urlscan.io logo urlscan.io
SecurityTrails logo

shielded.app Open in urlscan Pro
139.180.168.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://covidaustralia.app/
Effective URL: https://shielded.app/
Submission: On July 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 19 HTTP transactions. The main IP is 139.180.168.114, located in Brisbane, Australia and belongs to AS-CHOOPA, US. The main domain is shielded.app.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 5th 2020. Valid for: 3 months.
This is the only time shielded.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
8 139.180.168.114 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.197.61.0 24226 (CATALYST-...)
2 13.35.254.20 16509 (AMAZON-02)
2 151.139.128.8 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 9
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
covidaustralia.app
8    139.180.168.114 (Brisbane, Australia)

ASN20473 (AS-CHOOPA, US)
PTR: 139.180.168.114.vultr.com
shielded.app
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    103.197.61.0 (New Zealand)

ASN24226 (CATALYST-NZ Catalyst.Net Ltd, NZ)
PTR: h61-0.catalyst.net.nz
api.addressfinder.io
2    13.35.254.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-20.fra6.r.cloudfront.net
js.stripe.com
2    151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
kit.fontawesome.com
kit-free.fontawesome.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3036::ac43:9e2a (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
8 shielded.app shielded.app
2 rsms.me shielded.app
2 js.stripe.com shielded.app
js.stripe.com
1 kit-free.fontawesome.com kit.fontawesome.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com shielded.app
1 cdnjs.cloudflare.com shielded.app
1 kit.fontawesome.com shielded.app
1 api.addressfinder.io shielded.app
1 www.googletagmanager.com shielded.app
1 covidaustralia.app 1 redirects
19 11

This site contains no links.

Subject Issuer Validity Valid
shielded.app
Let's Encrypt Authority X3		 2020-06-05 -
2020-09-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
api.addressfinder.net
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2020-11-26		 6 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-07 -
2020-10-08		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://shielded.app/
Frame ID: C9156B2CEC16C9090997B837CC1A4F49
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
Frame ID: 86DB43DFDB0BCA783C6112BEFF4D5E80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://covidaustralia.app/ HTTP 302
    https://shielded.app/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

9
IPs

4
Countries

1195 kB
Transfer

2810 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://covidaustralia.app/ HTTP 302
    https://shielded.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shielded.app/
Redirect Chain
  • https://covidaustralia.app/
  • https://shielded.app/
35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger 6.0.4
Resource Hash
7e4de7a5b114d7ad9591efefb5638d87c41f015ea50ad2e68dd4f00cb0f79ae5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
shielded.app
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200 200 OK
server
nginx/1.14.0 (Ubuntu)
date
Tue, 21 Jul 2020 04:56:24 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6b9cd7a4-1200-4300-9050-a1d9f9bf094c
x-download-options
noopen
etag
W/"7e4de7a5b114d7ad9591efefb5638d87"
x-frame-options
SAMEORIGIN
x-runtime
0.026319
x-content-type-options
nosniff
set-cookie
_jumpstart_app_session=imZvQZB0xsjxiuEYAWSJOPRKJgEo3SmzRaEbG3qv8VJbnDOqZH2yVMk5XY%2FVB83VhWKpes2KFFlLlQTaWSoVcnU6o0gURGfAGZtljv%2FG7y0yh%2F3K0N%2Fm%2F0Pg8ciIDEtUKNj4EEYhXy%2Fl3S3EOwnx8fjjciy0dzmrNPCbCyQ3w%2BAAUsCtUQuLn4f32D4aJIJ4U1UjtiALb%2B1xd%2FgUlW2V9wNeXzPQ94WwEHj4qEGMFl8LRyV3JgQ0hsYJyDZFNvVkzclbiJnSGzD7BzT%2Fy9spvc1RD2kn8eHQLiEQFB50--NXYBW3TM%2F8rCqw8P--a2z7h7ar5KX6bWxfNdVqjw%3D%3D; path=/; HttpOnly
x-powered-by
Phusion Passenger 6.0.4
content-encoding
gzip
strict-transport-security
max-age=15768000

Redirect headers

status
302
location
https://shielded.app
date
Tue, 21 Jul 2020 04:56:23 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
217
x-xss-protection
0
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1QGQ58013B
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
caed6a8ead1e89a8c2e7af7972e589698ae3d750f47c5b898824a42f1d4c1f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46525
x-xss-protection
0
expires
Tue, 21 Jul 2020 04:56:24 GMT
widget.js
api.addressfinder.io/assets/v3/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.addressfinder.io/assets/v3/widget.js
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.197.61.0 , New Zealand, ASN24226 (CATALYST-NZ Catalyst.Net Ltd, NZ),
Reverse DNS
h61-0.catalyst.net.nz
Software
nginx /
Resource Hash
684f57141073139392c9cbd3d3a7db83d6a7762e7c905e3f198c2e91f14dc38f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 22:07:43 GMT
server
nginx
etag
W/"5f0f7e2f-14e32"
strict-transport-security
max-age=63072000
content-type
application/javascript
status
200
application-dc01c787bbdcd8fce610.js
shielded.app/packs/js/ 		1 MB
327 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shielded.app/packs/js/application-dc01c787bbdcd8fce610.js
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
300f87062f12c7d2ff4c7fb4e977b9968b69ca43aeb99086f046b55d26860fa7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 04:08:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166a3a-519a7"
strict-transport-security
max-age=15768000
content-type
application/javascript
status
200
cache-control
max-age=315360000
content-length
334247
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-c24eb0f4.css
shielded.app/packs/css/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shielded.app/packs/css/application-c24eb0f4.css
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7b6570966a31d3040a95cf42408c40968607a945a354a65a15b3b3a7c1a01b60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 04:08:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166a3a-4156"
strict-transport-security
max-age=15768000
content-type
text/css
status
200
cache-control
max-age=315360000
content-length
16726
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-d0ff5974b6aa52cf562bea5921840c032a860a91a3512f7fe8f768f6bbe005f6.css
shielded.app/assets/ 		0
249 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shielded.app/assets/application-d0ff5974b6aa52cf562bea5921840c032a860a91a3512f7fe8f768f6bbe005f6.css
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
gzip
last-modified
Fri, 05 Jun 2020 21:57:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5edabfd1-14"
strict-transport-security
max-age=15768000
content-type
text/css
status
200
cache-control
max-age=315360000
content-length
20
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
js.stripe.com/v3/ 		174 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-20.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec767845487beb348ae05ff9a654c4512d8ac845d67ec201ab3d40e6329a6502
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:54:04 GMT
content-encoding
gzip
vary
Accept-Encoding
age
142
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
status
200
x-amz-request-id
44CA349A4E6015A2
x-amz-id-2
hTkO5grbGW3yWyyzdL/GJCjiqMLFrsdgY71WaXv9ZdkhNulyVvTzpUnt3m8mKdiZ7Hsrn7IaEJs=
last-modified
Fri, 17 Jul 2020 18:47:34 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
UaCcEukg-Tjbw1YzomM0YIPFfRqJXzYRWt8yawBksaAT1LDtLPqYAw==
0e5ab6a736.js
kit.fontawesome.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0e5ab6a736.js
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
abb5bd15194e92cd70cdd989548e4a99fb1820340671d02f9014e43859c0de76

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 15:53:17 GMT
status
200
etag
"4a5f585d9d19129fc57de7f728c37f88"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1595307384.cds100.am5.hn,1595307384.cds087.am5.sc,1595307384.cds087.am5.pr
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
content-length
1727
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6416490
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
041153f65f0000c29a12176200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 07 May 2020 16:46:10 GMT
server
cloudflare
etag
W/"5eb43b52-11848"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b6255d09deec29a-FRA
expires
Sun, 11 Jul 2021 04:56:24 GMT
css
fonts.googleapis.com/ 		811 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
459d42936208b68b896f3a080deebab3aff9d449324c82a536fdc9473c06e456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Jul 2020 04:56:24 GMT
server
ESF
date
Tue, 21 Jul 2020 04:56:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Jul 2020 04:56:24 GMT
inter.css
rsms.me/inter/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9f46869a3152318e72ebc6ce476eec6ee0b7789ca8d29c5645eb21ad28f845

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
4891a5fdce8cd2b5f526c7870f8f43345ffaba21
date
Tue, 21 Jul 2020 04:56:24 GMT
via
1.1 varnish
cf-cache-status
HIT
age
551
x-cache
HIT
status
200
x-cache-hits
1
content-encoding
br
x-origin-cache
HIT
cf-request-id
041153f6770000c2860ca56200000001
x-served-by
cache-fra19163-FRA
last-modified
Sun, 28 Jun 2020 21:25:12 GMT
server
cloudflare
x-github-request-id
E60A:2A69:636660:7BD574:5EF90B43
x-timer
S1593379959.211037,VS0,VE1
etag
W/"5ef90ab8-17ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5b6255d0bc36c286-FRA
x-proxy-cache
HIT
expires
Sun, 19 Jul 2020 17:56:18 GMT
shielded-logo.svg
shielded.app/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shielded.app/shielded-logo.svg
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
96a8a2d6fd53f77130063359e35d030969df801d1c0452fd1b4c21ffc5e8b909
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:25 GMT
last-modified
Tue, 21 Jul 2020 04:04:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166952-694"
strict-transport-security
max-age=15768000
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
1684
happy-owner2.png
shielded.app/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shielded.app/happy-owner2.png
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
272eac2c9c4d616f16b3e0e4cc0b68ed8b04d151c1002f5d58fb88efed649734
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:25 GMT
last-modified
Tue, 21 Jul 2020 04:04:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166952-2f6be"
strict-transport-security
max-age=15768000
content-type
image/png
status
200
accept-ranges
bytes
content-length
194238
form.png
shielded.app/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shielded.app/form.png
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
209094d36a4a40f3fb8219fce0cb4bd7b6e033bd518eef7a5cd82cd8f2388dd1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:26 GMT
last-modified
Tue, 21 Jul 2020 04:04:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166952-32f30"
strict-transport-security
max-age=15768000
content-type
image/png
status
200
accept-ranges
bytes
content-length
208688
collect
www.google-analytics.com/g/ 		0
70 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1QGQ58013B&gtm=2oe783&_p=1523825818&sr=1600x1200&ul=en-us&cid=559410776.1595307384&_s=1&dl=https%3A%2F%2Fshielded.app%2F&dr=&dt=Shielded%20-%20Health%20Declaration%20App&sid=1595307384&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1QGQ58013B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Jul 2020 04:56:24 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://shielded.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
signage.jpg
shielded.app/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shielded.app/signage.jpg
Requested by
Host: shielded.app
URL: https://shielded.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.180.168.114 Brisbane, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.168.114.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
abef6b6ee718fc16da01e68649d58d3c82adeba74ccc6406f34a95f0e0c59aa0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:26 GMT
last-modified
Tue, 21 Jul 2020 04:04:34 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f166952-15cd0"
strict-transport-security
max-age=15768000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
89296
Inter-roman.var.woff2
rsms.me/inter/font-files/ 		221 KB
222 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?3.13
Requested by
Host: shielded.app
URL: https://shielded.app/packs/js/application-dc01c787bbdcd8fce610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613080794c521eaf685a98b59678c04ca64af12127578e612d030df3c62e9e3a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rsms.me/inter/inter.css
Origin
https://shielded.app

Response headers

x-fastly-request-id
ea038282774b584a9b6c2759f93911a5b3417442
date
Tue, 21 Jul 2020 04:56:25 GMT
via
1.1 varnish
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
1
x-origin-cache
HIT
content-length
225996
cf-request-id
041153fc4200002fa551bad200000001
x-served-by
cache-fra19146-FRA
last-modified
Sun, 28 Jun 2020 21:25:06 GMT
server
cloudflare
x-github-request-id
669A:6823:2C96C3:37E7F9:5F163BAF
x-timer
S1595307386.933261,VS0,VE2
etag
"5ef90ab2-372cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
5b6255da09e92fa5-FRA
x-proxy-cache
HIT
expires
Tue, 21 Jul 2020 00:50:44 GMT
m-outer-090169779cdf49fad5ab0e59c999f664.html
js.stripe.com/v3/ Frame 86DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-20.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shielded.app/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://shielded.app/

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
238
x-amz-id-2
JV2Qorj2mSV6JPFzsekO1473FJ7eCiCeml5MW6BjBK28WtJaQUZrdNip5SfJbEbrkyAx8e7IjlU=
x-amz-request-id
ADA851367EBEAAD0
last-modified
Wed, 08 Jul 2020 20:32:02 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Tue, 21 Jul 2020 04:55:59 GMT
etag
"090169779cdf49fad5ab0e59c999f664"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
8FVUKQf00tTs169FBIRwa0AhuVvw50JL9J1p2VRlhuZYSjsqN3GGJg==
age
28
free.min.css
kit-free.fontawesome.com/releases/latest/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0e5ab6a736.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88

Request headers

Referer
https://shielded.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 04:56:26 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2020 17:35:37 GMT
status
200
etag
"1594834537"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1595307386.cds100.am5.hn,1595307386.cds243.am5.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
content-length
13623

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal function| __assign object| AddressFinder object| regeneratorRuntime object| Alpine object| __core-js_shared__ function| flatpickr function| setImmediate function| clearImmediate object| Rails object| Turbolinks object| Chartkick function| Color function| Chart boolean| _rails_loaded object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString function| Stripe function| goToSignup boolean| showMobileMenu object| hamburger object| close_button object| mobile_menu function| toggleMobileMenu function| onYouTubeIframeAPIReady

6 Cookies

Domain/Path Name / Value
shielded.app/ Name: browser_time_zone
Value: Europe/Berlin
.shielded.app/ Name: __stripe_mid
Value: efcbdc06-4999-4937-a201-d9edc04c53ab
shielded.app/ Name: _jumpstart_app_session
Value: imZvQZB0xsjxiuEYAWSJOPRKJgEo3SmzRaEbG3qv8VJbnDOqZH2yVMk5XY%2FVB83VhWKpes2KFFlLlQTaWSoVcnU6o0gURGfAGZtljv%2FG7y0yh%2F3K0N%2Fm%2F0Pg8ciIDEtUKNj4EEYhXy%2Fl3S3EOwnx8fjjciy0dzmrNPCbCyQ3w%2BAAUsCtUQuLn4f32D4aJIJ4U1UjtiALb%2B1xd%2FgUlW2V9wNeXzPQ94WwEHj4qEGMFl8LRyV3JgQ0hsYJyDZFNvVkzclbiJnSGzD7BzT%2Fy9spvc1RD2kn8eHQLiEQFB50--NXYBW3TM%2F8rCqw8P--a2z7h7ar5KX6bWxfNdVqjw%3D%3D
.shielded.app/ Name: _ga_1QGQ58013B
Value: GS1.1.1595307384.1.0.1595307384.0
.shielded.app/ Name: _ga
Value: GA1.1.559410776.1595307384
.shielded.app/ Name: __stripe_sid
Value: 6bf8da63-458c-47a6-beb2-281c32c326b0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.addressfinder.io
cdnjs.cloudflare.com
covidaustralia.app
fonts.googleapis.com
js.stripe.com
kit-free.fontawesome.com
kit.fontawesome.com
rsms.me
shielded.app
www.google-analytics.com
www.googletagmanager.com
103.197.61.0
13.35.254.20
139.180.168.114
151.139.128.8
2001:4860:4802:36::15
2606:4700:3036::ac43:9e2a
2606:4700::6810:85e5
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
2a00:1450:4001:819::200a
1f9f46869a3152318e72ebc6ce476eec6ee0b7789ca8d29c5645eb21ad28f845
209094d36a4a40f3fb8219fce0cb4bd7b6e033bd518eef7a5cd82cd8f2388dd1
272eac2c9c4d616f16b3e0e4cc0b68ed8b04d151c1002f5d58fb88efed649734
2ee7d7bd8d1d9bfc925f53386e4b0ab58883361cf2f5177c91ef778895a98b88
300f87062f12c7d2ff4c7fb4e977b9968b69ca43aeb99086f046b55d26860fa7
459d42936208b68b896f3a080deebab3aff9d449324c82a536fdc9473c06e456
613080794c521eaf685a98b59678c04ca64af12127578e612d030df3c62e9e3a
684f57141073139392c9cbd3d3a7db83d6a7762e7c905e3f198c2e91f14dc38f
7b6570966a31d3040a95cf42408c40968607a945a354a65a15b3b3a7c1a01b60
7e4de7a5b114d7ad9591efefb5638d87c41f015ea50ad2e68dd4f00cb0f79ae5
96a8a2d6fd53f77130063359e35d030969df801d1c0452fd1b4c21ffc5e8b909
abb5bd15194e92cd70cdd989548e4a99fb1820340671d02f9014e43859c0de76
abef6b6ee718fc16da01e68649d58d3c82adeba74ccc6406f34a95f0e0c59aa0
caed6a8ead1e89a8c2e7af7972e589698ae3d750f47c5b898824a42f1d4c1f35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
ec767845487beb348ae05ff9a654c4512d8ac845d67ec201ab3d40e6329a6502