urlscan.io logo urlscan.io
SecurityTrails logo

circle.target.com Open in urlscan Pro
151.101.114.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.target.com/circle
Effective URL: https://circle.target.com/
Submission Tags: phishing malicious Search All
Submission: On April 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 151.101.114.187, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is circle.target.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on April 23rd 2020. Valid for: a year.
This is the only time circle.target.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 151.101.114.187 54113 (FASTLY)
3 151.101.114.180 54113 (FASTLY)
2 151.101.112.68 54113 (FASTLY)
1 151.101.13.175 54113 (FASTLY)
1 35.241.45.82 15169 (GOOGLE)
12 5
7    151.101.114.187 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.target.com
circle.target.com
3    151.101.114.180 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
assets.targetimg1.com
gsp.target.com
2    151.101.112.68 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn-usent.kampyle.com
1    151.101.13.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Domain Requested by
5 circle.target.com circle.target.com
2 cdn-usent.kampyle.com circle.target.com
cdn-usent.kampyle.com
2 assets.targetimg1.com circle.target.com
assets.targetimg1.com
2 www.target.com 2 redirects
1 udc-neb.kampyle.com
1 nebula-cdn.kampyle.com cdn-usent.kampyle.com
1 gsp.target.com assets.targetimg1.com
12 7

This site contains no links.

Subject Issuer Validity Valid
sites.target.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-23 -
2021-04-20		 a year crt.sh
opus.target.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-19 -
2021-04-20		 a year crt.sh
j.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2020-04-23 -
2020-06-11		 2 months crt.sh
*.kampyle.com
RapidSSL RSA CA 2018		 2020-02-11 -
2022-03-06		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://circle.target.com/
Frame ID: 96C3D201BE53BCB93889A53CDD774B55
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.target.com/circle HTTP 301
    https://www.target.com/circle HTTP 301
    https://circle.target.com/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

5
IPs

2
Countries

693 kB
Transfer

2387 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.target.com/circle HTTP 301
    https://www.target.com/circle HTTP 301
    https://circle.target.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
circle.target.com/
Redirect Chain
  • http://www.target.com/circle
  • https://www.target.com/circle
  • https://circle.target.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://circle.target.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.187 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2849cc42b2655cb337e456683e9c4bcedc031256bf3211f0ecfe73f1a8ebcbe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
circle.target.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TealeafAkaSid=HArLKRXTVU5mItnnzn4O-qvR0fwA3ohP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
accept-ranges
bytes bytes
x-traffic-type
regular
last-modified
Wed, 11 Mar 2020 19:35:29 GMT
content-type
text/html
content-encoding
gzip
x-cloud-env
csp2-prod-E
x-client-req-header
/
tgt-actual-backend-name
1U1lCXcIFRG3z5zltjvFE3--F_gcp
tgt-actual-backend-status-message
OK
tgt-actual-backend-status-code
200
date
Wed, 29 Apr 2020 19:41:21 GMT
clientgeo
NL
clientip
185.217.171.12
tranid
a8167293-cb42-4a58-866a-c25b891f0493
set-cookie
visitorId=GeWbzNUQoEC4bTRnr09aWzLTNBLJ1EMa; Expires=Wed, 06 May 2020 19:41:21 GMT; Path=/; Domain=target.com;
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy-report-only
default-src 'self' https://*.target.com https://*.targetimg1.com; style-src 'self'; img-src 'self' data:; script-src 'unsafe-eval' https://*.target.com;
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
vary
Origin

Redirect headers

status
301
server
Varnish
retry-after
0
location
https://circle.target.com
accept-ranges
bytes
date
Wed, 29 Apr 2020 19:41:21 GMT
clientgeo
NL
clientip
185.217.171.12
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://*.target.com;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
ssx.mod.js
assets.targetimg1.com/ssx/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.targetimg1.com/ssx/ssx.mod.js
Requested by
Host: circle.target.com
URL: https://circle.target.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.180 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b64faa3d6c36ccd4c1b595c0283ae2c18774bf5ce1db3441c7de3f3f7bf5aaa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

clientgeo
NL
pragma
no-cache, no-cache
date
Wed, 29 Apr 2020 19:41:21 GMT
content-encoding
gzip
age
0
accept-ranges
bytes
clientip
185.217.171.12
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
x-ssx-hop
1
content-length
1231
expires
0, 0
embed.js
cdn-usent.kampyle.com/usent/610/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-usent.kampyle.com/usent/610/onsite/embed.js
Requested by
Host: circle.target.com
URL: https://circle.target.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23f840aefbe9a0345429ed5ca0f1d890b3b1707e7e88c583d366a11f309dae83

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Gl9B8N8pjZl9JgTTa2IoUXIPFDFdy_Zm
Content-Encoding
gzip
ETag
"098ec1613070c5656a6faaa3cc4608f0"
Age
37
Via
1.1 varnish
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-amz-request-id
BD155C279784F369
x-amz-id-2
ymRzyyIs6CWUQVLfGlqDFN6O+qp8sZvhZ4ciPNFxn1JrP2/uJq11g4+sXTH5izhAk+RyMTg+N4E=
X-Served-By
cache-hhn4065-HHN
Accept-Ranges
bytes
Last-Modified
Wed, 22 Apr 2020 16:36:34 GMT
Server
AmazonS3
X-Timer
S1588189282.503328,VS0,VE0
Date
Wed, 29 Apr 2020 19:41:21 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,must-revalidate
Content-Length
658
X-Cache-Hits
1
main.9dba9ce6.chunk.css
circle.target.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://circle.target.com/static/css/main.9dba9ce6.chunk.css
Requested by
Host: circle.target.com
URL: https://circle.target.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.187 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f22a6edb4d77ffe668bbe24383e8952db48e5fc2ccfde79fb3b92376d5023ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-req-header
/static/css/main.9dba9ce6.chunk.css
tgt-actual-backend-status-code
200
content-security-policy-report-only
default-src 'self' https://*.target.com https://*.targetimg1.com; style-src 'self'; img-src 'self' data:; script-src 'unsafe-eval' https://*.target.com;
status
200
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
tgt-actual-backend-status-message
OK
tgt-actual-backend-name
1U1lCXcIFRG3z5zltjvFE3--F_gcp
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Mar 2020 19:35:29 GMT
x-cloud-env
csp2-prod-E
x-frame-options
SAMEORIGIN
tranid
8a85f494-e224-4421-823b-bfe1a9bb9880
clientip
185.217.171.12
vary
Origin
content-type
text/css
accept-ranges
bytes, bytes
2.95f1b876.chunk.js
circle.target.com/static/js/ 		1 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://circle.target.com/static/js/2.95f1b876.chunk.js
Requested by
Host: circle.target.com
URL: https://circle.target.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.187 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8338f41f9b0d213d2323cb27d951e5e5209c247faf00d1597eca266c2f78f53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-req-header
/static/js/2.95f1b876.chunk.js
tgt-actual-backend-status-code
200
content-security-policy-report-only
default-src 'self' https://*.target.com https://*.targetimg1.com; style-src 'self'; img-src 'self' data:; script-src 'unsafe-eval' https://*.target.com;
status
200
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
tgt-actual-backend-status-message
OK
tgt-actual-backend-name
1U1lCXcIFRG3z5zltjvFE3--F_gcp
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Mar 2020 19:35:29 GMT
x-cloud-env
csp2-prod-E
x-frame-options
SAMEORIGIN
tranid
130f1518-5fdd-4659-aa5f-9fcd47582f04
clientip
185.217.171.12
vary
Origin
content-type
application/javascript
accept-ranges
bytes, bytes
main.b535935f.chunk.js
circle.target.com/static/js/ 		582 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://circle.target.com/static/js/main.b535935f.chunk.js
Requested by
Host: circle.target.com
URL: https://circle.target.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.187 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d37c31eb38b0eebc81205eb2ec976299d12cb4f5fcc07f8cec5fd85c05a1a902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-req-header
/static/js/main.b535935f.chunk.js
tgt-actual-backend-status-code
200
content-security-policy-report-only
default-src 'self' https://*.target.com https://*.targetimg1.com; style-src 'self'; img-src 'self' data:; script-src 'unsafe-eval' https://*.target.com;
status
200
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
tgt-actual-backend-status-message
OK
tgt-actual-backend-name
1U1lCXcIFRG3z5zltjvFE3--F_gcp
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Mar 2020 19:35:29 GMT
x-cloud-env
csp2-prod-E
x-frame-options
SAMEORIGIN
tranid
83f54018-18aa-4ff6-af60-ecc49874dc69
clientip
185.217.171.12
vary
Origin
content-type
application/javascript
accept-ranges
bytes, bytes
ssx.mod.js
assets.targetimg1.com/ssx/ 		185 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AMDWasdxAQAA7TzyFze8uLu19JhOHeYuTWQS43j-ZLI3d6hsFcTUJvrl6ZvA&X-GyJwza5Z--z=q
Requested by
Host: assets.targetimg1.com
URL: https://assets.targetimg1.com/ssx/ssx.mod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.180 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
395352d46a2b5aef77d71cfcf0e6247ff74fb39cc0cae82a0f783dadbb4c0bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:21 GMT
content-encoding
gzip
age
665
accept-ranges
bytes
clientip
185.217.171.12
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, immutable, public, max-age=3600, immutable,max-age=2935
strict-transport-security
max-age=31536000; includeSubDomains
x-ssx-hop
1
content-length
106451
99ecc614-958b-457a-be15-01e00c53057f.ae78d896.woff
circle.target.com/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://circle.target.com/static/media/99ecc614-958b-457a-be15-01e00c53057f.ae78d896.woff
Requested by
Host: circle.target.com
URL: https://circle.target.com/static/js/2.95f1b876.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.187 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f5552ad0be89c420074401a41458cd87e3b676c71198543ddd1ff3b0c6085eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://circle.target.com/static/css/main.9dba9ce6.chunk.css
Origin
https://circle.target.com

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:22 GMT
x-content-type-options
nosniff
x-client-req-header
/static/media/99ecc614-958b-457a-be15-01e00c53057f.ae78d896.woff
tgt-actual-backend-status-code
200
content-security-policy-report-only
default-src 'self' https://*.target.com https://*.targetimg1.com; style-src 'self'; img-src 'self' data:; script-src 'unsafe-eval' https://*.target.com;
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
36804
x-xss-protection
1; mode=block
tgt-actual-backend-status-message
OK
tgt-actual-backend-name
1U1lCXcIFRG3z5zltjvFE3--F_gcp
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Mar 2020 19:35:29 GMT
x-cloud-env
csp2-prod-E
x-frame-options
SAMEORIGIN
tranid
62ce5960-b53b-40cc-9a85-50efe51e40a1
clientip
185.217.171.12
vary
Origin
content-type
application/font-woff
access-control-allow-origin
https://circle.target.com
access-control-allow-credentials
true
accept-ranges
bytes, bytes
generic1587573393522.js
cdn-usent.kampyle.com/usent/610/onsite/ 		297 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-usent.kampyle.com/usent/610/onsite/generic1587573393522.js
Requested by
Host: cdn-usent.kampyle.com
URL: https://cdn-usent.kampyle.com/usent/610/onsite/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfe3668dfc1c2db21871232d32e004632d949789993c793a626b05d37d6f2fc8

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
kXYixlK4uBQdKYi25mCjHUmTtXezS0f2
Content-Encoding
gzip
ETag
"ed04ddf11e6d6b9c7a096a0bf46e946e"
Age
28
Via
1.1 varnish
X-Cache
HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-amz-request-id
703D5C107F73C449
x-amz-id-2
V0NxwzLsdyWCdh1HcT6pWFIsFBZ+pWwqoArmTkYIUM5Hq82w55BXe4Q8e2OuPzDnVQwaG3O4+8Q=
X-Served-By
cache-hhn4065-HHN
Accept-Ranges
bytes
Last-Modified
Wed, 22 Apr 2020 16:36:34 GMT
Server
AmazonS3
X-Timer
S1588189283.961904,VS0,VE1
Date
Wed, 29 Apr 2020 19:41:22 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,must-revalidate
Content-Length
58834
X-Cache-Hits
1
client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens
Requested by
Host: assets.targetimg1.com
URL: https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AMDWasdxAQAA7TzyFze8uLu19JhOHeYuTWQS43j-ZLI3d6hsFcTUJvrl6ZvA&X-GyJwza5Z--z=q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.180 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07defd18e6c047d00c21bded5e01ba1b0b71fe0c977c3f0a59c290d7bf310f37
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

clientgeo
NL
date
Wed, 29 Apr 2020 19:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
clientip
185.217.171.12
status
201
x-app-name
clientcorrelationid
correlationid
16906bef-35b5-41d4-a42c-311c7d514d2d
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
x-cloud-env-shr
shr-prod-ext-E-pr
x-frame-options
SAMEORIGIN
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
vary
Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://circle.target.com
cache-control
no-store
access-control-allow-credentials
true
content-security-policy
default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com;
accept-ranges
bytes
expires
0
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: cdn-usent.kampyle.com
URL: https://cdn-usent.kampyle.com/usent/610/onsite/generic1587573393522.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:41:23 GMT
content-encoding
gzip
age
0
accept-ranges
bytes
x-cache
HIT, HIT
status
200
x-amz-request-id
9951A5F978E3F1C8
x-amz-id-2
XqVaKHOURU7MwBcpCCMUctvOEFoT/DWescBxrAjf4sZMYSxmxYYg9yZGPXef3JTIqggebmjHsaM=
x-served-by
cache-iad2139-IAD, cache-fra19151-FRA
access-control-allow-origin
*
last-modified
Tue, 17 Mar 2020 11:10:17 GMT
server
AmazonS3
x-timer
S1588189284.771410,VS0,VE0
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
content-length
5197
x-cache-hits
1, 274572
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiTGludXggeDg2XzY0IiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE1IiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE1ODgxODkyODM4MjIiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE3MWM3NzU0NWU1NGIxLTBjOTdkNjNkNGM5YzAzLTM3NjQ3ZTAzLTFkNGMwMC0xNzFjNzc1NDVlZGE2IiwiZW52aXJvbWVudCI6ICJ1c2VudCIsImFjY291bnRJZCI6IDYwOSwidXJsIjogImh0dHBzOi8vY2lyY2xlLnRhcmdldC5jb20vIiwid2Vic2l0ZUlkIjogNjEwLCJmZWVkYmFja191dWlkIjogbnVsbCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMjU2MC02YmEzLTE3NjgtYzk4NS1iYzc2LWRkOTktYWNhOS04ZmIwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE1ODgxODkyODM2OTYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMjg2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi4zMi4yLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE1ODgxODkyODM3MDIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://circle.target.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-6ntc
date
Wed, 29 Apr 2020 19:41:23 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
status
200
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| KAMPYLE_EMBED object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| GspAuth function| _ string| KAMPYLE_REVISION object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata

2 Cookies

Domain/Path Name / Value
.target.com/ Name: visitorId
Value: GeWbzNUQoEC4bTRnr09aWzLTNBLJ1EMa
.target.com/ Name: TealeafAkaSid
Value: HArLKRXTVU5mItnnzn4O-qvR0fwA3ohP

1 Console Messages

Source Level URL
Text
console-api log URL: https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AMDWasdxAQAA7TzyFze8uLu19JhOHeYuTWQS43j-ZLI3d6hsFcTUJvrl6ZvA&X-GyJwza5Z--z=q(Line 1)
Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block