urlscan.io logo urlscan.io
SecurityTrails logo

rossturns40.com Open in urlscan Pro
162.159.138.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFWYzVZYWc4UjB2ZFZvRlhI...
Effective URL: https://rossturns40.com/de-DE/AgeGate
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 162.159.138.47, located in and belongs to CLOUDFLARENET, US. The main domain is rossturns40.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2022. Valid for: a year.
This is the only time rossturns40.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.138.7.9 16509 (AMAZON-02)
1 1 2606:4700:7::... 13335 (CLOUDFLAR...)
2 11 162.159.138.47 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 74.206.104.174 12025 (IMDC-AS12025)
20 6
1    108.138.7.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-9.fra56.r.cloudfront.net
links.mkt3347.com
1    2606:4700:7::a29f:802f (United States)

ASN13335 (CLOUDFLARENET, US)
www.rossturns40.com
11    162.159.138.47 (None, )

ASN13335 (CLOUDFLARENET, US)
rossturns40.com
1    2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:4400::ac40:95f1 (United States)

ASN13335 (CLOUDFLARENET, US)
secure-shared2.plcontent.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    74.206.104.174 (Alexandria, United States)

ASN12025 (IMDC-AS12025, US)
bundles.prizelogic.com
Apex Domain
Subdomains		 Transfer
12 rossturns40.com
www.rossturns40.com
rossturns40.com
428 KB
5 plcontent.com
secure-shared2.plcontent.com — Cisco Umbrella Rank: 733319
193 KB
3 prizelogic.com
bundles.prizelogic.com — Cisco Umbrella Rank: 640681
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
87 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
1 KB
1 mkt3347.com
links.mkt3347.com
492 B
20 6
Domain Requested by
11 rossturns40.com 2 redirects rossturns40.com
secure-shared2.plcontent.com
5 secure-shared2.plcontent.com rossturns40.com
3 bundles.prizelogic.com rossturns40.com
bundles.prizelogic.com
2 connect.facebook.net rossturns40.com
connect.facebook.net
1 fonts.googleapis.com rossturns40.com
1 www.rossturns40.com 1 redirects
1 links.mkt3347.com 1 redirects
20 7

This site contains links to these domains. Also see Links.

Domain
www.rossstores.com
prizelogic.zendesk.com
rossstores.com
prizelogic.com
Subject Issuer Validity Valid
rossturns40.com
Cloudflare Inc ECC CA-3		 2022-09-08 -
2023-09-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
plcontent.com
Cloudflare Inc ECC CA-3		 2022-04-28 -
2023-04-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-25 -
2022-09-23		 3 months crt.sh
*.prizelogic.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-07-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rossturns40.com/de-DE/AgeGate
Frame ID: D905B1B59F58D0A77364DEED97BD2373
Requests: 18 HTTP requests in this frame

Frame: https://rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663329600
Frame ID: 00DBE1CAE45DFA49CDF46679C116DB67
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Ross 40th Anniversary Sweepstakes - Age Gate

Page URL History Show full URLs

  1. http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFW... HTTP 302
    https://www.rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
    http://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
    https://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 302
    https://rossturns40.com/de-DE/AgeGate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

715 kB
Transfer

1287 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFWYzVZYWc4UjB2ZFZvRlhIMG5SVHV1NDNCRzN5aiszWUtVbFBFMWt3bFdWRTgyY0E0RmtoelZEMHhKeXRWOW9razQ9S0/ HTTP 302
    https://www.rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
    http://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 301
    https://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary HTTP 302
    https://rossturns40.com/de-DE/AgeGate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request AgeGate
rossturns40.com/de-DE/
Redirect Chain
  • http://links.mkt3347.com/els/v2/WNeaJvDKwdHz/bS9IOTlNaXdtbHRRR3NpUFI1QjNNem5aMnl6Mml2T2hiRllmWVNiaWFWYzVZYWc4UjB2ZFZvRlhIMG5SVHV1NDNCRzN5aiszWUtVbFBFMWt3bFdWRTgyY0E0RmtoelZEMHhKeXRWOW9razQ9S0/
  • https://www.rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary
  • http://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary
  • https://rossturns40.com/?utm_source=Silverpopemail&utm_medium=email&utm_campaign=40th-anniversary
  • https://rossturns40.com/de-DE/AgeGate
31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9f59993f793e7cddd3b5aac0c091f8d98107af951ba15e2e0d3fe6e08c22aa
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
3628800
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74ba1931fe37995a-FRA
content-encoding
gzip
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 13:55:12 GMT
expires
-1
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
3628800
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74ba192ecfe5995a-FRA
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 13:55:12 GMT
expires
-1
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
location
/de-DE/AgeGate
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
fonts.css
rossturns40.com/Content/css/ 		1005 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/Content/css/fonts.css
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58d20e8f0761c0b8da2d6f879a3ab4f88171360e4da396ccf7bd601a5642ce5
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/de-DE/AgeGate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2673
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
strict-transport-security
max-age=31536000;includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ed81cae1c3d81:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
public, max-age=14400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
access-control-allow-credentials
true
cf-ray
74ba1934caf0995a-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
expires
Fri, 16 Sep 2022 17:55:12 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400i,900i&display=swap
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
394334c771e5c89cdb46aadf9940c6c8d5af7ea059761a13c0c5f3ec92d1db40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:55:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 13:55:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 13:55:12 GMT
pl-layout.css
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/css/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/css/pl-layout.css
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d226e250842279f3f4be708ecf569d20f12033deabf296a0d2f5c33414d895
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2673
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ed81cae1c3d81:0"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
text/css
cache-control
public, max-age=14400
content-security-policy
frame-ancestors none
cf-ray
74ba19351abb5c4a-FRA
expires
Fri, 16 Sep 2022 17:55:12 GMT
prizelogic-jquery.min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/prizelogic-jquery.min.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2673
vary
Accept-Encoding
content-length
42894
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0ed81cae1c3d81:0"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
frame-ancestors none
accept-ranges
bytes
cf-ray
74ba19351abe5c4a-FRA
expires
Fri, 16 Sep 2022 17:55:12 GMT
foundation-all-min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/Vendor/Zurb/ 		124 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/Vendor/Zurb/foundation-all-min.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d09a1088fa9ac79578932d163fe1b20817b6b7273214145bb12016469cf1179
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2673
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ed81cae1c3d81:0"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
frame-ancestors none
cf-ray
74ba19351abf5c4a-FRA
expires
Fri, 16 Sep 2022 17:55:12 GMT
prizelogic.core-min.js
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/prizelogic.core-min.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cc4c7c44932c9f75b99d78c72432689af23085db65bd0253ee1dc76459a918
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2673
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ed81cae1c3d81:0"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
content-security-policy
frame-ancestors none
cf-ray
74ba19351ac15c4a-FRA
expires
Fri, 16 Sep 2022 17:55:12 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cddd5cc72a7d392d49596a1b8206ec3bae7f1d9b7479dee855374df7467da0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b9ZQuqa8HnvI4DOtc2WQug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
JHHsclzkurILN02nOJhzE1YfT8K1PG+1ji/hr9x8RnjEBvGrB3oD9ta+y2ppR9KZRCpx51VZ8EYj0TWrAQvlpA==
x-fb-trip-id
720026100
x-fb-content-md5
7831c7f5401d5ccc0b2124930d420541
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 13:55:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fcd8fa02808e6a9e15ae50dc57b60cd0"
timing-allow-origin
*
expires
Fri, 16 Sep 2022 14:13:07 GMT
third-party-optin.min.js
bundles.prizelogic.com/gdpr/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Alexandria, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
content-encoding
gzip
referrer-policy
strict-origin
last-modified
Tue, 27 Oct 2020 22:14:15 GMT
etag
"80957181aeacd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
3788
x-content-type-options
nosniff
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8838ee48087181b6bd537ffcda4b9bb075ae398765bfcd05b8f3bee560419ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
nimbussanl-reg.woff2
rossturns40.com/Content/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/Content/fonts/nimbussanl-reg.woff2
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/Content/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f34c1bb37e4cc5924f3d80920c7f41e470de3d30e2c695a1fe8b527fec59c40
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rossturns40.com/Content/css/fonts.css
Origin
https://rossturns40.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2672
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
strict-transport-security
max-age=31536000;includeSubDomains
vary
Accept-Encoding
content-length
35124
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0ed81cae1c3d81:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2
cache-control
public, max-age=14400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
accept-ranges
bytes
cf-ray
74ba1935bc89995a-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
expires
Fri, 16 Sep 2022 17:55:12 GMT
louisiana-bold-special.woff2
rossturns40.com/Content/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/Content/fonts/louisiana-bold-special.woff2
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/Content/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b323cfb70bbe49a9e1cd4699d6c71ec043b4763ae6039e55a644aa0bd1b0ca14
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rossturns40.com/Content/css/fonts.css
Origin
https://rossturns40.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:12 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2672
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
strict-transport-security
max-age=31536000;includeSubDomains
vary
Accept-Encoding
content-length
45192
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0ed81cae1c3d81:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2
cache-control
public, max-age=14400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
accept-ranges
bytes
cf-ray
74ba1935bc8b995a-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
expires
Fri, 16 Sep 2022 17:55:12 GMT
sdk.js
connect.facebook.net/en_US/ 		313 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c2ff86efabe4b0e15e49562dacccb407
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06fb4778665c81728316e8db1ad91cf278f809b602a757d9ddeb08ada9661090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rossturns40.com/
Origin
https://rossturns40.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NON0CO5vYKB7Gajw4HJKtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87224
x-fb-rlafr
0
x-fb-debug
a2ffiUkYtQwGBZ12xo/4ME2q0fwB4xNUJ07f/nxOHi5RZuZO3OiGjSTpaqtQGIhC2Oo8KHdZ+Vn7iF5wIaq5XQ==
x-fb-content-md5
661da9071bb1fc5aa80ed301da978a61
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 13:55:13 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"09ab0c14ae64b11f763494d79ff93752"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Sep 2023 12:22:12 GMT
rossturns40.com.json
bundles.prizelogic.com/gdpr/ 		893 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/rossturns40.com.json
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Alexandria, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
513b13abd8c15fbbbbd91b3901a64e04ac58e8d094e681140fe38d7b2e965f6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 19:13:52 GMT
etag
"3564564c80c4d81:0"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
content-length
893
x-content-type-options
nosniff
CookieGate
rossturns40.com/de-DE/ 		4 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/de-DE/CookieGate
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Scripts/PL/prizelogic-jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://rossturns40.com/de-DE/AgeGate
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
strict-transport-security
max-age=31536000;includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
access-control-allow-credentials
true
cf-ray
74ba1939cb96995a-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
landingA_header.jpg
secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/images/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl016858-40thanniversarysweeps/Content/images/landingA_header.jpg
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d2a303b3982d10828f623320238f19bdcf928394e5445452ba9195502eb5a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:14 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
vary
Accept-Encoding
content-length
111768
x-xss-protection
1;mode=block
referrer-policy
strict-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0ed81cae1c3d81:0"
strict-transport-security
max-age=31536000;includeSubDomains
content-type
image/jpeg
expires
Fri, 16 Sep 2022 17:55:14 GMT
cache-control
public, max-age=14400
content-security-policy
frame-ancestors none
accept-ranges
bytes
cf-ray
74ba1939cc325c4a-FRA
cf-bgj
h2pri
invisible.js
rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 00DB 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663329600
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8013cae321c9c8830f2690b335f789c80063690062794b5a7b5d51b161171a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74ba1939dba7995a-FRA
pica.js
rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 00DB 		23 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/de-DE/AgeGate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4214d5036b17b77e3aea01e93b22b4cf8e820d847f31cdb73d6375468712a33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74ba193a0be9995a-FRA
74ba1931fe37995a
rossturns40.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 00DB 		2 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/cdn-cgi/challenge-platform/h/b/cv/result/74ba1931fe37995a
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663329600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
content-encoding
gzip
server
cloudflare
cf-ray
74ba193c0f5c995a-FRA
content-type
text/plain; charset=UTF-8
default-styles.css
bundles.prizelogic.com/gdpr/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/default-styles.css
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Alexandria, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rossturns40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:13 GMT
referrer-policy
strict-origin
last-modified
Wed, 18 Dec 2019 20:35:46 GMT
etag
"c5a1ccb9e2b5d51:0"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
content-length
1377
x-content-type-options
nosniff
helvetica.ttf
rossturns40.com/Content/fonts/ 		311 KB
312 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rossturns40.com/Content/fonts/helvetica.ttf
Requested by
Host: rossturns40.com
URL: https://rossturns40.com/Content/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f865ddf37549ae44630b13a501f813086e2ae974adc86b97337cd9ee4b1e4ff
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rossturns40.com/Content/css/fonts.css
Origin
https://rossturns40.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 13:55:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2672
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
strict-transport-security
max-age=31536000;includeSubDomains
vary
Accept-Encoding
content-length
317968
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 09 Sep 2022 00:19:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0ed81cae1c3d81:0"
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
cache-control
public, max-age=14400
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
accept-ranges
bytes
cf-ray
74ba193db9e5995a-FRA
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
expires
Fri, 16 Sep 2022 17:55:14 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| $pl object| __FOUNDATION_EXTERNAL__ object| Foundation object| jQuery1111044176759294440804 function| createCookie function| readCookie function| eraseCookie function| getElemValue function| getModelIDPrefix function| isCompositeActive object| formSubmit function| openModal function| wrapAsterisks function| wrapParenthesis function| pop function| GetQueryParamValues function| Tab function| onOptinDialogMount function| Class boolean| fbApiInit function| fbEnsureInit function| fbAsyncInit function| getQueryVariable undefined| showModal string| servercookieName string| clientcookieName function| cookies_enabled function| cookies_checked string| browserBypassedCookieName function| browsercheck_bypassed function| getBrowserInfo object| FB object| __buffer function| parseContentLinks function| initOptinDialog function| createGTMInitializer function| createAdobeAnalyticsInitializer function| initGTMOptinDialog function| initAdobeAnalyticsOptinDialog object| options function| init

7 Cookies

Domain/Path Name / Value
.www.rossturns40.com/ Name: __cf_bm
Value: j9f.Za3x51dd9204lC0GutOF25S72u3LfYcI7NtSVxw-1663336511-0-Acl9lXNjECDEsaCdVuuACD0L18ZxZxIjuvPSVQkd0acVFS6wekk6bHBe6FHS7Eev5oDaMH5VDGTggOp0lk7SIPlUjuSCxLYsQNRDgdOH9M+L
rossturns40.com/ Name: ASP.NET_SessionId
Value: 3khaaor1nurfsjonugh3pw1y
rossturns40.com/ Name: ::Language::
Value: de-DE
rossturns40.com/ Name: __RequestVerificationToken
Value: YFYhce1aCCzYwPyacUiTDAx_mMC0ZbKIwN1qSH01qzmVrQk3QwI-eq2_G46ycuO15e-XjgTfzO9zE8Doks4RvDBw4o41
.plcontent.com/ Name: __cf_bm
Value: .PLD5sa0uKNczgyh8m9JA.aUR3jJ7TcJRz4dXklR4Mc-1663336512-0-AaX/AWmURbSfEwwuFRCejjfW+JTwjeiKgsGSWTv1b+EQXcPzbDF/8DAAofCM7sY2kCwrCLCuTzYDvsGwqjtSGSA=
rossturns40.com/ Name: ::ClientCookie::
Value: test
.rossturns40.com/ Name: __cf_bm
Value: 7LehxK33k7aCYSw2R8moxQeSrWoo8vzqlTsm0FSbJqE-1663336513-0-AcsUt5qMEcnrtRrEhRciZikJArLI7HEqAbMGO7vY5OC/4P5dxCBz7y3Ji02/72XZX8gL7UQ9yQ2Co4ZwKofxHyqvBNirT4LGyKjGEiJa/k4Z+JDU1t1x18m4j3C/vzzq48Nb6QT9pD4h4RoCECiW+a3CRYOoSCEn+Vd/RnPUiugaSG2VpAB82jhu0YQxuOs2zQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net;
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundles.prizelogic.com
connect.facebook.net
fonts.googleapis.com
links.mkt3347.com
rossturns40.com
secure-shared2.plcontent.com
www.rossturns40.com
108.138.7.9
162.159.138.47
2606:4700:4400::ac40:95f1
2606:4700:7::a29f:802f
2a00:1450:400a:808::200a
2a03:2880:f007:8:face:b00c:0:1
74.206.104.174
06fb4778665c81728316e8db1ad91cf278f809b602a757d9ddeb08ada9661090
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d09a1088fa9ac79578932d163fe1b20817b6b7273214145bb12016469cf1179
394334c771e5c89cdb46aadf9940c6c8d5af7ea059761a13c0c5f3ec92d1db40
4214d5036b17b77e3aea01e93b22b4cf8e820d847f31cdb73d6375468712a33c
4e9f59993f793e7cddd3b5aac0c091f8d98107af951ba15e2e0d3fe6e08c22aa
513b13abd8c15fbbbbd91b3901a64e04ac58e8d094e681140fe38d7b2e965f6f
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
5f865ddf37549ae44630b13a501f813086e2ae974adc86b97337cd9ee4b1e4ff
67d2a303b3982d10828f623320238f19bdcf928394e5445452ba9195502eb5a5
6f34c1bb37e4cc5924f3d80920c7f41e470de3d30e2c695a1fe8b527fec59c40
79d226e250842279f3f4be708ecf569d20f12033deabf296a0d2f5c33414d895
a8838ee48087181b6bd537ffcda4b9bb075ae398765bfcd05b8f3bee560419ba
b1cc4c7c44932c9f75b99d78c72432689af23085db65bd0253ee1dc76459a918
b323cfb70bbe49a9e1cd4699d6c71ec043b4763ae6039e55a644aa0bd1b0ca14
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8013cae321c9c8830f2690b335f789c80063690062794b5a7b5d51b161171a8
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
cddd5cc72a7d392d49596a1b8206ec3bae7f1d9b7479dee855374df7467da0fc
d58d20e8f0761c0b8da2d6f879a3ab4f88171360e4da396ccf7bd601a5642ce5