urlscan.io logo urlscan.io
SecurityTrails logo

account.circleshirts.com Open in urlscan Pro
5.42.64.15  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://account.circleshirts.com/
Submission: On January 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 5.42.64.15, located in Russian Federation and belongs to SERVER4-AS, RU. The main domain is account.circleshirts.com.
This is the only time account.circleshirts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
5 5.42.64.15 210352 (SERVER4-AS)
16 2600:9000:20a... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.160.156.44 16509 (AMAZON-02)
1 1 13.249.59.68 16509 (AMAZON-02)
4 13.249.21.9 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:20a... 16509 (AMAZON-02)
3 35.190.10.96 15169 (GOOGLE)
41 9
5    5.42.64.15 (Russian Federation)

ASN210352 (SERVER4-AS, RU)
account.circleshirts.com
www.circleshirts.com
16    2600:9000:20a9:9a00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
www.bstatic.com
q-xx.bstatic.com
6    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2607:f8b0:4004:c17::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.160.156.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-156-44.iah50.r.cloudfront.net
www.booking.com
1    13.249.59.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-68.iah50.r.cloudfront.net
d8c14d4960ca.edge.sdk.awswaf.com
4    13.249.21.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-21-9.iah50.r.cloudfront.net
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2600:9000:20a9:d600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
q.bstatic.com
3    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxikkul2rm.px-cloud.net
Apex Domain
Subdomains		 Transfer
18 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 16363
www.bstatic.com — Cisco Umbrella Rank: 111173
q-xx.bstatic.com — Cisco Umbrella Rank: 17272
q.bstatic.com — Cisco Umbrella Rank: 99516
2 MB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
126 KB
5 awswaf.com
d8c14d4960ca.edge.sdk.awswaf.com — Cisco Umbrella Rank: 102937
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 216676
288 KB
5 circleshirts.com
account.circleshirts.com
www.circleshirts.com
66 KB
3 px-cloud.net
collector-pxikkul2rm.px-cloud.net — Cisco Umbrella Rank: 17741
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
42 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
305 B
1 booking.com
www.booking.com — Cisco Umbrella Rank: 10769
2 KB
41 8
Domain Requested by
14 cf.bstatic.com account.circleshirts.com
6 cdn.cookielaw.org account.circleshirts.com
www.bstatic.com
cdn.cookielaw.org
4 d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com account.circleshirts.com
d8c14d4960ca.edge.sdk.awswaf.com
4 account.circleshirts.com account.circleshirts.com
cf.bstatic.com
3 collector-pxikkul2rm.px-cloud.net q.bstatic.com
3 www.google-analytics.com account.circleshirts.com
www.google-analytics.com
cdn.cookielaw.org
2 q.bstatic.com account.circleshirts.com
cdn.cookielaw.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 d8c14d4960ca.edge.sdk.awswaf.com 1 redirects
1 www.booking.com www.bstatic.com
1 q-xx.bstatic.com account.circleshirts.com
1 www.bstatic.com account.circleshirts.com
1 www.circleshirts.com account.circleshirts.com
41 13

This site contains links to these domains. Also see Links.

Domain
secure.booking.com
www.booking.com
Subject Issuer Validity Valid
circleshirts.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
account.circleshirts.com
R3		 2024-01-07 -
2024-04-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-05-18		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.d2eb2267.us-east-1.token.awswaf.com
Amazon RSA 2048 M01		 2023-06-05 -
2024-07-03		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh

This page contains 2 frames:

Primary Page: http://account.circleshirts.com/
Frame ID: 9E98DF075273CCF8F99C61731C0DB204
Requests: 40 HTTP requests in this frame

Frame: https://www.booking.com/cookiebanner.html
Frame ID: 152C4D5511891C19A809D483E86E591F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns

Page Statistics

41
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

13
Subdomains

9
IPs

2
Countries

2421 kB
Transfer

4175 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js HTTP 307
  • https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.circleshirts.com/ 		267 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://account.circleshirts.com/
Protocol
HTTP/1.1
Server
5.42.64.15 , Russian Federation, ASN210352 (SERVER4-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9c21f8c1aca0eed9449ff9d5845cca0ad5e14e261abf3fd080587ec3a5585ed5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
65635
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Jan 2024 15:27:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.24.0
Vary
Accept-Encoding
_etnht
www.circleshirts.com/ 		35 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.circleshirts.com/_etnht?cpr=http&ch=account.circleshirts.com&we=we&cpa=%2F
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.42.64.15 , Russian Federation, ASN210352 (SERVER4-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 Jan 2024 15:27:06 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.24.0
content-length
35
expires
Thu, 19 Nov 1981 08:52:00 GMT
45_1975cbc2f7eaad75f590.css
cf.bstatic.com/psb/accountsportal/assets/ 		90 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/45_1975cbc2f7eaad75f590.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d74100a825fc1a4af9272c442187ca4005d0dc1b7b8b61066e02059ada4ab13

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:32:03 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
10547
x-amz-server-side-encryption
AES256
etag
"d2e841cb3b0b0274a4196fd767d65edb"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
92562
x-amz-cf-id
gDikjR5qi1ak2AiAzJqAhTZwyeivG08BjIP-YuPBXEIDZ4ph2bLZDQ==
336_afde72b9aaa8302ff017.css
cf.bstatic.com/psb/accountsportal/assets/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/336_afde72b9aaa8302ff017.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4567d6213bc1480a45f493da8d292339522d45ac15c8ba1723aa342b155393f7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 14:49:00 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
2369
x-amz-server-side-encryption
AES256
etag
"41a6ba0fb726b17a45f26570565ea765"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
74745
x-amz-cf-id
HDgbw_1DwKE8Anj8DV7OM_bUiyNURajKPE-vxYeMLdamunSfOC5U6Q==
826_0d1737e180931a217647.css
cf.bstatic.com/psb/accountsportal/assets/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/826_0d1737e180931a217647.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5522523714d946a5810383bbca991c678457eed981b987d65f352c9fed2dc7d9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:32:03 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
10547
x-amz-server-side-encryption
AES256
etag
"c23712fdf141e24db80e23cb329d9b13"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
61251
x-amz-cf-id
uSk5JmDzOKtOqKrhp7b1TTRCuxH_-OmZedCy6GaHin-gdXi2xLIB_Q==
45_1975cbc2f7eaad75f590.css
cf.bstatic.com/psb/accountsportal/assets/ 		90 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/45_1975cbc2f7eaad75f590.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d74100a825fc1a4af9272c442187ca4005d0dc1b7b8b61066e02059ada4ab13

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:32:03 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
10547
x-amz-server-side-encryption
AES256
etag
"d2e841cb3b0b0274a4196fd767d65edb"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
92562
x-amz-cf-id
_esM7armU2jHOmhF9Au1f5qEiNT_Lz_pBL4qVrC8XRm7vUypUBEW2A==
336_afde72b9aaa8302ff017.css
cf.bstatic.com/psb/accountsportal/assets/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/336_afde72b9aaa8302ff017.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4567d6213bc1480a45f493da8d292339522d45ac15c8ba1723aa342b155393f7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 14:49:00 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
2369
x-amz-server-side-encryption
AES256
etag
"41a6ba0fb726b17a45f26570565ea765"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
74745
x-amz-cf-id
_zO8EcAXVGw601Ve4NJ2HYTJRXIuDqDu0Km84iC34uc-Vm6jbwuIAA==
826_0d1737e180931a217647.css
cf.bstatic.com/psb/accountsportal/assets/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/826_0d1737e180931a217647.css
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5522523714d946a5810383bbca991c678457eed981b987d65f352c9fed2dc7d9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:32:03 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
10547
x-amz-server-side-encryption
AES256
etag
"c23712fdf141e24db80e23cb329d9b13"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
text/css
accept-ranges
bytes
content-length
61251
x-amz-cf-id
OrvPgNbQMjT7AXeI7BccDoG-FzDC5M-aXm5Du3b1i8EwF1DJaYBpqw==
OtAutoBlock.js
cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3e2d70e3e3ffb919fd2ce8d89721d4f2931bb069489c075eab2eab978f2bc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1130
content-md5
1edaYBaUuHR/0XZZX5572w==
content-length
1991
x-ms-lease-status
unlocked
last-modified
Thu, 08 Jun 2023 05:37:02 GMT
server
cloudflare
etag
0x8DB67E2632B9BBB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6942a782-001e-005d-58d5-123307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8425766e8d784bcc-BUF
expires
Tue, 09 Jan 2024 15:27:06 GMT
cookie-banner.min.js
www.bstatic.com/libs/privacy-consent/1.0.0/customer/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d84999d183797b4f966cb30922ea78d372a2572ae46e4eb91665c59f211a810c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 11:54:33 GMT
content-encoding
br
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAH50-C1
age
963152
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 23:25:16 GMT
server
nginx
etag
W/"6567c85c-f17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
7mZw946nvFdf7VcwDjb5v5I7IY_X0VpJutpXGQbARRvkK3kzkO1NHA==
expires
Sat, 27 Jan 2024 11:54:33 GMT
runtime~index_9239c9c6cbeb2a77c28f.js
cf.bstatic.com/psb/accountsportal/assets/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/runtime~index_9239c9c6cbeb2a77c28f.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3b6d872420fb5262782438ec43056204e645915d132e05cdf886d40ae70b15

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:51:28 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 12:23:42 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
64297
x-amz-server-side-encryption
AES256
etag
"486dbfc2509a5b7f573cbe21281bacd7"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
d80cdad0be9b88d89021d0737dbdd068954e30a2764a7789d0389e4d12ed8979
content-type
application/javascript
accept-ranges
bytes
content-length
4651
x-amz-cf-id
du39YNtRueZ9ZR96G-1a_XDaZKjtQ2HB5Z6wsjlQpn5YfOHBn1L0qw==
326_4e98a27a96e8aa0e2044.js
cf.bstatic.com/psb/accountsportal/assets/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/326_4e98a27a96e8aa0e2044.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dda2b05de1686cc556ae307d414e0f94854ba22e20ebb9631ee61c454ac5cf71

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:04:52 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 12:23:42 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
31525
x-amz-server-side-encryption
AES256
etag
"c87fba85f4e94843af93e4f6a1819b4b"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
d80cdad0be9b88d89021d0737dbdd068954e30a2764a7789d0389e4d12ed8979
content-type
application/javascript
accept-ranges
bytes
content-length
32162
x-amz-cf-id
fZA4FZL0_VUzqi8yXsZyKGmnK84c4ePPojDF09OQ8x_FEKU99T-TaQ==
45_de7f4b7ce86eab041180.js
cf.bstatic.com/psb/accountsportal/assets/ 		322 KB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/45_de7f4b7ce86eab041180.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17ee9936380d64560ec98de2b972b3ebd0353c4264371ad85bda9cd6e4edfdd8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:11:34 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
83732
x-amz-server-side-encryption
AES256
etag
"2eaec1ded279befb01f731d7bc109b01"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
application/javascript
accept-ranges
bytes
content-length
329657
x-amz-cf-id
ICREGqHH8JDvC9iI6w5cljZ3VOl0RdN00D3-aGpgQrgIxpyINm3ubg==
903_0c38bb6dddbae47eeeea.js
cf.bstatic.com/psb/accountsportal/assets/ 		142 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/903_0c38bb6dddbae47eeeea.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
632121c546675b676e6995810ca4b669015f742000a4ce49f3257910536dd947

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:56:51 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
56272
x-amz-server-side-encryption
AES256
etag
"f6acacb27a21a12ec4799883592c8ab8"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
application/javascript
accept-ranges
bytes
content-length
145280
x-amz-cf-id
J2boei4JLOMTzCojLCxSlCjxHw0A8BFjqPR49IOjyM_9R-UtETewsQ==
431_7f56befa4bbedcba65c8.js
cf.bstatic.com/psb/accountsportal/assets/ 		59 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/431_7f56befa4bbedcba65c8.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4c0ad1fb3e5a4c3d624eadd0ab6ae845894847f94fcec8e31d64e3ead4e4f1d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:23:03 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
51630
x-amz-server-side-encryption
AES256
etag
"983bd6c8ed27a19cd0d72e94be13c827"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
application/javascript
accept-ranges
bytes
content-length
59904
x-amz-cf-id
DkSEEJqYaTYz7YUsu-7CPy8ZrwrP52gAVf4M4lExM_MLPWdXpwsssA==
336_0efd436088eca267c0aa.js
cf.bstatic.com/psb/accountsportal/assets/ 		187 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/336_0efd436088eca267c0aa.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c8ab394de2bf124c40114dbaf276307d442d64a9cde3ad8aa04a0ebc53be42f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 13:02:02 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:18 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
8757
x-amz-server-side-encryption
AES256
etag
"e0b407117276d5446a94e49bb05ddf0c"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
application/javascript
accept-ranges
bytes
content-length
191217
x-amz-cf-id
iMbVtVO56TfcFeTs1qje9ULWlXqCgHD7Ks6DQ-nfD7CjQy4pctGCmQ==
48_a501036cafaf1b1b6586.js
cf.bstatic.com/psb/accountsportal/assets/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/48_a501036cafaf1b1b6586.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f75b16ced45abf30577dbbbc39de46c69526a9f82044a6001b1daa9517a41674

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 19:25:58 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 12:23:43 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
72067
x-amz-server-side-encryption
AES256
etag
"88389331fbabfe4a679dcbfc3e2cc56d"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
d80cdad0be9b88d89021d0737dbdd068954e30a2764a7789d0389e4d12ed8979
content-type
application/javascript
accept-ranges
bytes
content-length
13479
x-amz-cf-id
nrogZfpIld0m7P0Eyl2LPdCYh-u4ywsF83vtKOa5P27pK6Ci4qqDew==
index_f9950ab03dd233fa3cfc.js
cf.bstatic.com/psb/accountsportal/assets/ 		483 KB
484 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/psb/accountsportal/assets/index_f9950ab03dd233fa3cfc.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a037535c9c844b733fa5204c02e049f35b642d6f37e3ed5fc08b0ab51496f64

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 12:29:32 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 13:56:19 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C1
age
72679
x-amz-server-side-encryption
AES256
etag
"9686b3cdfb2d731701c8c2470d0fe98a"
vary
Origin
x-cache
Hit from cloudfront
x-amz-meta-x-deployment-hash
6ee3aa36c74fe36b79c53ee87e616539120250b13545f8c01431dac23837ad83
content-type
application/javascript
accept-ranges
bytes
content-length
494820
x-amz-cf-id
kNb8EVUeyq46aR7RiMTXgHgJkL-fQoq4Tf5FzD6qgN05nFsixDQpeQ==
fvtrpw.gif
account.circleshirts.com/_/ 		35 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.circleshirts.com/_/fvtrpw.gif
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.42.64.15 , Russian Federation, ASN210352 (SERVER4-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:27:06 GMT
last-modified
Sun, 07 Jan 2024 09:06:04 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"659a697c-23"
content-length
35
content-type
image/gif
js-metric
account.circleshirts.com/ 		12 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://account.circleshirts.com/js-metric
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/psb/accountsportal/assets/index_f9950ab03dd233fa3cfc.js
Protocol
HTTP/1.1
Server
5.42.64.15 , Russian Federation, ASN210352 (SERVER4-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
df95d494b154bc7ea6d978af82b1f1f252652e0093b195ce79c3467de942602c

Request headers

Referer
http://account.circleshirts.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Mon, 08 Jan 2024 15:27:06 GMT
Server
nginx/1.24.0
Access-Control-Max-Age
1000
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
12
Expires
Thu, 19 Nov 1981 08:52:00 GMT
us.png
q-xx.bstatic.com/backend_static/common/flags/new/48-squared/ 		642 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q-xx.bstatic.com/backend_static/common/flags/new/48-squared/us.png
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:9a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:03:34 GMT
via
1.1 ef2363971e16eda0e6054dab7a960e18.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAH50-C1
age
1488212
x-cache
Hit from cloudfront
content-length
642
x-xss-protection
1; mode=block
last-modified
Mon, 07 Sep 2020 09:08:23 GMT
server
nginx
etag
"5f55f887-282"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7iNsBi7pW0MMw48M6IPoNg06gGgOYlaevoLfgYMAlXt6kjviYaSVvA==
expires
Sun, 21 Jan 2024 10:03:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 Jan 2024 14:40:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2801
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 08 Jan 2024 16:40:25 GMT
cookiebanner.html
www.booking.com/ Frame 152C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/cookiebanner.html
Requested by
Host: www.bstatic.com
URL: https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.156.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-156-44.iah50.r.cloudfront.net
Software
nginx /
Resource Hash
d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://account.circleshirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
836
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 15:27:06 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
server
nginx
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding, User-Agent
via
1.1 32a13ceef956a784d69d32b657a9ef6a.cloudfront.net (CloudFront)
x-amz-cf-id
xO4ihkNj_7mDaxdh60QdnQKaWQmE7TDoqCicLTlov3c_enA2Utk9Vg==
x-amz-cf-pop
IAH50-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-recruiting
Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection
1; mode=block
challenge.js
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/
Redirect Chain
  • https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
  • https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Server
13.249.21.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-9.iah50.r.cloudfront.net
Software
/
Resource Hash
ea6501460600eee7784527fb2aa00633988f135ad09f21aa8db53234090c03e1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 15:27:07 GMT
content-encoding
gzip
via
1.1 0931682e22ec4f46e0053b859e61d412.cloudfront.net (CloudFront)
last-modified
Mon, 8 Jan 2024 15:27:07 +0000
x-amz-cf-pop
IAH50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-659c144b-2614ce9643b669b777ed0145
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
E7PgJvVNtbUrODZEpyIT5iEumIn0BMY7qxxN2AbU6wVjLVf93DcoBA==
expires
0

Redirect headers

date
Mon, 08 Jan 2024 15:27:06 GMT
via
1.1 6714625c6e96ce72d2eef7a69abbc0e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAH50-C2
access-control-max-age
86400
access-control-allow-methods
*
x-cache
FunctionGeneratedResponse from cloudfront
access-control-allow-origin
*
location
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
cache-control
max-age=86400
access-control-allow-headers
*
content-length
0
x-amz-cf-id
IvRWveAUrI7qUELLu4IOmsSd7apO75Y0yI7dwvxhjKGF5IX2IDIvlw==
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2029221377&t=pageview&_s=1&dl=http%3Aaccount.circleshirts.com%2F&dp=%2F&dh=account.circleshirts.com&ul=en-us&de=UTF-8&dt=Booking.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACgAIg~&cid=793779942.1704727627&tid=UA-116109-18&_gid=1455077115.1704727627&_slc=1&z=818565805
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 15:27:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://account.circleshirts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.bstatic.com
URL: https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
25520
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:28 GMT
server
cloudflare
etag
0x8DC0D69051ECA4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cdf020d4-701e-0068-5a84-3f5f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842576753fe24bcc-BUF
a387750c-a080-4dd0-b2d1-7dbdb601bb14.json
cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/a387750c-a080-4dd0-b2d1-7dbdb601bb14.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff6a8354e4f8f9ded61eb811d32e1419f77b6d1928b08d2df8bb35c53d0822f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
bbvZMmIk+DeKaUU3H9ZMOw==
content-length
2004
x-ms-lease-status
unlocked
last-modified
Thu, 08 Jun 2023 05:37:02 GMT
server
cloudflare
etag
0x8DB67E2632C37E5
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
899c5280-201e-0007-5748-4155e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84257675eb5f4bd5-BUF
expires
Tue, 09 Jan 2024 15:27:07 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 15:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
842576772c804bc1-BUF
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202305.1.0/ 		403 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fuN6EZWNAh2xn3yE+0HSRQ==
age
16974
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99428
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jul 2023 02:35:48 GMT
server
cloudflare
etag
0x8DB81B7897E828A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84257677f9d94bcc-BUF
verify
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ 		340 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/verify
Requested by
Host: d8c14d4960ca.edge.sdk.awswaf.com
URL: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-9.iah50.r.cloudfront.net
Software
/
Resource Hash
e12295357bc1add6625efc7d046f436c7a9f4a0b2ac3c0a3012b479f464e713c

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 15:27:07 GMT
via
1.1 1a1e16f3138812ae8127e09c6e8e4536.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-659c144b-261671560ff37afc7177b990
cache-control
no-cache, no-store, must-revalidate
content-length
340
x-amz-cf-id
t0yl7Ii61lrw68CBGUKg-lViY0qpLabxdc0iuDAlLOI-4y5HByX_bA==
expires
0
en-us.json
cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/c0d87e55-b4ae-4056-9e95-5393d403eab9/ 		45 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/c0d87e55-b4ae-4056-9e95-5393d403eab9/en-us.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fbd41a785c8ac77e7c03cb654d4570d221d27364f710b0337d266889763f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
DP6i8ZSrIP38JPLzKCvkjg==
content-length
12642
x-ms-lease-status
unlocked
last-modified
Thu, 08 Jun 2023 05:37:14 GMT
server
cloudflare
etag
0x8DB67E26A5551F4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ce62f792-b01e-002a-0648-41e693000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842576787c7f4bd5-BUF
expires
Tue, 09 Jan 2024 15:27:07 GMT
px.v7.5.3.min.js
q.bstatic.com/libs/asec/btmgmt/ 		269 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.bstatic.com/libs/asec/btmgmt/px.v7.5.3.min.js
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0e3cd6436c3188852c7bc0a21b4c6789c22306fe5f5d64c1507d9f24590f7670
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://account.circleshirts.com/
Origin
http://account.circleshirts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:03:26 GMT
content-encoding
br
via
1.1 f7ccdfad660b52b0e5ee9fdb70817e70.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAH50-C1
age
1488221
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 23:25:16 GMT
server
nginx
etag
W/"6567c85c-4335e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
g_A-24sOoMKVJdGyBdANQK9JFnzKJnlpjBmJ7SlbL9jcycLokF1ceg==
expires
Sun, 21 Jan 2024 10:03:26 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Jan 2024 15:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jul 2023 02:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0e6a6166-301e-001b-1e48-410780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
842576797d0a4bd5-BUF
telemetry
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ 		908 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/telemetry
Requested by
Host: d8c14d4960ca.edge.sdk.awswaf.com
URL: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-9.iah50.r.cloudfront.net
Software
/
Resource Hash
b19b5f1864bc28ca5b9520e7fcbe76eced9e42954696fc42bfac8086057c6377

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 15:27:08 GMT
via
1.1 1a1e16f3138812ae8127e09c6e8e4536.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-659c144c-28402d0733b55dae49ceb12e
cache-control
no-cache, no-store, must-revalidate
content-length
908
x-amz-cf-id
TxG4SYgamDEg55Q4SoGcTcSYY98_aYk3pCB32P2OH98NOpbePsbLpA==
expires
0
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ 		558 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxikkul2rm.px-cloud.net/api/v2/collector
Requested by
Host: q.bstatic.com
URL: https://q.bstatic.com/libs/asec/btmgmt/px.v7.5.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
526cc8f764947736e812ecbadda20d534e83054e69dd53957fc927ac6c3f03d5

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Jan 2024 15:27:08 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://account.circleshirts.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
558
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://account.circleshirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 Jan 2024 14:40:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2802
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 08 Jan 2024 16:40:25 GMT
px.v7.5.3.min.js
q.bstatic.com/libs/asec/btmgmt/ 		269 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.bstatic.com/libs/asec/btmgmt/px.v7.5.3.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a9:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0e3cd6436c3188852c7bc0a21b4c6789c22306fe5f5d64c1507d9f24590f7670
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://account.circleshirts.com/
Origin
http://account.circleshirts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:03:26 GMT
content-encoding
br
via
1.1 f7ccdfad660b52b0e5ee9fdb70817e70.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
IAH50-C1
age
1488221
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 23:25:16 GMT
server
nginx
etag
W/"6567c85c-4335e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
SXOD1k1U96mUKkCeEgnH_nFAb6BIADZ7xyW5uWua4JaA1lYLZ6PTJQ==
expires
Sun, 21 Jan 2024 10:03:26 GMT
navigation_times
account.circleshirts.com/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://account.circleshirts.com/navigation_times?sid=&pid=92666ca404ab005d&nts=0,0,1704727624368,0,0,0,0,1704727624369,1704727624370,1704727624978,1704727624978,1704727625099,0,1704727625099,1704727625620,1704727625934,1704727625623,1704727626464,1704727626464,1704727626466,1704727627584,1704727627584,1704727627584,0&first=&cdn=cf&dc=12&bo=3&lang=en-us&ref_action=Index&aid=304142&stype=&route=&ua=&ch=&lt=
Requested by
Host: account.circleshirts.com
URL: http://account.circleshirts.com/
Protocol
HTTP/1.1
Server
5.42.64.15 , Russian Federation, ASN210352 (SERVER4-AS, RU),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://account.circleshirts.com/
X-Booking-CSRF
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 08 Jan 2024 15:27:08 GMT
Server
nginx/1.24.0
Access-Control-Max-Age
1000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ 		597 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxikkul2rm.px-cloud.net/api/v2/collector
Requested by
Host: q.bstatic.com
URL: https://q.bstatic.com/libs/asec/btmgmt/px.v7.5.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
fc7f1b1bc40510b6d25774de5de8d26b355a3a6666bcefd640c3e857bb7e74ba

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Jan 2024 15:27:08 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://account.circleshirts.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
597
telemetry
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ 		996 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/telemetry
Requested by
Host: d8c14d4960ca.edge.sdk.awswaf.com
URL: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.21.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-21-9.iah50.r.cloudfront.net
Software
/
Resource Hash
86df1ad0a0eac0630d00ef1a85859e085a724faf3aa49d53e4fcf1596dea4929

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 15:27:09 GMT
via
1.1 1a1e16f3138812ae8127e09c6e8e4536.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-659c144d-6d4f48ce5ba7ba4853c6ee53
cache-control
no-cache, no-store, must-revalidate
content-length
996
x-amz-cf-id
BN7ApcfXSzlgrVK9mnZIywQBOXaDZMVUEh2OC5kdbCf1OMMuP3V6Pw==
expires
0
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ 		10 B
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxikkul2rm.px-cloud.net/api/v2/collector
Requested by
Host: q.bstatic.com
URL: https://q.bstatic.com/libs/asec/btmgmt/px.v7.5.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
872b7b364b8737d43592b22d463657fff991a8e9c44ed4e1de7f370e78ba632d

Request headers

Referer
http://account.circleshirts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Jan 2024 15:27:10 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://account.circleshirts.com
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| E_ function| onBookingError object| booking object| booking_extra object| B object| $u object| webpackManifest string| webpackPublicPath object| webpackChunkbookings_web_accounts_portal_workspaces function| OptanonWrapper object| PCM object| dataLayer object| __core-js_shared__ object| core object| transportHooks function| handleSocialProviderResult undefined| params undefined| search_params string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| OneTrustStub object| a2_0x53eb function| a2_0x4dff object| AwsWafIntegration object| ChallengeScript string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData string| _pxAppId string| _pxParam1 object| Optanon object| OneTrust object| PXikKuL2RM object| PX undefined| _ikKuL2RMhandler

12 Cookies

Domain/Path Name / Value
.circleshirts.com/ Name: _ga
Value: GA1.2.793779942.1704727627
.circleshirts.com/ Name: _gid
Value: GA1.2.1455077115.1704727627
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqHVaPEcrbl9q%2FI%2F50gYTI0xSDSywjYR3cFiOHlopgkDX0%2Fc%2F3G2kmCjIyWv0JsjHC6vLcaSbiBRoALWqwJlmE8SR9xJ6zy3QXpJULbCbgAaj7PUtAPc%2BakYoy9p7MFh7pu8OTjw44%2FshP%2Bn8lDx2kB4SJ93e%2Bbao4%3D
.circleshirts.com/ Name: pxcts
Value: 629158a1-ae3a-11ee-ad2f-938e3bf33a63
.circleshirts.com/ Name: _pxvid
Value: 6290ad49-ae3a-11ee-ad2f-7a98b8d30c0a
account.circleshirts.com/ Name: _pxff_cfp
Value: 1
account.circleshirts.com/ Name: _pxff_ddtc
Value: 1
account.circleshirts.com/ Name: _pxff_tm
Value: 1
account.circleshirts.com/ Name: PHPSESSID
Value: 9jc0r4tn2qmf6qluc65j2bmbug
.circleshirts.com/ Name: _px3
Value: a1a056c4a1f973f129278b494957a6bbfee254bd9b827bfe7e5a682f90759fb6:RDA81Zu2/GZwx27AxoaCHO8BiPoG7AXLCk7FJsXZtydIY+vOtj76hlqT4d7mfUgXuoCF0yzoGFINPCLnqjAHlQ==:1000:p1La4NWa1wDaT0zfaNZ56NN56tyxbEG3qpdnGdtSBizUjePpTbDKZX4iayokbDfeoVgXU8E03CmUjHMHkPZFcfneDr/LF3HIVxfQlCu1vgoxqcx/GXEVpUfRfDU6DBky+9f1OhIhB0DlXMCl7kr7GSS+9vICmtZSTNz5YRAAlojdWCkMNYqIJuzcQJnn7FqwBsQ5yQ2H+O7zrGOo7A0hbVW53ntOISvIi0yzj/oE/5E=
.circleshirts.com/ Name: _pxde
Value: d1e87b50fd5d04dd455886c8f1f34f097e38b3b887bf3c8ab26b06ade29c7073:eyJ0aW1lc3RhbXAiOjE3MDQ3Mjc2Mjg4NzcsImZfa2IiOjAsImlwY19pZCI6WzEzXX0=
.account.circleshirts.com/ Name: aws-waf-token
Value: 054417a3-230b-4be6-bf2d-9853905780ef:EQoAYRJrLHpCAAAA:9ocPq/OiTiCQ6xdTBfzjWDtXE5DDITTfhe6v14pJVLuxbeGGnxFoPGvU4tpJOkQxiMxFEYphbAN5CrcbwcXHE8Vjb9p9YMUolfOhAAdZO65szqJXdMK0OlW7Je9BIhbAHxXAnhFAX375lPlCKd1PvNxAJ1qktgv3MTfAN5hfk1wtddhoVZAj2/ApIqSvHwzMujAdJVH9kdnOnPgYhnJce+oFhE4Dz3YRFAm1bFSG88STOWpWWQ+hha1Ibz0XkDwR1EotUu5XXKPkdzPV8v7+CBP8Ww6p+MX9lqK2/e8MnjIeurFmtGV+zP8=

1 Console Messages

Source Level URL
Text
network error URL: http://account.circleshirts.com/navigation_times?sid=&pid=92666ca404ab005d&nts=0,0,1704727624368,0,0,0,0,1704727624369,1704727624370,1704727624978,1704727624978,1704727625099,0,1704727625099,1704727625620,1704727625934,1704727625623,1704727626464,1704727626464,1704727626466,1704727627584,1704727627584,1704727627584,0&first=&cdn=cf&dc=12&bo=3&lang=en-us&ref_action=Index&aid=304142&stype=&route=&ua=&ch=&lt=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.circleshirts.com
cdn.cookielaw.org
cf.bstatic.com
collector-pxikkul2rm.px-cloud.net
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com
d8c14d4960ca.edge.sdk.awswaf.com
geolocation.onetrust.com
q-xx.bstatic.com
q.bstatic.com
www.booking.com
www.bstatic.com
www.circleshirts.com
www.google-analytics.com
13.249.21.9
13.249.59.68
18.160.156.44
2600:9000:20a9:9a00:5:bf05:acc0:93a1
2600:9000:20a9:d600:5:bf05:acc0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2607:f8b0:4004:c17::8a
35.190.10.96
5.42.64.15
03fbd41a785c8ac77e7c03cb654d4570d221d27364f710b0337d266889763f31
0e3cd6436c3188852c7bc0a21b4c6789c22306fe5f5d64c1507d9f24590f7670
17ee9936380d64560ec98de2b972b3ebd0353c4264371ad85bda9cd6e4edfdd8
1c8ab394de2bf124c40114dbaf276307d442d64a9cde3ad8aa04a0ebc53be42f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f3b6d872420fb5262782438ec43056204e645915d132e05cdf886d40ae70b15
2d74100a825fc1a4af9272c442187ca4005d0dc1b7b8b61066e02059ada4ab13
3a037535c9c844b733fa5204c02e049f35b642d6f37e3ed5fc08b0ab51496f64
3ff6a8354e4f8f9ded61eb811d32e1419f77b6d1928b08d2df8bb35c53d0822f
4567d6213bc1480a45f493da8d292339522d45ac15c8ba1723aa342b155393f7
526cc8f764947736e812ecbadda20d534e83054e69dd53957fc927ac6c3f03d5
5522523714d946a5810383bbca991c678457eed981b987d65f352c9fed2dc7d9
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
632121c546675b676e6995810ca4b669015f742000a4ce49f3257910536dd947
6d3e2d70e3e3ffb919fd2ce8d89721d4f2931bb069489c075eab2eab978f2bc7
86df1ad0a0eac0630d00ef1a85859e085a724faf3aa49d53e4fcf1596dea4929
872b7b364b8737d43592b22d463657fff991a8e9c44ed4e1de7f370e78ba632d
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c21f8c1aca0eed9449ff9d5845cca0ad5e14e261abf3fd080587ec3a5585ed5
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
b19b5f1864bc28ca5b9520e7fcbe76eced9e42954696fc42bfac8086057c6377
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d3c7c4dbe9a235e7ba1dbfe981c2af6e18b722ef684ef16eb08c4fc2a82a6627
d84999d183797b4f966cb30922ea78d372a2572ae46e4eb91665c59f211a810c
dda2b05de1686cc556ae307d414e0f94854ba22e20ebb9631ee61c454ac5cf71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df95d494b154bc7ea6d978af82b1f1f252652e0093b195ce79c3467de942602c
e12295357bc1add6625efc7d046f436c7a9f4a0b2ac3c0a3012b479f464e713c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6501460600eee7784527fb2aa00633988f135ad09f21aa8db53234090c03e1
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
f4c0ad1fb3e5a4c3d624eadd0ab6ae845894847f94fcec8e31d64e3ead4e4f1d
f75b16ced45abf30577dbbbc39de46c69526a9f82044a6001b1daa9517a41674
fc7f1b1bc40510b6d25774de5de8d26b355a3a6666bcefd640c3e857bb7e74ba