urlscan.io logo urlscan.io
SecurityTrails logo

www.zhp.shift.usermd.net Open in urlscan Pro
85.194.241.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zhp.shift.usermd.net/
Submission: On January 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 85.194.241.244, located in Lubartow, Poland and belongs to ECO-ATMAN-PL ECO-ATMAN-, PL. The main domain is www.zhp.shift.usermd.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2020. Valid for: 3 months.
This is the only time www.zhp.shift.usermd.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 85.194.241.244 57367 (ECO-ATMAN...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 6
6    85.194.241.244 (Lubartow, Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web27.mydevil.net
www.zhp.shift.usermd.net
5    2606:4700:3034::ac43:813c (United States)

ASN13335 (CLOUDFLARENET, US)
img.shields.io
2    2606:4700:20::681a:a38 (United States)

ASN13335 (CLOUDFLARENET, US)
styleci.io
github.styleci.io
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.zhp.shift.usermd.net www.zhp.shift.usermd.net
5 img.shields.io www.zhp.shift.usermd.net
3 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.zhp.shift.usermd.net
1 github.styleci.io www.zhp.shift.usermd.net
1 styleci.io 1 redirects
16 6
Subject Issuer Validity Valid
zhp.shift.usermd.net
Let's Encrypt Authority X3		 2020-12-01 -
2021-03-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-09 -
2021-08-09		 a year crt.sh
styleci.io
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.zhp.shift.usermd.net/
Frame ID: E73AD4B5A4B9C91171D583E0C2E19287
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

556 kB
Transfer

1242 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://styleci.io/repos/1375774/shield?branch=master HTTP 302
  • https://github.styleci.io/repos/1375774/shield?branch=master

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zhp.shift.usermd.net/ 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx / PHP/7.3.23
Resource Hash
4b4d1105c7a16b3fd9a53c381e72ae38f8c65b980515c703d5151ce51cb238a4

Request headers

:method
GET
:authority
www.zhp.shift.usermd.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Sat, 30 Jan 2021 22:05:29 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.23
expires
Tue, 02 Mar 2021 22:05:29 GMT
cache-control
max-age=2678400
content-encoding
gzip
app.css
www.zhp.shift.usermd.net/app/assets/ 		75 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx /
Resource Hash
aa929bdc5bbe46deb18d37335a76d010ef3861af03c148b11dc28a8954f64cae

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:29 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 01:13:13 GMT
server
nginx
accept-ranges
bytes
etag
W/"5f7a7329-12a9a"
content-type
text/css
directory-lister.svg
www.zhp.shift.usermd.net/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zhp.shift.usermd.net/directory-lister.svg
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx /
Resource Hash
6dfa298768d4976226b39b426787ada013092c3d106152b6d1b59091c6ff35dd

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:29 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 01:11:46 GMT
server
nginx
accept-ranges
bytes
etag
W/"5f7a72d2-178f"
content-type
image/svg+xml
Join_the-Community-7b16ff.svg
img.shields.io/badge/ 		669 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Join_the-Community-7b16ff.svg?style=for-the-badge
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ebe2cc5d34a3c6b73f77c5ed856071d6360387b2d0d1fb7d8a3cac4042f063

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
619e7ea6d9b92bdd-FRA
date
Sat, 30 Jan 2021 22:05:30 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Fri, 29 Jan 2021 22:35:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pYP1AK%2FW6tsn%2FpYmAY%2FDQpVAy9C75dQs8wC7de8MMkGQ7peDfmaPiROXxQhrOrW7jP59tHFu8engIADNortShGRKlbXqxA6G3BvjJ9oFyWfFO32zE42MNUnvvg%3D%3D"}],"max_age":604800}
content-type
image/svg+xml;charset=utf-8
cache-control
max-age=86400, s-maxage=86400
nel
{"max_age":604800,"report_to":"cf-nel"}
content-encoding
br
cf-request-id
07f6ed7c4300002bddb5afe000000001
Become_a-Sponsor-cc4195.svg
img.shields.io/badge/ 		662 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Become_a-Sponsor-cc4195.svg?style=for-the-badge
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6013e8ad2462e5da9fed2e3c21907d1d5d7fbde5546aaf7be3d1c5d5c1919ce8

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
619e7ea6d9bd2bdd-FRA
date
Sat, 30 Jan 2021 22:05:30 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Fri, 29 Jan 2021 22:21:32 GMT
server
cloudflare
age
19416
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9BfT3OMSdlqWqgw2N2yMcDGiOHD9ss8kv%2FREdP6mqx5PnG5DVht1AMAdhffZwKb32%2FLhXiCJFYsuLdeCTU5jXLq01aFGBH3D8jd49EQjFErkEO2L72WwpbjXyg%3D%3D"}],"max_age":604800}
content-type
image/svg+xml;charset=utf-8
cache-control
max-age=86400, s-maxage=86400
nel
{"max_age":604800,"report_to":"cf-nel"}
content-encoding
br
cf-request-id
07f6ed7c4300002bdd16000000000001
Make_a-Donation-006bb6.svg
img.shields.io/badge/ 		653 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/Make_a-Donation-006bb6.svg?style=for-the-badge
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935998b178d11bf06132eac014438cdb4fbb8fbba3af47073b63776e991bca24

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
619e7ea6d9bf2bdd-FRA
date
Sat, 30 Jan 2021 22:05:30 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Fri, 29 Jan 2021 22:35:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uFaQ3NDgoYgZLmAsC6jyVikEWt7r7x37Vbhoh8ZIRzwxRkr8QWcLJ9F15P8gk2c3p2k3GtIwAlXgwZc6layhgfuYwWzvzTX4G4gmTYtwuBeOxm%2Fw3LcFGV%2F%2FKA%3D%3D"}],"max_age":604800}
content-type
image/svg+xml;charset=utf-8
cache-control
max-age=86400, s-maxage=86400
nel
{"max_age":604800,"report_to":"cf-nel"}
content-encoding
br
cf-request-id
07f6ed7c4300002bddeb2bb000000001
DirectoryLister
img.shields.io/github/license/DirectoryLister/ 		620 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/github/license/DirectoryLister/DirectoryLister?style=flat-square
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8234d05175dcc0d8e016d7bdf589553bc60555db08916627e9125fd27fe1d0

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
619e7ea6d9be2bdd-FRA
date
Sat, 30 Jan 2021 22:05:30 GMT
via
1.1 vegur
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=42b8scVBU9LHBTUaZbV475BBIWGJuKwpLW1KfzbFfTJa6F28%2ByZXZiJhFIKzmU0ZTnvzeEOo26KuK6VBLE1atSGGNCAHSFibNWYF5Y7xj78jUOboswi3bOK9cg%3D%3D"}],"max_age":604800}
content-type
image/svg+xml;charset=utf-8
cache-control
max-age=3600, s-maxage=3600
content-encoding
br
cf-request-id
07f6ed7c4300002bdd9eb72000000001
expires
Sat, 30 Jan 2021 23:05:30 GMT
master
img.shields.io/travis/com/DirectoryLister/DirectoryLister/ 		623 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/travis/com/DirectoryLister/DirectoryLister/master?style=flat-square
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605a25a61bb9d287edee8744552e1e111e1ec8e56f3c4a1ba604872973b1d70a

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
619e7ea6d9bc2bdd-FRA
date
Sat, 30 Jan 2021 22:05:30 GMT
via
1.1 vegur
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9kbSwaeIzky24M2aa07yxWbqrSk0T3qH3pzLOFkhuiTHdz9S8BoY%2FQEMxQVTLla54kinIuDl4le7lbmL6gn1vdDryAdSTCNwuerX0kWiMtNDVQR3WsPsJ6NFww%3D%3D"}],"max_age":604800}
content-type
image/svg+xml;charset=utf-8
cache-control
max-age=30, s-maxage=30
content-encoding
br
cf-request-id
07f6ed7c4400002bddf0a8d000000001
expires
Sat, 30 Jan 2021 22:06:00 GMT
shield
github.styleci.io/repos/1375774/
Redirect Chain
  • https://styleci.io/repos/1375774/shield?branch=master
  • https://github.styleci.io/repos/1375774/shield?branch=master
358 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://github.styleci.io/repos/1375774/shield?branch=master
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08492182c18360c657c3afdc2e7b06f19cb2ebcb136a3a008662b30c4b437198
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.styleci.io https://cdnjs.cloudflare.com https://js.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com https://cdn.paddle.com; style-src 'self' 'unsafe-inline' data: https://cdn.styleci.io https://cdnjs.cloudflare.com https://fonts.googleapis.com https://beacon-v2.helpscout.net https://djtflbt20bdde.cloudfront.net https://optimize.google.com https://cdn.paddle.com; img-src 'self' data: https://cdn.styleci.io https://*.gravatar.com https://d33v4339jhl8k0.cloudfront.net https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com; font-src 'self' https://cdn.styleci.io https://fonts.gstatic.com; object-src 'self' https://beacon-v2.helpscout.net; connect-src 'self' https://cdn.styleci.io https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com wss://*.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://notify.bugsnag.com https://sessions.bugsnag.com; frame-src https://js.stripe.com https://beacon-v2.helpscout.net https://optimize.google.com; media-src https://beacon-v2.helpscout.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-request-id
07f6ed7c8500004a67c803a000000001
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.styleci.io https://cdnjs.cloudflare.com https://js.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com https://cdn.paddle.com; style-src 'self' 'unsafe-inline' data: https://cdn.styleci.io https://cdnjs.cloudflare.com https://fonts.googleapis.com https://beacon-v2.helpscout.net https://djtflbt20bdde.cloudfront.net https://optimize.google.com https://cdn.paddle.com; img-src 'self' data: https://cdn.styleci.io https://*.gravatar.com https://d33v4339jhl8k0.cloudfront.net https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com; font-src 'self' https://cdn.styleci.io https://fonts.gstatic.com; object-src 'self' https://beacon-v2.helpscout.net; connect-src 'self' https://cdn.styleci.io https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com wss://*.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://notify.bugsnag.com https://sessions.bugsnag.com; frame-src https://js.stripe.com https://beacon-v2.helpscout.net https://optimize.google.com; media-src https://beacon-v2.helpscout.net; upgrade-insecure-requests; block-all-mixed-content;
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
179
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VESodaKwQHdJEY8u4PDLV%2Bl%2FvhDz9t%2F%2FjoojlfnnUh6wqxVdOLv6H6fef1sBlcPAL41lPqz1DOXC3crnXwMC6kj%2F2Rbo65XnM8%2BIjWMmFG0k6hFcn3ul2J6BstWH8w%3D%3D"}]}
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=300, private
x-ratelimit-limit
180
cf-ray
619e7ea73d2c4a67-FRA

Redirect headers

date
Sat, 30 Jan 2021 22:05:30 GMT
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BKB4FmLwJ8V%2FDD5%2FtRlXXP2tpGs0RpPVBt1YvOu31aml%2FbIww%2FeCUczwfcQx37URzd8dFpis5H9JFnD3tkkB0HAJJwOscMilcJerI8xhPagl10wKHwok"}]}
location
https://github.styleci.io/repos/1375774/shield?branch=master
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
619e7ea6cbca4a67-FRA
cf-request-id
07f6ed7c3900004a67f28c4000000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
app.js
www.zhp.shift.usermd.net/app/assets/ 		908 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zhp.shift.usermd.net/app/assets/app.js?id=9c62bf1d7798728d04eb
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx /
Resource Hash
019107a972612c300b19515747cd7e181257747c95bdb93371e5d1a53ae14c0b

Request headers

Referer
https://www.zhp.shift.usermd.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:29 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 01:13:13 GMT
server
nginx
accept-ranges
bytes
etag
W/"5f7a7329-e3017"
content-type
application/javascript
css
fonts.googleapis.com/ 		4 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41788b5468b9e94a3021c022020f48fe7d66e511c629051c598a1a1818081666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Jan 2021 22:05:30 GMT
server
ESF
date
Sat, 30 Jan 2021 22:05:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Jan 2021 22:05:30 GMT
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevWnsUnxg.woff2
fonts.gstatic.com/s/sourcecodepro/v13/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcecodepro/v13/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevWnsUnxg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad58bb5360bb0ac3964d9af1781d36e4e91e91be40e506bf6a174be865b7e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.zhp.shift.usermd.net
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 16:18:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:57:59 GMT
server
sffe
age
280012
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11444
x-xss-protection
0
expires
Thu, 27 Jan 2022 16:18:38 GMT
fa-solid-900.woff2
www.zhp.shift.usermd.net/app/assets/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zhp.shift.usermd.net/app/assets/webfonts/fa-solid-900.woff2
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx /
Resource Hash
6dd2553b6fc4b336faac7d73ccc1e28ab420603c77800b9c14fd8df7c4547996

Request headers

Origin
https://www.zhp.shift.usermd.net
Referer
https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:29 GMT
last-modified
Mon, 05 Oct 2020 01:13:13 GMT
server
nginx
accept-ranges
bytes, bytes
etag
"5f7a7329-13970"
content-length
80240
content-type
font/woff2
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v9/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb336575edb0a58cab890171d849936b085b91cc15ad0e1b049d94b61a1eb87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.zhp.shift.usermd.net
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 01:08:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:09:41 GMT
server
sffe
age
75421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47488
x-xss-protection
0
expires
Sun, 30 Jan 2022 01:08:29 GMT
fa-brands-400.woff2
www.zhp.shift.usermd.net/app/assets/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zhp.shift.usermd.net/app/assets/webfonts/fa-brands-400.woff2
Requested by
Host: www.zhp.shift.usermd.net
URL: https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.194.241.244 Lubartow, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web27.mydevil.net
Software
nginx /
Resource Hash
adbcd4bf0b5607ca866b6d0b17d273917eba8915e6959a3dfe20e38d53d9d4f1

Request headers

Origin
https://www.zhp.shift.usermd.net
Referer
https://www.zhp.shift.usermd.net/app/assets/app.css?id=c2c414e936f530f2adc7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 22:05:29 GMT
last-modified
Mon, 05 Oct 2020 01:13:13 GMT
server
nginx
accept-ranges
bytes, bytes
etag
"5f7a7329-13328"
content-length
78632
content-type
font/woff2
HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWnsUnxlC9.woff2
fonts.gstatic.com/s/sourcecodepro/v13/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcecodepro/v13/HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWnsUnxlC9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f1a647162ae9dad60c1660115a1cec5550920e698708efc6268c36751d53770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.zhp.shift.usermd.net
Referer
https://fonts.googleapis.com/css?family=Source+Code+Pro|Work+Sans:200,400&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 18:32:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:58:08 GMT
server
sffe
age
358352
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12096
x-xss-protection
0
expires
Wed, 26 Jan 2022 18:32:58 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| setImmediate function| clearImmediate object| regeneratorRuntime

0 Cookies