customer.healthshieldonline.com Open in urlscan Pro
2606:4700:3035::ac43:dcd9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://customer.healthshieldonline.com/
Submission: On July 05 via automatic, source certstream-suspicious (July 5th 2021, 4:13:51 pm UTC)

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3035::ac43:dcd9, located in United States and belongs to CLOUDFLARENET, US. The main domain is customer.healthshieldonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 25th 2021. Valid for: a year.

This is the only time customer.healthshieldonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3035::ac43:dcd9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.18.76 104.18.18.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:20e... 2600:9000:20eb:6200:d:78ba:ad00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:2982	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 3	34.237.27.35 34.237.27.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:6027... 2620:100:6027:14::a27d:480e	19679 (DROPBOX) (DROPBOX)
28	8

10 2606:4700:3035::ac43:dcd9 (United States)

ASN13335 (CLOUDFLARENET, US)

customer.healthshieldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.76 (United States)

ASN13335 (CLOUDFLARENET, US)

js.paystack.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:6200:d:78ba:ad00:93a1 (United States)

ASN16509 (AMAZON-02, US)

checkout.paystack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:2982 (United States)

ASN13335 (CLOUDFLARENET, US)

paystack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.237.27.35 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-27-35.compute-1.amazonaws.com

health-shield-server.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6027:14::a27d:480e (United States)

ASN19679 (DROPBOX, US)

content.dropboxapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	healthshieldonline.com customer.healthshieldonline.com	1 MB
9	paystack.com checkout.paystack.com paystack.com	660 KB
3	herokuapp.com 1 redirects health-shield-server.herokuapp.com	11 KB
3	gstatic.com fonts.gstatic.com	160 KB
2	unpkg.com unpkg.com	2 MB
1	dropboxapi.com content.dropboxapi.com	53 KB
1	paystack.co js.paystack.co	10 KB
28	7

	Domain	Requested by
10	customer.healthshieldonline.com	customer.healthshieldonline.com
8	checkout.paystack.com	js.paystack.co checkout.paystack.com
3	health-shield-server.herokuapp.com	1 redirects customer.healthshieldonline.com
3	fonts.gstatic.com	customer.healthshieldonline.com
2	unpkg.com	customer.healthshieldonline.com unpkg.com
1	content.dropboxapi.com	customer.healthshieldonline.com
1	paystack.com	js.paystack.co
1	js.paystack.co	customer.healthshieldonline.com
28	8

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-25` - `2022-04-24`	a year	crt.sh
*.paystack.co DigiCert SHA2 Secure Server CA	`2019-10-29` - `2022-01-14`	2 years	crt.sh
*.paystack.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-29` - `2022-02-28`	a year	crt.sh
paystack.com DigiCert SHA2 Extended Validation Server CA	`2021-02-01` - `2022-03-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-05-29` - `2022-06-27`	a year	crt.sh
content.dropboxapi.com DigiCert SHA2 Extended Validation Server CA	`2021-01-28` - `2022-02-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://customer.healthshieldonline.com/
Frame ID: 44366C61B89ABC224160CB671D994D78
Requests: 20 HTTP requests in this frame

Frame: https://checkout.paystack.com/popup
Frame ID: AC8F6DC474E625CFC7AE852089AB211C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

4429 kB
Transfer

11917 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://health-shield-server.herokuapp.com/subscriptions/category_plans/1 HTTP 301
https://health-shield-server.herokuapp.com/subscriptions/category_plans/1/

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
customer.healthshieldonline.com/ 940 B
1 KB 58ms
37ms Document
text/html 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13fd13338041261332b49c439843d2f523965988ed9bf510d51e58398a17c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: customer.healthshieldonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:30 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-fra19136-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1625501611.910413,VS0,VE1
vary: x-fh-requested-host, accept-encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U%2FOgwB0SDm39kA2A52I1BBRNdnGjI3%2BRoNeybi6ofQwuSKeWYigpEVRDQdieipqFle952oBxwc1O1OL0naxauLryYTLwIqvO%2FYo5u%2FAWC6n%2B2BA1UHoLkCXJgWZMWdLdmCC%2F1XnqZaIYHGPXHpYMqPq9Y9O5UlbEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66a1e18c08fe4e25-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 main.dart.js Show response
customer.healthshieldonline.com/ 2 MB
601 KB 767ms
752ms Script
text/javascript 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/main.dart.js

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

646c46de71d49ff0c678315a03aef06bc84fae4e518cb01106a9b5d0d4e1f5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /main.dart.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:31 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19140-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501611.968307,VS0,VE662
etag: W/"f513ed1aa5b0bf1b9924f03d76df3da75f876b7a910f33e44c80ef45e487641e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oBhD1zmoh58kVnfLraWb3hYb%2B%2B%2FNAk5dqiG4hj7owcToHs4ftslLjRGdYmonIiFF6nxtBdcoF%2FaxfQmAvYjTjHVNJd6gN%2BWan7FirdBvyPmhcnheysFf94p7buYRbfnB1KBfKyj9J2HuHgL74BWJ%2FuUuv92HCiAilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 66a1e18c6caa2b65-FRA
x-cache-hits: 0

GET
H2 200 inline.js Show response
js.paystack.co/v1/ 31 KB
10 KB 203ms
73ms Script
application/javascript 104.18.18.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.paystack.co/v1/inline.js

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c960419a47c96666347ae3ed38320ed6b120da755cad90ebb96a13bc8ea9a2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:31 GMT
via: 1.1 29a825d8a219984d47bec4350779b559.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5900
x-cache: Hit from cloudfront
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 16 Oct 2020 15:25:17 GMT
server: cloudflare
etag: W/"24dd8e673d42f49e9d561817dc8bd710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-cf-pop: SEA19-C3
cf-ray: 66a1e18d48460818-CDG
x-amz-cf-id: LDxoG92DnhWnM8S7gByhpq8rVuywalMtPWHFAkl5wBA0xhszYPAWZw==
expires: Mon, 05 Jul 2021 20:13:31 GMT

GET
H3-29 200 toastify.css
customer.healthshieldonline.com/assets/packages/fluttertoast/assets/ 1 KB
1 KB 219ms
218ms Stylesheet
text/css 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/packages/fluttertoast/assets/toastify.css

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69baf44fea5b3efd3377babc154ef1b83bf8263b910202a8c7d6e745d751349f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/packages/fluttertoast/assets/toastify.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19140-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501612.006215,VS0,VE186
etag: W/"b3106479402ae9cdfaebc5e46d5b8f807692c6fff685bd43b29ef265fe1f59de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=29Z8vZna5d7S1rZoO3ThPzIB1MQTQtJxbpDlaREZw6TlwdV64KFxuO0QHdilagYMpbqhuvC8%2Bw%2B6%2FI8hioDg%2Bt5GhikbAY%2FNBWjNQGRQiExRuXa%2B44BB5yfZaRZmHuQatxALG2Ul%2FEPCNgOuQn3pZ4HTFut3sagaoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 66a1e192ec202b65-FRA
x-cache-hits: 0

GET
H3-29 200 toastify.js Show response
customer.healthshieldonline.com/assets/packages/fluttertoast/assets/ 5 KB
2 KB 225ms
224ms Script
text/javascript 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/packages/fluttertoast/assets/toastify.js

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fa91fad6dcf4497f838937b8fc57105eef131d5adbd4cbe3936ce6d4248ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/packages/fluttertoast/assets/toastify.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19172-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501612.006908,VS0,VE178
etag: W/"af7cc93040f6a408fc5081768148326a2d6fa411d38e24c6adfa5dc067f8a1cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b2mOEpPWu5gp%2FegDnnNPgIQs%2FMfniqHHxYRzAr%2BNYWZjIRlFCOJ%2BpkBe8Dx2MGXpAxgPEeY6SHEFrJPUoVJKUCrUcF37lfRAFv15kKSv3%2F2qUkZ1Gexcx5ltWpomkPU%2BikeM3B4ta0cddPnhsfbwGH5NVBz3e8luJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 66a1e192ec242b65-FRA
x-cache-hits: 0

GET
H2 200 canvaskit.js Show response
unpkg.com/canvaskit-wasm@0.25.1/bin/ 120 KB
36 KB 42ms
24ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/canvaskit-wasm@0.25.1/bin/canvaskit.js

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12729155ff56fce7be6bb93ab2666c99fd7ff844e6c4611d144808c942b50748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6346775
fly-request-id: 01F3YJC0MERZZG2B5GKG1MJJ5N
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1df59-GMc0Tal0G/nC/1P6VQDF5AcmVUM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66a1e193189cc2c7-FRA

GET
H2 200 canvaskit.wasm Show response
unpkg.com/canvaskit-wasm@0.25.1/bin/ 7 MB
2 MB 66ms
51ms Fetch
application/wasm 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/canvaskit-wasm@0.25.1/bin/canvaskit.wasm

Requested by

Host: unpkg.com
URL: https://unpkg.com/canvaskit-wasm@0.25.1/bin/canvaskit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0ff53e819064f9b707b2bc4b5d5b0f8ee95eb5ecead004e1cf9e546bde900d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6365096
fly-request-id: 01F3Y0WZADCDTZF4QRPDZD7A13
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"689192-5D3C7YqB62gpVVLrMsFA8igFO0g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 66a1e1936ed55369-FRA

GET
H2 200 popup Show response
checkout.paystack.com/ Frame AC8F 4 KB
5 KB 66ms
28ms Document
text/html 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/popup
Requested by: Host: js.paystack.co
URL: https://js.paystack.co/v1/inline.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0e0824509f7c7833f3541e1ac9c726205b8512e6ef1e43b4efa89829ed7a50f

Request headers

:method: GET
:authority: checkout.paystack.com
:scheme: https
:path: /popup
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://customer.healthshieldonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://customer.healthshieldonline.com/

Response headers

content-type: text/html
content-length: 4586
last-modified: Thu, 24 Jun 2021 11:25:27 GMT
x-amz-version-id: nIJS9s8mUqSDQeu_vFnysPpk4PlPqgVh
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Jul 2021 00:23:58 GMT
cache-control: no-cache
etag: "859ff83f0298b90a5ae30924035b25bb"
x-cache: Hit from cloudfront
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DpT5BB9K6yQ2dXLwBac2oLFOv0Vm5vGqg8FV_V_HwguI41XF5zLw1A==
age: 58090

GET
H2 200 button.min.css
paystack.com/public/css/ 1 KB
920 B 194ms
44ms Stylesheet
text/css 2606:4700:10::6814:2982
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paystack.com/public/css/button.min.css

Requested by

Host: js.paystack.co
URL: https://js.paystack.co/v1/inline.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:2982 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb5bd4818ab860a9302f92cf46754c4cdbbda30c39f6f122796e441fb9355ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2319
vary: Accept-Encoding
pragma: public
last-modified: Fri, 02 Jul 2021 07:23:54 GMT
server: cloudflare
etag: W/"60debf0a-4f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 66a1e1958de12bd6-FRA
expires: Mon, 05 Jul 2021 16:43:32 GMT

GET
H2 200 app.3cabcee774dee1e2a72f.css
checkout.paystack.com/static/css/ Frame AC8F 65 KB
12 KB 10ms
6ms Stylesheet
text/css 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/css/app.3cabcee774dee1e2a72f.css
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bd60c4737d1279b922ad8e0a257162460622c125d0501b2220073ea77f33a89

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 11:26:35 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:25:20 GMT
server: AmazonS3
age: 967618
etag: W/"4908088fe3455dbc8b455d82dbc240aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: HOMM0Q62bhQYwCTaLDKTTYy_QvYrVPkU
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: cJ_6AV9zlpVOfJLU6unkdC2lIHRLDLp6cLb2fWhunATvwRtJE5q0iA==

GET
H2 200 runtime.af4cfb7c9dd3385ee947.js Show response
checkout.paystack.com/static/js/ Frame AC8F 2 KB
1 KB 10ms
6ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/runtime.af4cfb7c9dd3385ee947.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b15fc845d5a7a7ffce6f430f4576801a5f099748a52eb1f124fa3b188c72d7d

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 00:06:16 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:26:29 GMT
server: AmazonS3
age: 58037
etag: W/"90d4d5565939c4b20149d16b677cf0ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6QK1EGn2Eaf9WxEFCElgQM5sXf3JFs4c
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: Oc4IDUBTh5teHbqdBUzyuS3uVbr9yaEj0kaEzm4eFnm-eZXb12XStw==

GET
H2 200 date-fns.0491b53d17699e571f09.js Show response
checkout.paystack.com/static/js/ Frame AC8F 31 KB
8 KB 11ms
7ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/date-fns.0491b53d17699e571f09.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfaaa9840bcb39b1fc6c18aad50ce76e980c573c97d4f4800236eb431b3f223

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KbH31ITU__Jjv11GFN4mPmzqjRO0DaZ7
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:26:26 GMT
server: AmazonS3
age: 17466
etag: W/"bc1a5f0e56e2359ead26938cde8cded5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
date: Mon, 05 Jul 2021 11:23:44 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4EkdY7zM-Jy3hyiauhYO_eBowUMZNyc9SeFa4gWXn2S_kGp4VPJFSQ==

GET
H2 200 browser-rum.629142ab7f4a77e769d1.js Show response
checkout.paystack.com/static/js/datadog/ Frame AC8F 32 KB
11 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/datadog/browser-rum.629142ab7f4a77e769d1.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e487c38fe97d1ad489dc86c3726a88bc4251a40728c53047f08abf0ad2861a4

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bqql46SK5pbj4Eu1ovvBgmBUa3KNDEbr
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:26:31 GMT
server: AmazonS3
age: 65374
etag: W/"eb73f3ff1f1932e04ba90de37a04f3cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
date: Mon, 05 Jul 2021 11:13:44 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: YLWQGgmbF4SuEWImiXsVBxUxnlOzgQhyt3DofdPP3act3mLIWFan3g==

GET
H2 200 rollbar.ee5abeda9f3cbbe1995b.js Show response
checkout.paystack.com/static/js/ Frame AC8F 75 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/rollbar.ee5abeda9f3cbbe1995b.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29fda17c0a0769fd4cf59074c1b158abbc42cae5c6ba8d7085253f332741ead4

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vhV6ZnDWVwdx8dibNHqMD1iBhge6fVyW
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:26:26 GMT
server: AmazonS3
age: 57210
etag: W/"a77bf0c37ffe2414c13cec1ba32157b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
date: Mon, 05 Jul 2021 13:25:44 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DUwpOsmRhsWy0keEZB9rwHoSsoq4MbDrpQunkI9tl-Y0816s17jHdA==

GET
H2 200 vendors~app.dde8713c1831d4647193.js Show response
checkout.paystack.com/static/js/ Frame AC8F 536 KB
537 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/vendors~app.dde8713c1831d4647193.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa885e5c8848c31c9eac6b1038b09a2f9b95fc1066e1ba507af441aca1a9feab

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 16:20:57 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 24 Jun 2021 11:26:28 GMT
server: AmazonS3
age: 85956
etag: "8d0dc051dfc1011855f016f7756f5ffb"
x-cache: Hit from cloudfront
x-amz-version-id: KtfI_xvKf5mA8CEFhGQe3hUkv51bVyrA
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 548717
x-amz-cf-id: emAt-rAfJ0ax0NRbrLNlNk_vIAx-nafQbVHzeLpc81eZ58xrhrxGOg==

GET
H2 200 app.9a711771f6b4a85673ad.js Show response
checkout.paystack.com/static/js/ Frame AC8F 314 KB
64 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:6200:d:78ba:ad00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.paystack.com/static/js/app.9a711771f6b4a85673ad.js
Requested by: Host: checkout.paystack.com
URL: https://checkout.paystack.com/popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:d:78ba:ad00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2d5752e9d7890647a03905fe0a1ee227a2e78ff12e5e0a292904db8e593f306

Request headers

Referer: https://checkout.paystack.com/popup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kjkCvlmX0TyO5SQVqeXREe2wbRK0F8ls
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:26:33 GMT
server: AmazonS3
age: 82202
etag: W/"5b9749ee5c24112f37c642671a3cb1e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
date: Mon, 05 Jul 2021 04:57:17 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rKy5b8iHxQhPpDvBdYa0ynXZpKXlIzG2whnobF6ugZJ2QoHe5YYXWg==

GET
H3-29 200 FontManifest.json Show response
customer.healthshieldonline.com/assets/ 208 B
838 B 28ms
27ms XHR
application/json 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/FontManifest.json

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/FontManifest.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:32 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19165-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501613.935627,VS0,VE1
etag: W/"eaa6c048be6249385e4a4310b72bcc579e683b9f5c61e0493d8c0988894f307d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b53ea4s3sliGC%2BW7PZxEU8NyTa6U%2FfPS3Aq1XpJYlwFye5QQwXJidQPtaeOLUjMmnn3hxJebT%2F145hFLTF4IJ8BvaYlSaIarR5Lij6M8B%2Bk1cMH8M0BEpMFZ6pqZZygqLY1LAT6Grgre%2BWsbWRO%2BIJ2qgE0SnJV74A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 66a1e198ba0c2b65-FRA
x-cache-hits: 1

GET
H3-29 200 MaterialIcons-Regular.otf Show response
customer.healthshieldonline.com/assets/fonts/ 1 MB
395 KB 700ms
700ms Fetch
font/otf 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/fonts/MaterialIcons-Regular.otf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d04d08fe02dab67188f72e1e97258f4a0d8b5982523e02edea132f8090f9fab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/fonts/MaterialIcons-Regular.otf
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:33 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19181-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501613.330707,VS0,VE589
etag: W/"8c402bdc0a798536fe39a200382c990415bf07cc4e46a658789c96a3c412efb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zADiq%2F2%2Bw1yYqhQxzL%2FPmHk1ph%2BdecxNEhTebhRE97yw0AXg%2BA0WbWXRSZpcsJYrMk%2FUn1gNn9UPbDuKzoCwkPlSdC6nSduVkuyEiuunNe9mYzG7Sz0QqmN2ZHBphEbXdOroiFNSLw0KlKWK%2BJ9yAihJT0Q6ZO3w%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
cache-control: max-age=14400
cf-ray: 66a1e19b383a2b65-FRA
x-cache-hits: 0

GET
H3-29 200 CupertinoIcons.ttf Show response
customer.healthshieldonline.com/assets/packages/cupertino_icons/assets/ 91 KB
51 KB 343ms
343ms Fetch
font/ttf 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a7cada21ee9a5e34ceed71495dc79e813d3d51614111063b355f76ec924816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:33 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19182-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501613.342578,VS0,VE272
etag: W/"ecb9bc3cc937bdb5dba85875c27cc04da7f9f257a202b8b228059c353895f459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hJFhDMhfuYWlrYBXkql2Zf4GnXaJ6LCXRqG7I4gN9JbOcncH6kax5BJwh0tFe3eBugU97IwIbamTWv%2BZ%2FXln2TioD9VZMc6m%2F0fsksvHWoRU7sOxxQKwjWz24EgfHcgYtTuB8GfrqPZXcC3LNjcj6MHo02VSM3qHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 66a1e19b383c2b65-FRA
x-cache-hits: 0

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
89 KB 8ms
7ms Fetch
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 11:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 11:01:15 GMT

GET
H3-29 200 AssetManifest.json Show response
customer.healthshieldonline.com/assets/ 2 KB
1 KB 103ms
102ms XHR
application/json 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/AssetManifest.json

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33327cb9e38bea44030e9690211ce1ddda805973a069c749ec0f748d9be219c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/AssetManifest.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:34 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19168-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501614.429549,VS0,VE1
etag: W/"71bfa147b763ad0cb2a3c8880936f012e8f0202656d88212498b304315c0a5a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wuunZUmZkFzkL1bR%2F5UQIk%2FfmXbauZXMUdV5rY22jST%2BGiKpflPE3Mtx5VZQgzJFc%2F7VHg87tm4jyctaCFZkxC%2FtyLVF22mFKmrw5ug3db8NlkyL03h6UOc%2BRQtQ9etJhL%2FUE%2F2PIGUhNdWBvXkPexmWT9Ktt1mU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 66a1e1a2180e2b65-FRA
x-cache-hits: 1

GET
H3-29 200 AssetManifest.json Show response
customer.healthshieldonline.com/assets/ 2 KB
1 KB 82ms
81ms XHR
application/json 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/AssetManifest.json

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33327cb9e38bea44030e9690211ce1ddda805973a069c749ec0f748d9be219c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/AssetManifest.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:34 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19165-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501615.646727,VS0,VE1
etag: W/"71bfa147b763ad0cb2a3c8880936f012e8f0202656d88212498b304315c0a5a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e87MXChsVO%2BpJvFrxsRSUmo1j%2FmlL3AV1lki%2BZR44KZe6%2Bsk2utWhOB4a5Msuk5JFgV3rjQGLIp%2BwFZ3f%2FKpP6zD2hXTbgN5HrAnEhOIXgIY%2BSVHJjLl8ixCCOHI4zvd%2B21ZJFc3NE1hEo%2BUvK18QhNtoHY7ZOtB1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
cf-ray: 66a1e1a37bab2b65-FRA
x-cache-hits: 1

GET
H3-29 200 2e734a39ad0b4a1dffd327f552cce678e867791007200be49b6a93a6c7c71b27.ttf Show response
fonts.gstatic.com/s/a/ 81 KB
35 KB 96ms
91ms XHR
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/a/2e734a39ad0b4a1dffd327f552cce678e867791007200be49b6a93a6c7c71b27.ttf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e734a39ad0b4a1dffd327f552cce678e867791007200be49b6a93a6c7c71b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 13:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36010
x-xss-protection: 0
last-modified: Fri, 23 Jun 2017 20:16:35 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:04:24 GMT

GET
H3-29 200 a649aaf21573a59079c46db19314fd95648f531e610fa932101f2705616b2882.ttf Show response
fonts.gstatic.com/s/a/ 79 KB
36 KB 93ms
90ms XHR
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/a/a649aaf21573a59079c46db19314fd95648f531e610fa932101f2705616b2882.ttf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a649aaf21573a59079c46db19314fd95648f531e610fa932101f2705616b2882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36783
x-xss-protection: 0
last-modified: Fri, 23 Jun 2017 20:16:37 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:34:23 GMT

GET
H3-29 200 logo.png Show response
customer.healthshieldonline.com/assets/assets/images/ 5 KB
5 KB 196ms
195ms XHR
image/png 2606:4700:3035::ac43:dcd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.healthshieldonline.com/assets/assets/images/logo.png

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dcd9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e52f98c2b217af7d2af13c0f1479f15eeb71f96dc2ead95516fbe4097c7511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:path: /assets/assets/images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: customer.healthshieldonline.com
referer: https://customer.healthshieldonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 16:13:35 GMT
vary: x-fh-requested-host, accept-encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4652
x-served-by: cache-fra19134-FRA
last-modified: Mon, 05 Jul 2021 15:48:37 GMT
server: cloudflare
x-timer: S1625501616.644317,VS0,VE164
etag: "a7b52f63ea61d0abfdbce222877dc98ce62662b8c2764668991a8ae4b3afb095"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XTVDoGz7nerSGo9lLmWD%2BGSIzoUaDSbYAXhw%2BNvILVhTCZr0YLJIBLSY2HY4KKMwytNlz17FbzzaaKDSbjNjKX%2FOzF1JafY96KQc64V0WVSFe%2FJzApPfSdPVS6qfHRVZIutK9vje1plET%2Fa3v6OMyWGm%2B%2FVf8W4x3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66a1e1a9aaa52b65-FRA
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
health-shield-server.herokuapp.com/subscriptions/plan-categories/ 7 KB
7 KB 3465ms
3068ms XHR
application/json 34.237.27.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://health-shield-server.herokuapp.com/subscriptions/plan-categories/

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.27.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-27-35.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

429947e344017dd385e8733754d58186a7ee9846f7cc4540ac793fcd41bd79ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 16:13:40 GMT
Via: 1.1 vegur
Allow: GET, HEAD, OPTIONS
Server: gunicorn/20.0.4
X-Frame-Options: SAMEORIGIN
Vary: Accept, Origin
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 7209

GET
H/1.1 200
OK Az3XKAgIVOj3brdES_Fih5-sGLZPJVKk86dUZeoyXC3sCykj0QTDLLmWPHgkfXhZ4YDOHt_r1S_ZvEcXs-wHQz4QalwMLHGV94P-WiizYxvcIiAJvdi6SIaGJJCbJbyOImnWiERnGTyomAtJPwX3ckKaheP5_OAHTqWqAG0pe5f0-4NNZO4jvcPVKGrDln3q-uJtO... Show response
content.dropboxapi.com/apitl/1/ 52 KB
53 KB 1192ms
1042ms XHR
image/jpeg 2620:100:6027:14::a27d:480e
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://content.dropboxapi.com/apitl/1/Az3XKAgIVOj3brdES_Fih5-sGLZPJVKk86dUZeoyXC3sCykj0QTDLLmWPHgkfXhZ4YDOHt_r1S_ZvEcXs-wHQz4QalwMLHGV94P-WiizYxvcIiAJvdi6SIaGJJCbJbyOImnWiERnGTyomAtJPwX3ckKaheP5_OAHTqWqAG0pe5f0-4NNZO4jvcPVKGrDln3q-uJtOyIjAbX7DEVeSvlR35UK2J3hfKed-UG7lDnkH_NSFzhRO5OrXG1eRHtH4_NaOcCi06iEUAvNmGB7uIplbUrfCra8kODqvI5sYrEHSWYFColHDGe0NqC7-R2yawmf8UVpEXZUtxG1DI3tows8O4Hf

Requested by

Host: customer.healthshieldonline.com
URL: https://customer.healthshieldonline.com/main.dart.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6027:14::a27d:480e , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

9df33cc19726ce8386de0267e2d410c4fe815c58e616661bca7704186a51789d

Security Headers

Name	Value
Content-Security-Policy	sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 16:13:41 GMT
X-Content-Type-Options: nosniff
X-Dropbox-Request-Id: 4c37416efa4d4c35b4c73095f5816489
X-Dropbox-Response-Origin: remote
Content-Disposition: attachment; filename="1.jpg"; filename*=UTF-8''1.jpg
Vary: Origin
Content-Length: 53382
Pragma: public
Referrer-Policy: no-referrer
Server: envoy
Etag: 1623027558251987n
X-Server-Response-Time: 455
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
Cache-Control: max-age=0
Content-Security-Policy: sandbox
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noimageindex, noindex, nofollow, noimageindex
X-Webkit-Csp: sandbox
X-Content-Security-Policy: sandbox

GET
H/1.1

200
OK

/ Show response
health-shield-server.herokuapp.com/subscriptions/category_plans/1/
Redirect Chain

https://health-shield-server.herokuapp.com/subscriptions/category_plans/1
https://health-shield-server.herokuapp.com/subscriptions/category_plans/1/

3 KB
3 KB

183ms
183ms

XHR
application/json

34.237.27.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://health-shield-server.herokuapp.com/subscriptions/category_plans/1/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.27.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-27-35.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

2a80459660e4c867dd8c4eb9b280a260ff5980d2643e0cfc35070e83bbf4ffab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://customer.healthshieldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 16:13:40 GMT
Via: 1.1 vegur
Allow: GET, HEAD, OPTIONS
Server: gunicorn/20.0.4
X-Frame-Options: SAMEORIGIN
Vary: Accept, Origin
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 2830

Redirect headers

Date: Mon, 05 Jul 2021 16:13:40 GMT
Via: 1.1 vegur
Server: gunicorn/20.0.4
Location: /subscriptions/category_plans/1/
Vary: Origin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://checkout.paystack.com/static/js/rollbar.ee5abeda9f3cbbe1995b.js(Line 1) Message: Rollbar: hostWhiteList is deprecated. Use hostSafeList.
console-api	warning	URL: https://checkout.paystack.com/static/js/rollbar.ee5abeda9f3cbbe1995b.js(Line 1) Message: Cookies are not authorized, we will not send any data.
console-api	warning	URL: https://customer.healthshieldonline.com/main.dart.js(Line 40917) Message: WARNING: Falling back to CPU-only rendering. WebGL support not detected.
console-api	log	URL: https://customer.healthshieldonline.com/main.dart.js(Line 5181) Message: [Instance of 'minified:KN', Instance of 'minified:KN', Instance of 'minified:KN']

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

checkout.paystack.com
content.dropboxapi.com
customer.healthshieldonline.com
fonts.gstatic.com
health-shield-server.herokuapp.com
js.paystack.co
paystack.com
unpkg.com
104.18.18.76
2600:9000:20eb:6200:d:78ba:ad00:93a1
2606:4700:10::6814:2982
2606:4700:3035::ac43:dcd9
2606:4700::6810:7aaf
2620:100:6027:14::a27d:480e
2a00:1450:4001:803::2003
34.237.27.35
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
12729155ff56fce7be6bb93ab2666c99fd7ff844e6c4611d144808c942b50748
29fda17c0a0769fd4cf59074c1b158abbc42cae5c6ba8d7085253f332741ead4
2a80459660e4c867dd8c4eb9b280a260ff5980d2643e0cfc35070e83bbf4ffab
2e734a39ad0b4a1dffd327f552cce678e867791007200be49b6a93a6c7c71b27
33327cb9e38bea44030e9690211ce1ddda805973a069c749ec0f748d9be219c1
429947e344017dd385e8733754d58186a7ee9846f7cc4540ac793fcd41bd79ca
4cb5bd4818ab860a9302f92cf46754c4cdbbda30c39f6f122796e441fb9355ce
646c46de71d49ff0c678315a03aef06bc84fae4e518cb01106a9b5d0d4e1f5c4
69baf44fea5b3efd3377babc154ef1b83bf8263b910202a8c7d6e745d751349f
6e487c38fe97d1ad489dc86c3726a88bc4251a40728c53047f08abf0ad2861a4
77a7cada21ee9a5e34ceed71495dc79e813d3d51614111063b355f76ec924816
8bd60c4737d1279b922ad8e0a257162460622c125d0501b2220073ea77f33a89
99fa91fad6dcf4497f838937b8fc57105eef131d5adbd4cbe3936ce6d4248ec1
9b15fc845d5a7a7ffce6f430f4576801a5f099748a52eb1f124fa3b188c72d7d
9df33cc19726ce8386de0267e2d410c4fe815c58e616661bca7704186a51789d
a649aaf21573a59079c46db19314fd95648f531e610fa932101f2705616b2882
ab0ff53e819064f9b707b2bc4b5d5b0f8ee95eb5ecead004e1cf9e546bde900d
c960419a47c96666347ae3ed38320ed6b120da755cad90ebb96a13bc8ea9a2ad
cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21
d04d08fe02dab67188f72e1e97258f4a0d8b5982523e02edea132f8090f9fab4
e0e0824509f7c7833f3541e1ac9c726205b8512e6ef1e43b4efa89829ed7a50f
ebfaaa9840bcb39b1fc6c18aad50ce76e980c573c97d4f4800236eb431b3f223
f13fd13338041261332b49c439843d2f523965988ed9bf510d51e58398a17c94
f2d5752e9d7890647a03905fe0a1ee227a2e78ff12e5e0a292904db8e593f306
f6e52f98c2b217af7d2af13c0f1479f15eeb71f96dc2ead95516fbe4097c7511
fa885e5c8848c31c9eac6b1038b09a2f9b95fc1066e1ba507af441aca1a9feab

customer.healthshieldonline.com Open in urlscan Pro 2606:4700:3035::ac43:dcd9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

4429 kBTransfer

11917 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

customer.healthshieldonline.com Open in urlscan Pro
2606:4700:3035::ac43:dcd9 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

4429 kB
Transfer

11917 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions