET, US)
secure-shared2.plcontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
rossturns40.com
3 redirects
www.rossturns40.com rossturns40.com |
428 KB |
5 |
plcontent.com
secure-shared2.plcontent.com — Cisco Umbrella Rank: 733319 |
193 KB |
3 |
prizelogic.com
bundles.prizelogic.com — Cisco Umbrella Rank: 640681 |
7 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152 |
87 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40 |
1 KB |
1 |
mkt3347.com
1 redirects
links.mkt3347.com |
492 B |
20 | 6 |
Domain | Requested by | |
---|---|---|
11 | rossturns40.com |
2 redirects
rossturns40.com
secure-shared2.plcontent.com |
5 | secure-shared2.plcontent.com |
rossturns40.com
|
3 | bundles.prizelogic.com |
rossturns40.com
bundles.prizelogic.com |
2 | connect.facebook.net |
rossturns40.com
connect.facebook.net |
1 | fonts.googleapis.com |
rossturns40.com
|
1 | www.rossturns40.com | 1 redirects |
1 | links.mkt3347.com | 1 redirects |
20 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.rossstores.com |
prizelogic.zendesk.com |
rossstores.com |
prizelogic.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rossturns40.com Cloudflare Inc ECC CA-3 |
2022-09-08 - 2023-09-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-29 - 2022-11-21 |
3 months | crt.sh |
plcontent.com Cloudflare Inc ECC CA-3 |
2022-04-28 - 2023-04-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-25 - 2022-09-23 |
3 months | crt.sh |
*.prizelogic.com Go Daddy Secure Certificate Authority - G2 |
2022-06-27 - 2023-07-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://rossturns40.com/de-DE/AgeGate
Frame ID: D905B1B59F58D0A77364DEED97BD2373
Requests: 18 HTTP requests in this frame
Frame:
https://rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663329600
Frame ID: 00DBE1CAE45DFA49CDF46679C116DB67
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
The Ross 40th Anniversary Sweepstakes - Age GatePage URL History Show full URLs
-
http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFW...
HTTP 302
https://www.rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
http://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
https://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 302
https://rossturns40.com/de-DE/AgeGate Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Visit Ross Stores
Search URL Search Domain Scan URL
Title: Powered by the PrizeLogicâ„¢ Engage Platform
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFWYzVZYWc4UjB2ZFZvRlhIMG5SVHV1NDNCRzN5aiszWUtVbFBFMWt3bFdWRTgyY0E0RmtoelZEMHhKeXRWOW9razQ9S0/
HTTP 302
https://www.rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
http://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
https://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 302
https://rossturns40.com/de-DE/AgeGate Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
AgeGate
rossturns40.com/de-DE/ Redirect Chain
|
31 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
rossturns40.com/Content/css/ |
1005 B 482 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl-layout.css
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/css/ |
99 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prizelogic-jquery.min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/ |
123 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation-all-min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/Vendor/Zurb/ |
124 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prizelogic.core-min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
third-party-optin.min.js
bundles.prizelogic.com/gdpr/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
176 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nimbussanl-reg.woff2
rossturns40.com/Content/fonts/ |
34 KB 34 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
louisiana-bold-special.woff2
rossturns40.com/Content/fonts/ |
44 KB 44 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
313 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rossturns40.com.json
bundles.prizelogic.com/gdpr/ |
893 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CookieGate
rossturns40.com/de-DE/ |
4 B 168 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landingA_header.jpg
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/images/ |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 00DB |
39 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pica.js
rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 00DB |
23 KB 10 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
74ba1931fe37995a
rossturns40.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 00DB |
2 B 387 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-styles.css
bundles.prizelogic.com/gdpr/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helvetica.ttf
rossturns40.com/Content/fonts/ |
311 KB 312 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| $pl object| __FOUNDATION_EXTERNAL__ object| Foundation object| jQuery1111044176759294440804 function| createCookie function| readCookie function| eraseCookie function| getElemValue function| getModelIDPrefix function| isCompositeActive object| formSubmit function| openModal function| wrapAsterisks function| wrapParenthesis function| pop function| GetQueryParamValues function| Tab function| onOptinDialogMount function| Class boolean| fbApiInit function| fbEnsureInit function| fbAsyncInit function| getQueryVariable undefined| showModal string| servercookieName string| clientcookieName function| cookies_enabled function| cookies_checked string| browserBypassedCookieName function| browsercheck_bypassed function| getBrowserInfo object| FB object| __buffer function| parseContentLinks function| initOptinDialog function| createGTMInitializer function| createAdobeAnalyticsInitializer function| initGTMOptinDialog function| initAdobeAnalyticsOptinDialog object| options function| init7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.rossturns40.com/ | Name: __cf_bm Value: j9f.Za3x51dd9204lC0GutOF25S72u3LfYcI7NtSVxw-1663336511-0-Acl9lXNjECDEsaCdVuuACD0L18ZxZxIjuvPSVQkd0acVFS6wekk6bHBe6FHS7Eev5oDaMH5VDGTggOp0lk7SIPlUjuSCxLYsQNRDgdOH9M+L |
|
rossturns40.com/ | Name: ASP.NET_SessionId Value: 3khaaor1nurfsjonugh3pw1y |
|
rossturns40.com/ | Name: ::Language:: Value: de-DE |
|
rossturns40.com/ | Name: __RequestVerificationToken Value: YFYhce1aCCzYwPyacUiTDAx_mMC0ZbKIwN1qSH01qzmVrQk3QwI-eq2_G46ycuO15e-XjgTfzO9zE8Doks4RvDBw4o41 |
|
.plcontent.com/ | Name: __cf_bm Value: .PLD5sa0uKNczgyh8m9JA.aUR3jJ7TcJRz4dXklR4Mc-1663336512-0-AaX/AWmURbSfEwwuFRCejjfW+JTwjeiKgsGSWTv1b+EQXcPzbDF/8DAAofCM7sY2kCwrCLCuTzYDvsGwqjtSGSA= |
|
rossturns40.com/ | Name: ::ClientCookie:: Value: test |
|
.rossturns40.com/ | Name: __cf_bm Value: 7LehxK33k7aCYSw2R8moxQeSrWoo8vzqlTsm0FSbJqE-1663336513-0-AcsUt5qMEcnrtRrEhRciZikJArLI7HEqAbMGO7vY5OC/4P5dxCBz7y3Ji02/72XZX8gL7UQ9yQ2Co4ZwKofxHyqvBNirT4LGyKjGEiJa/k4Z+JDU1t1x18m4j3C/vzzq48Nb6QT9pD4h4RoCECiW+a3CRYOoSCEn+Vd/RnPUiugaSG2VpAB82jhu0YQxuOs2zQ== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net; |
Strict-Transport-Security | max-age=31536000;includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bundles.prizelogic.com
connect.facebook.net
fonts.googleapis.com
links.mkt3347.com
rossturns40.com
secure-shared2.plcontent.com
www.rossturns40.com
108.138.7.9
162.159.138.47
2606:4700:4400::ac40:95f1
2606:4700:7::a29f:802f
2a00:1450:400a:808::200a
2a03:2880:f007:8:face:b00c:0:1
74.206.104.174
06fb4778665c81728316e8db1ad91cf278f809b602a757d9ddeb08ada9661090
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d09a1088fa9ac79578932d163fe1b20817b6b7273214145bb12016469cf1179
394334c771e5c89cdb46aadf9940c6c8d5af7ea059761a13c0c5f3ec92d1db40
4214d5036b17b77e3aea01e93b22b4cf8e820d847f31cdb73d6375468712a33c
4e9f59993f793e7cddd3b5aac0c091f8d98107af951ba15e2e0d3fe6e08c22aa
513b13abd8c15fbbbbd91b3901a64e04ac58e8d094e681140fe38d7b2e965f6f
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
5f865ddf37549ae44630b13a501f813086e2ae974adc86b97337cd9ee4b1e4ff
67d2a303b3982d10828f623320238f19bdcf928394e5445452ba9195502eb5a5
6f34c1bb37e4cc5924f3d80920c7f41e470de3d30e2c695a1fe8b527fec59c40
79d226e250842279f3f4be708ecf569d20f12033deabf296a0d2f5c33414d895
a8838ee48087181b6bd537ffcda4b9bb075ae398765bfcd05b8f3bee560419ba
b1cc4c7c44932c9f75b99d78c72432689af23085db65bd0253ee1dc76459a918
b323cfb70bbe49a9e1cd4699d6c71ec043b4763ae6039e55a644aa0bd1b0ca14
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8013cae321c9c8830f2690b335f789c80063690062794b5a7b5d51b161171a8
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
cddd5cc72a7d392d49596a1b8206ec3bae7f1d9b7479dee855374df7467da0fc
d58d20e8f0761c0b8da2d6f879a3ab4f88171360e4da396ccf7bd601a5642ce5