www.tshirtfusion.com Open in urlscan Pro
160.153.72.192 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Submission: On July 29 via automatic, source openphish (July 29th 2021, 1:41:40 am UTC)

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 160.153.72.192, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.tshirtfusion.com.

This is the only time www.tshirtfusion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 13	160.153.72.192 160.153.72.192	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	5

13 160.153.72.192 (United States) 8 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-160-153-72-192.ip.secureserver.net

www.tshirtfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tshirtfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	tshirtfusion.com 8 redirects www.tshirtfusion.com tshirtfusion.com	22 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	149 KB
1	fontawesome.com use.fontawesome.com	9 KB
0	rbfcu.org Failed www.rbfcu.org Failed
25	4

	Domain	Requested by
9	www.tshirtfusion.com	8 redirects
4	tshirtfusion.com	www.tshirtfusion.com
3	ajax.googleapis.com	www.tshirtfusion.com
1	use.fontawesome.com	www.tshirtfusion.com
1	fonts.googleapis.com	www.tshirtfusion.com
0	www.rbfcu.org Failed	www.tshirtfusion.com
25	6

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tshirtdevil.com Go Daddy Secure Certificate Authority - G2	`2021-06-30` - `2021-11-21`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Frame ID: B34C1032116C3695E276944100D1FCFA
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

25
Requests

36 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

177 kB
Transfer

425 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.tshirtfusion.com/NBO/assets/js/spin.min.js HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/spin.min.js HTTP 301
https://tshirtfusion.com/NBO/assets/js/spin.min.js

Request Chain 4

http://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Request Chain 5

http://www.tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Request Chain 6

http://www.tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Request Chain 14

http://www.tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Request Chain 23

http://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP 301
https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request log.htm Show response
www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/ 64 KB
19 KB 300ms
284ms Document
text/html 160.153.72.192
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: HTTP/1.1
Server: 160.153.72.192 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-72-192.ip.secureserver.net
Software: Apache /
Resource Hash: 473558a074a1b92a9a23f07e36dbc5ed82221386bb10bb5edf69f960f1b098a9

Request headers

Host: www.tshirtfusion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 01:41:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 28 Jul 2021 19:45:11 GMT
ETag: "2fc8fa4-10069-5c834396f3fc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18584
Keep-Alive: timeout=5, max=100
Content-Type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:03:53 GMT
x-content-type-options: nosniff
age: 5829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 00:03:53 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 197 KB
51 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 12:02:47 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/ 33 KB
6 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css

Requested by

Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32445f1f46f11c640971c30dfe08e42b494a9bc1618480fdd13931cee822f8d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5918
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:16:22 GMT

GET
H2

404

spin.min.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/spin.min.js
https://www.tshirtfusion.com/NBO/assets/js/spin.min.js
https://tshirtfusion.com/NBO/assets/js/spin.min.js

0
0

7432ms
7214ms

Script
text/html

160.153.72.192
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tshirtfusion.com/NBO/assets/js/spin.min.js
Requested by: Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.72.192 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-72-192.ip.secureserver.net
Software: /
Resource Hash

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 01:41:10 GMT
server: Apache
x-powered-by: PHP/7.4.16
vary: User-Agent
content-type: text/html; charset=UTF-8
location: https://tshirtfusion.com/NBO/assets/js/spin.min.js
cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

ajax.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

0
0

5550ms
5332ms

Script
text/html

160.153.72.192
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Requested by: Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.72.192 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-72-192.ip.secureserver.net
Software: /
Resource Hash

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 01:41:10 GMT
server: Apache
x-powered-by: PHP/7.4.16
vary: User-Agent
content-type: text/html; charset=UTF-8
location: https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
cache-control: no-cache, must-revalidate, max-age=0
wpo-cache-status: not cached
wpo-cache-message: In the settings, caching is disabled for matches for one of the current request's GET parameters
content-length: 0
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

common.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://www.tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

0
0

6391ms
6391ms

Script
text/html

160.153.72.192
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Requested by: Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.72.192 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-72-192.ip.secureserver.net
Software: /
Resource Hash

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 01:41:10 GMT
server: Apache
x-powered-by: PHP/7.4.16
vary: User-Agent
content-type: text/html; charset=UTF-8
location: https://tshirtfusion.com/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
cache-control: no-cache, must-revalidate, max-age=0
wpo-cache-status: not cached
wpo-cache-message: In the settings, caching is disabled for matches for one of the current request's GET parameters
content-length: 0
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

columnHeight.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://www.tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

0
0

7356ms
6996ms

Script
text/html

160.153.72.192
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Requested by: Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 160.153.72.192 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-72-192.ip.secureserver.net
Software: /
Resource Hash

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 01:41:10 GMT
server: Apache
x-powered-by: PHP/7.4.16
vary: User-Agent
content-type: text/html; charset=UTF-8
location: https://tshirtfusion.com/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
cache-control: no-cache, must-revalidate, max-age=0
wpo-cache-status: not cached
wpo-cache-message: In the settings, caching is disabled for matches for one of the current request's GET parameters
content-length: 0
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET main.css
www.rbfcu.org/NBO/assets/css/ 0
0

GET
H2 200 icon
fonts.googleapis.com/ 568 B
461 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f295f3a15e6f626ecd83939aad05199ab904ae34a90f0982bdb554bc04cd9fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 01:41:02 GMT
server: ESF
date: Thu, 29 Jul 2021 01:41:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 01:41:02 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.12/css/ 38 KB
9 KB 33ms
16ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by: Host: www.tshirtfusion.com
URL: http://www.tshirtfusion.com/wp-includes/assets/VerificationRbfcu/log.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

Referer: http://www.tshirtfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 01:41:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1920808
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: EBVYAX31CPN695AG
x-amz-id-2: NO0Q1ssxCYKZHzzW3oJKYBlmzlIzcfaufVTVftEmyXnNlo3WeGqsWSDN96wIi628nbgIpmus/bU=
last-modified: Wed, 30 Jun 2021 15:27:17 GMT
server: cloudflare
etag: W/"d896a88b71aa2ba5d6bd670429bf1bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIJ9DkgGl7bG%2B36Lm8a6vXk6T2dEyWmRNuF3hq7EOz8Tjw3p87v2Z1tMmFkBrKTch4aDOnTHJ%2BPB3jJZvxp1mzAxJxVydS9w9zPxOKXbcYSEG8VicdouadMZ3eof7Alyfg3NliB85v6rHdhlnOm1sBfw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6762a483daa54e31-FRA

GET redesignheader.css
www.rbfcu.org/NBO/assets/css/redesignCss/ 0
0

GET rbfcu-logo.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET white-phone-header.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET floatlabel.css
www.rbfcu.org/NBO/assets/css/redesignCss/ 0
0

GET

logon.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://www.tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

0
0

GET gray-phone-footer.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET NCUA-gray.jpg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET EHL-logo-gray.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET call-member-services-blue.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET locate-branch-orange.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET send-email-blue.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET send-reg-mail-olive.svg
www.rbfcu.org/NBO/assets/img/redesign-icons/ 0
0

GET footer-modals.css
www.rbfcu.org/NBO/assets/css/redesignCss/ 0
0

GET

ajax.js
tshirtfusion.com/NBO/assets/js/
Redirect Chain

http://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://www.tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/rbfcu-logo.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/white-phone-header.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Domain: tshirtfusion.com
URL: https://tshirtfusion.com/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/gray-phone-footer.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/NCUA-gray.jpg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/EHL-logo-gray.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/call-member-services-blue.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/locate-branch-orange.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/send-email-blue.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/img/redesign-icons/send-reg-mail-olive.svg

Domain: www.rbfcu.org
URL: https://www.rbfcu.org/NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Domain: tshirtfusion.com
URL: https://tshirtfusion.com/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
tshirtfusion.com
use.fontawesome.com
www.rbfcu.org
www.tshirtfusion.com
tshirtfusion.com
www.rbfcu.org
160.153.72.192
2606:4700:3037::6815:4e07
2a00:1450:4001:802::200a
2a00:1450:4001:831::200a
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
32445f1f46f11c640971c30dfe08e42b494a9bc1618480fdd13931cee822f8d5
473558a074a1b92a9a23f07e36dbc5ed82221386bb10bb5edf69f960f1b098a9
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
f295f3a15e6f626ecd83939aad05199ab904ae34a90f0982bdb554bc04cd9fc5

www.tshirtfusion.com Open in urlscan Pro 160.153.72.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

36 %HTTPS

75 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

177 kBTransfer

425 kBSize

0 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

www.tshirtfusion.com Open in urlscan Pro
160.153.72.192 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

36 %
HTTPS

75 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

177 kB
Transfer

425 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions