order.saveournationtees.com Open in urlscan Pro
2400:52e0:1a00::1206:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://saveournationtees.com/
Effective URL:
https://order.saveournationtees.com/checkout
Submission: On July 14 via api (July 14th 2024, 10:11:00 am UTC) from US — Scanned from CA

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2400:52e0:1a00::1206:2, located in Chicago, United States and belongs to BUNNYCDN, SI. The main domain is order.saveournationtees.com.
TLS certificate: Issued by R11 on July 14th 2024. Valid for: 3 months.

This is the only time order.saveournationtees.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.2.56.64 52.2.56.64	14618 (AMAZON-AES) (AMAZON-AES)
9	2400:52e0:1a0... 2400:52e0:1a00::1206:2	200325 (BUNNYCDN) (BUNNYCDN)
1	2600:9000:244... 2600:9000:244d:4e00:17:1595:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1a0... 2400:52e0:1a00::1207:2	200325 (BUNNYCDN) (BUNNYCDN)
1	165.227.246.253 165.227.246.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	37.16.17.34 37.16.17.34	40509 (FLY) (FLY)
2	2a09:8280:1::... 2a09:8280:1::42:539	40509 (FLY) (FLY)
16	7

1 52.2.56.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-2.short.io

saveournationtees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2400:52e0:1a00::1206:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

order.saveournationtees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scripts.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244d:4e00:17:1595:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.static.spiffy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

assets.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.227.246.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

app.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.16.17.34 (United States)

ASN40509 (FLY, US)

api.spiffy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a09:8280:1::42:539 (United States)

ASN40509 (FLY, US)

rabuha.spiffy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	swipepages.com scripts.swipepages.com — Cisco Umbrella Rank: 388536 assets.swipepages.com — Cisco Umbrella Rank: 626507 app.swipepages.com — Cisco Umbrella Rank: 382322	235 KB
5	spiffy.co js.static.spiffy.co api.spiffy.co rabuha.spiffy.co	13 KB
4	saveournationtees.com 1 redirects saveournationtees.com order.saveournationtees.com	7 KB
16	3

	Domain	Requested by
6	scripts.swipepages.com	order.saveournationtees.com scripts.swipepages.com
3	order.saveournationtees.com	order.saveournationtees.com
2	rabuha.spiffy.co	js.static.spiffy.co
2	api.spiffy.co	js.static.spiffy.co
1	app.swipepages.com	scripts.swipepages.com
1	assets.swipepages.com	order.saveournationtees.com
1	js.static.spiffy.co	order.saveournationtees.com
1	saveournationtees.com	1 redirects
16	8

This site contains no links.

Subject Issuer	Validity	Valid
order.saveournationtees.com R11	`2024-07-14` - `2024-10-12`	3 months	crt.sh
swipepages.com R10	`2024-06-20` - `2024-09-18`	3 months	crt.sh
static.spiffy.co Amazon RSA 2048 M03	`2023-12-02` - `2024-12-30`	a year	crt.sh
api.spiffy.co E6	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.spiffy.co E5	`2024-07-09` - `2024-10-07`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://order.saveournationtees.com/checkout
Frame ID: 85620109474755E35660A43E5C40DCBC
Requests: 15 HTTP requests in this frame

Frame: https://rabuha.spiffy.co/data?elements=eyJtb2RhbGl0eSI6ImlubGluZSIsInVpZCI6IjUiLCJmcm9tIjoiaHR0cHM6Ly9vcmRlci5zYXZlb3VybmF0aW9udGVlcy5jb20vY2hlY2tvdXQifQ%3D%3D
Frame ID: E5ABE3747B949D17F057697DBE154F7B
Requests: 1 HTTP requests in this frame

Frame: https://rabuha.spiffy.co/checkout/quickshirts?elements=eyJtb2RhbGl0eSI6ImlubGluZSIsInVpZCI6NCwiZnJvbSI6Imh0dHBzOi8vb3JkZXIuc2F2ZW91cm5hdGlvbnRlZXMuY29tL2NoZWNrb3V0In0%3D&embeddedUpsells=false
Frame ID: 648A40B9AA561864C94A2411C328A150
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Save Our Nation Tees

Page URL History Show full URLs

https://saveournationtees.com/ HTTP 302
https://order.saveournationtees.com/checkout Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

16
Requests

100 %
HTTPS

57 %
IPv6

3
Domains

8
Subdomains

7
IPs

2
Countries

254 kB
Transfer

407 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://saveournationtees.com/ HTTP 302
https://order.saveournationtees.com/checkout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request checkout Show response
order.saveournationtees.com/
Redirect Chain

https://saveournationtees.com/
https://order.saveournationtees.com/checkout

14 KB
4 KB

485ms
56ms

Document
text/html

2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 224d13ac34f6f348c8f33114e5731e7651ac302b74ed96624c7c0138ce0efe73

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
cdn-cache: HIT
cdn-cachedat: 07/14/2024 10:01:02
cdn-edgestorageid: 1067
cdn-proxyver: 1.04
cdn-pullzone: 2351184
cdn-requestcountrycode: CA
cdn-requestid: 4c6632617c43821ab0aa95925b771358
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Jul 2024 10:10:55 GMT
etag: W/"38e2-190af17fe23"
last-modified: Sun, 14 Jul 2024 02:35:03 GMT
server: BunnyCDN-IL1-1206
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

content-length: 0
date: Sun, 14 Jul 2024 10:10:55 GMT
location: https://order.saveournationtees.com/checkout
x-powered-by: Short.io/Edge

GET
H2 200 jquery.min.js Show response
scripts.swipepages.com/js/ 86 KB
33 KB 383ms
64ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/jquery.min.js
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 82e02531ea4f45cbff2c0f71004344e4872380162a8128e9e523f97c73cf8d81

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-powered-by: Express
cdn-cachedat: 10/31/2023 19:00:19
cdn-pullzone: 127004
last-modified: Fri, 27 Oct 2023 07:38:39 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"156f9-18b70122418"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 508c65248ba4932ad3417353a1f202c6
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 asyncloader.min.js Show response
scripts.swipepages.com/js/vendor/ 569 B
885 B 396ms
77ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: e04fdc8ffe1a6d1387975fa740b7d5c50acc0fad48d890aefed648de55754348

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 845
x-powered-by: Express
cdn-cachedat: 12/31/2023 15:34:49
cdn-pullzone: 127004
last-modified: Thu, 28 Dec 2023 07:13:22 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"239-18caf454650"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: f87dd83ad2ab37ca97e76afad2777286
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 helpers.min.js Show response
scripts.swipepages.com/js/ 2 KB
1 KB 396ms
77ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/helpers.min.js
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 6d48f6957e9e2eb5ff2529ea26fdb60f17e1e78e8b6a23950eaecb3e492beddf

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 718
x-powered-by: Express
cdn-cachedat: 05/24/2024 11:55:53
cdn-pullzone: 127004
last-modified: Thu, 23 May 2024 05:36:16 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6be-18fa3f33480"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: c1b8d04122278d9f9586ae62e2a6f583
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sp-events.js Show response
order.saveournationtees.com/ 3 KB
2 KB 468ms
468ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://order.saveournationtees.com/sp-events.js?ver=1.2
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: bf042e86b94913d9bc042e62b43995ab84449d6b3fbf6d6563ba5d99515f3d90

Request headers

Referer: https://order.saveournationtees.com/checkout
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 1070
x-powered-by: Express
cdn-cachedat: 07/14/2024 10:10:56
cdn-pullzone: 2351184
last-modified: Tue, 25 Jun 2024 12:40:30 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ac4-1904f697630"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: cf1bdbcb7bc69fd396c41d6ac99fb3f5
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tatsu.min.js Show response
scripts.swipepages.com/js/ 62 KB
19 KB 366ms
47ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/tatsu.min.js?ver=1.0.53
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 5a4dee64463648756560872500bb97ed997525f9caec92623f4a1e5b3890a91a

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 1069
x-powered-by: Express
cdn-cachedat: 06/07/2024 19:16:46
cdn-pullzone: 127004
last-modified: Wed, 05 Jun 2024 02:51:08 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f76f-18fe64eb160"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 106940e9dff492fdb3e8d45fb25909ef
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.min.js Show response
scripts.swipepages.com/js/ 3 KB
2 KB 377ms
62ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/analytics.min.js?ver=1.0.8
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 13c0834def5fd43b81be3a7f5d73ba91eb362e79bbedfa4b367e17ebdead63d7

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 1069
x-powered-by: Express
cdn-cachedat: 05/28/2024 04:26:22
cdn-pullzone: 127004
last-modified: Tue, 28 May 2024 04:15:38 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d5f-18fbd692e10"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 578973d3e1b3bd1ee39c224c78d73710
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 spiffy.js Show response
js.static.spiffy.co/ 40 KB
13 KB 578ms
46ms Script
application/javascript 2600:9000:244d:4e00:17:1595:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.static.spiffy.co/spiffy.js?a=rabuha
Requested by: Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244d:4e00:17:1595:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d1caeb81e83b9dbb1f2779497261178158b7955096c11cebf20fbb611122a3

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JymyHFnJtllkOFm3XmvaWgIzGBvdp4bI
content-encoding: gzip
via: 1.1 03c28758fe0abb70088fb45c6855d854.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 22:31:44 GMT
last-modified: Fri, 28 Jun 2024 22:18:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 41953
x-amz-server-side-encryption: AES256
etag: W/"9417dae08153c3f4daf5fbbb510b8fd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: qYakY3uUuEyuC4o2nSHZfejENdOqruiRb_dRvTURc9j-SMHAqrIybg==

GET
H2 200 Inter-Regular.woff
assets.swipepages.com/fonts/inter/regular/ 168 KB
169 KB 373ms
65ms Font
application/font-woff 2400:52e0:1a00::1207:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.swipepages.com/fonts/inter/regular/Inter-Regular.woff

Requested by

Host: order.saveournationtees.com
URL: https://order.saveournationtees.com/checkout

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-IL1-1207 /

Resource Hash

7a58ed1a141c551d58dc4ffcfe1c1a0486c8aa1a137507f410981f246443ee3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://order.saveournationtees.com/
Origin: https://order.saveournationtees.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-mtime: 1585676776
date: Sun, 14 Jul 2024 10:10:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cdn-edgestorageid: 1029
x-amz-request-id: tx0000034e3307d0b7cb4ad-0066145581-43bbc41a-ams3b
cdn-cachedat: 04/08/2024 20:37:21
cdn-pullzone: 127003
content-length: 171688
last-modified: Tue, 29 Dec 2020 09:18:26 GMT
server: BunnyCDN-IL1-1207
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "9731acee02294242030abe12cbee5ca0"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
x-rgw-object-type: Normal
cdn-requestid: d598550b5ab5c0f939b106fa8124a5ea
accept-ranges: bytes
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-ui.min.js Show response
scripts.swipepages.com/js/vendor/ 28 KB
10 KB 38ms
38ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/vendor/jquery-ui.min.js
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: 87a5d059866978ec7b34e6e92fe8e8bcc8359fada01169e519ad778536ded772

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
content-encoding: br
cdn-edgestorageid: 845
x-powered-by: Express
cdn-cachedat: 01/03/2024 10:52:38
cdn-pullzone: 127004
last-modified: Wed, 03 Jan 2024 07:13:28 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"705c-18cce2b85c0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 1aae53b2153e65f4ed27b0563e37fe0f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

POST
H/1.1 200
OK analytics Show response
app.swipepages.com/api/ 36 B
249 B 859ms
285ms XHR
text/html 165.227.246.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.swipepages.com/api/analytics
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.246.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 79b7e386c8b1719c7d885b2137e00a2bb165fa0f5543f5168a31f536e9b57276

Request headers

Accept: */*
Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 14 Jul 2024 10:10:57 GMT
x-powered-by: Express
content-length: 36
etag: W/"24-5XCXIkeCkUbVD3BGEqsI3zjiIFs"
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 pageView Show response
api.spiffy.co/elements/rabuha/crakt/ 53 B
463 B 463ms
285ms XHR
application/json 37.16.17.34
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spiffy.co/elements/rabuha/crakt/pageView

Requested by

Host: js.static.spiffy.co
URL: https://js.static.spiffy.co/spiffy.js?a=rabuha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

37.16.17.34 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/b58bab55 (2024-07-11) /

Resource Hash

ae997edafb22d549f9ba7456d3c75324e9b8266dacda6e90ebe7b2b744e496e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.saveournationtees.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: zstd
x-content-type-options: nosniff
date: Sun, 14 Jul 2024 10:10:57 GMT
via: 2 fly.io
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
fly-request-id: 01J2RBJQYYSW93HGZKQ0BRX1VZ-ord
server: Fly/b58bab55 (2024-07-11)
etag: W/"35-9s0DDL+Ni5Z2lDYgdU5NQY0iEc0"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://order.saveournationtees.com
access-control-allow-credentials: true

OPTIONS
H2 200 pageView
api.spiffy.co/elements/rabuha/crakt/ Frame 0
0 550ms
257ms Preflight 37.16.17.34
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spiffy.co/elements/rabuha/crakt/pageView

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

37.16.17.34 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/b58bab55 (2024-07-11) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://order.saveournationtees.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin,X-Client-Host,x-spiffy-ut,x-spiffy-ct,x-spiffy-si,x-subdomain,Accept,X-Forwarded-For,User-Agent
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://order.saveournationtees.com
access-control-max-age: 600
content-length: 0
date: Sun, 14 Jul 2024 10:10:56 GMT
fly-request-id: 01J2RBJQHEMZHENAJ77FR7JKVM-ord
server: Fly/b58bab55 (2024-07-11)
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 2 fly.io
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 204 favicon.ico
order.saveournationtees.com/ 0
333 B 173ms
172ms Other
text/plain 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://order.saveournationtees.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://order.saveournationtees.com/checkout
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 10:10:55 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 204
cdn-edgestorageid: 1070
x-powered-by: Express
cdn-cache: MISS
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cdn-cachedat: 07/14/2024 10:10:56
cache-control: public, max-age=0
cdn-pullzone: 2351184
cdn-requestid: 4be7dd7c335a4b2346037a0179ffb48a
cdn-requestcountrycode: CA
cdn-status: 204
cdn-requestpullsuccess: True

GET
H2 200 data
rabuha.spiffy.co/ Frame E5AB 0
0 413ms
204ms Document
text/html 2a09:8280:1::42:539
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rabuha.spiffy.co/data?elements=eyJtb2RhbGl0eSI6ImlubGluZSIsInVpZCI6IjUiLCJmcm9tIjoiaHR0cHM6Ly9vcmRlci5zYXZlb3VybmF0aW9udGVlcy5jb20vY2hlY2tvdXQifQ%3D%3D

Requested by

Host: js.static.spiffy.co
URL: https://js.static.spiffy.co/spiffy.js?a=rabuha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:539 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/b58bab55 (2024-07-11) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://order.saveournationtees.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 10:10:57 GMT
etag: "419e8-czkoEUTDIJkXRw6LKOb5BhqIbCY"
expect-ct: max-age=0
fly-request-id: 01J2RBJREQDZV59YKGRPRPG4EV-chi
link: </_nuxt/dbf78ee.js>; rel=preload; as=script, </_nuxt/7d66c83.js>; rel=preload; as=script, </_nuxt/5985265.js>; rel=preload; as=script, </_nuxt/67edc9c.js>; rel=preload; as=script, </_nuxt/336a3f6.js>; rel=preload; as=script
referrer-policy: no-referrer
server: Fly/b58bab55 (2024-07-11)
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.0 fly.io, 2 fly.io
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 quickshirts
rabuha.spiffy.co/checkout/ Frame 648A 0
0 762ms
556ms Document
text/html 2a09:8280:1::42:539
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rabuha.spiffy.co/checkout/quickshirts?elements=eyJtb2RhbGl0eSI6ImlubGluZSIsInVpZCI6NCwiZnJvbSI6Imh0dHBzOi8vb3JkZXIuc2F2ZW91cm5hdGlvbnRlZXMuY29tL2NoZWNrb3V0In0%3D&embeddedUpsells=false

Requested by

Host: js.static.spiffy.co
URL: https://js.static.spiffy.co/spiffy.js?a=rabuha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:539 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/b58bab55 (2024-07-11) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://order.saveournationtees.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 10:10:58 GMT
etag: "55480-zlzul+Qb4J+t7BUhHeNz2PBB8Js"
expect-ct: max-age=0
fly-request-id: 01J2RBJREQP1EFVVMNSFJKHRPD-chi
link: </_nuxt/dbf78ee.js>; rel=preload; as=script, </_nuxt/7d66c83.js>; rel=preload; as=script, </_nuxt/5985265.js>; rel=preload; as=script, </_nuxt/67edc9c.js>; rel=preload; as=script, </_nuxt/f1716b3.js>; rel=preload; as=script, </_nuxt/c71ce73.js>; rel=preload; as=script, </_nuxt/8b72fe8.js>; rel=preload; as=script, </_nuxt/d5276c1.js>; rel=preload; as=script, </_nuxt/dfb10c1.js>; rel=preload; as=script, </_nuxt/d823cc1.js>; rel=preload; as=script, </_nuxt/3604990.js>; rel=preload; as=script, </_nuxt/bb4d099.js>; rel=preload; as=script, </_nuxt/a5ebaee.js>; rel=preload; as=script, </_nuxt/6d0bb5a.js>; rel=preload; as=script, </_nuxt/8890500.js>; rel=preload; as=script, </_nuxt/ee66451.js>; rel=preload; as=script, </_nuxt/e2d0b80.js>; rel=preload; as=script, </_nuxt/445de82.js>; rel=preload; as=script, </_nuxt/a950543.js>; rel=preload; as=script
referrer-policy: no-referrer
server: Fly/b58bab55 (2024-07-11)
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.0 fly.io, 2 fly.io
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.rabuhamedia.com/v1/lst	1970-01-21 07:38:31	Name: __mh_tt_s Value: HB-ET_34f65dc135e3c88ef9a72b2867e9d1ded64041015dad99bd9a56d850b892ea9e
order.saveournationtees.com/	1969-12-31 23:59:59	Name: swipepages_user Value: 7nu73ur0tlglyleauus
order.saveournationtees.com/	1969-12-31 23:59:59	Name: 669338c32d014500111af3f2 Value: 669338c32d014500111af3f4
rabuha.spiffy.co/	1970-01-20 22:06:51	Name: swipepages_user Value: 7nu73ur0tlglyleauus
rabuha.spiffy.co/	1970-01-20 22:06:51	Name: 669338c32d014500111af3f2 Value: 669338c32d014500111af3f4
www.clarity.ms/	1970-01-21 06:48:07	Name: CLID Value: b862ed5c9d454592a840d7540b19949f.20240714.20250714
.tiktok.com/	1970-01-21 07:24:07	Name: _ttp Value: 2jEUinDbYXB9UGCTlqJGcD9s6Op
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: T
.clarity.ms/	1970-01-21 07:24:07	Name: MUID Value: 1585F2EB8D0B6E431116E657890B607A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://js.static.spiffy.co/spiffy.js?a=rabuha Message: Allow attribute will take precedence over 'allowpaymentrequest'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.spiffy.co
app.swipepages.com
assets.swipepages.com
js.static.spiffy.co
order.saveournationtees.com
rabuha.spiffy.co
saveournationtees.com
scripts.swipepages.com
165.227.246.253
2400:52e0:1a00::1206:2
2400:52e0:1a00::1207:2
2600:9000:244d:4e00:17:1595:9ac0:93a1
2a09:8280:1::42:539
37.16.17.34
52.2.56.64
13c0834def5fd43b81be3a7f5d73ba91eb362e79bbedfa4b367e17ebdead63d7
18d1caeb81e83b9dbb1f2779497261178158b7955096c11cebf20fbb611122a3
224d13ac34f6f348c8f33114e5731e7651ac302b74ed96624c7c0138ce0efe73
5a4dee64463648756560872500bb97ed997525f9caec92623f4a1e5b3890a91a
6d48f6957e9e2eb5ff2529ea26fdb60f17e1e78e8b6a23950eaecb3e492beddf
79b7e386c8b1719c7d885b2137e00a2bb165fa0f5543f5168a31f536e9b57276
7a58ed1a141c551d58dc4ffcfe1c1a0486c8aa1a137507f410981f246443ee3b
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
82e02531ea4f45cbff2c0f71004344e4872380162a8128e9e523f97c73cf8d81
87a5d059866978ec7b34e6e92fe8e8bcc8359fada01169e519ad778536ded772
ae997edafb22d549f9ba7456d3c75324e9b8266dacda6e90ebe7b2b744e496e7
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf042e86b94913d9bc042e62b43995ab84449d6b3fbf6d6563ba5d99515f3d90
e04fdc8ffe1a6d1387975fa740b7d5c50acc0fad48d890aefed648de55754348
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

order.saveournationtees.com Open in urlscan Pro 2400:52e0:1a00::1206:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

57 %IPv6

3 Domains

8 Subdomains

7 IPs

2 Countries

254 kBTransfer

407 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

9 Cookies

1 Console Messages

Indicators

order.saveournationtees.com Open in urlscan Pro
2400:52e0:1a00::1206:2 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

57 %
IPv6

3
Domains

8
Subdomains

7
IPs

2
Countries

254 kB
Transfer

407 kB
Size

9
Cookies

16 HTTP transactions
2 data transactions