![](/screenshots/95d30fd2-3bf3-4650-9aeb-9ba86b44e30a.png)
shop.app
Open in
urlscan Pro
23.227.38.33
Public Scan
Effective URL: https://shop.app/
Submission: On October 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.
This is the only time shop.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.75.215.233 34.75.215.233 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
4 | 23.227.38.33 23.227.38.33 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2a04:4e42::268 2a04:4e42::268 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.198.248.251 104.198.248.251 | 15169 (GOOGLE) (GOOGLE) | |
28 | 4 |
ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 233.215.75.34.bc.googleusercontent.com
shop-accounts-staging.shopifycloud.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 251.248.198.104.bc.googleusercontent.com
monorail-edge.shopifysvc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
shopify.com
cdn.shopify.com |
314 KB |
4 |
shop.app
shop.app |
14 KB |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
shopifysvc.com
monorail-edge.shopifysvc.com |
471 B |
1 |
shopifycloud.com
1 redirects
shop-accounts-staging.shopifycloud.com |
452 B |
28 | 5 |
Domain | Requested by | |
---|---|---|
21 | cdn.shopify.com |
shop.app
cdn.shopify.com |
4 | shop.app |
shop.app
|
2 | www.google-analytics.com |
cdn.shopify.com
www.google-analytics.com |
1 | monorail-edge.shopifysvc.com |
cdn.shopify.com
|
1 | shop-accounts-staging.shopifycloud.com | 1 redirects |
28 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.shopify.com |
qvay.app.link |
twitter.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
shop.app R3 |
2021-09-27 - 2021-12-26 |
3 months | crt.sh |
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-20 - 2022-05-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
monorail-edge.shopifysvc.com R3 |
2021-10-04 - 2022-01-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://shop.app/
Frame ID: DA6551013DD902B2D5062B99B378F3A8
Requests: 28 HTTP requests in this frame
Screenshot
![](/screenshots/95d30fd2-3bf3-4650-9aeb-9ba86b44e30a.png)
Page Title
Shop is a new online shopping assistant that makes every part of your experience better.ShopifyOpen Main NavigationHomeClose Main NavigationPage URL History Show full URLs
-
https://shop-accounts-staging.shopifycloud.com/
HTTP 302
https://shop.app/ Page URL
Detected technologies
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Store owners
Search URL Search Domain Scan URL
Title: Download app
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: cookie policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://shop-accounts-staging.shopifycloud.com/
HTTP 302
https://shop.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shop.app/ Redirect Chain
|
31 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
shop.app/ |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-Walsheim-Bold.woff2
cdn.shopify.com/static/fonts/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-Walsheim-Regular.woff2
cdn.shopify.com/static/fonts/ |
39 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-Walsheim-Medium.woff2
cdn.shopify.com/static/fonts/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketing-6c97c7774443baf25efb994d88343d87c9af75099c0bfd3b2b10b426a22d223d.css
cdn.shopify.com/shopifycloud/arrive_website/assets/ |
162 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shop-demo-video-poster-763c8ff1bc73fe74b52c9d5dd09810db75ec32073ac2b66910e6b162291cf1ed.jpg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/ |
49 KB 50 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-ace766052676019defd41f8f869c9e7d9976d3fd79f945cd51e5b5a035480a8f.js
cdn.shopify.com/shopifycloud/arrive_website/bundles/latest/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opt-out-a670c34393a8086b371b378ef83c72b670a614caa54c4e35840eac3082b4f9b9.js
cdn.shopify.com/shopifycloud/arrive_website/bundles/latest/vendors~manifests/gift-shop~manifests/help~manifests/home~manifests/marketing~manifests/ |
125 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opt-out-560dcd3e9a61d66c6cfab025f8a91e151777916c4cccf9bccd1669156ff760e1.js
cdn.shopify.com/shopifycloud/arrive_website/bundles/latest/manifests/help~manifests/marketing~manifests/ |
14 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketing-3cb0de3b189d57e9f40883dbb64d47f022af4389a7b4d8701f60ff7d813382d2.js
cdn.shopify.com/shopifycloud/arrive_website/bundles/latest/manifests/ |
294 B 432 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
shop.app/ |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
shop.app/ |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shop-app-download-qr-code--black-a1a2828a74864698f655ecb0be8002c9382b9e79d0bf0d4e1845cb6bdeb504db.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/global/ |
30 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trekkie.arrive-website.min.js
cdn.shopify.com/s/javascripts/tricorder/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shop-pay-demo-video-abc0222e45daac15a93d10df87952796cebb98aebd44e6f959b6223ccfd449f2.mp4
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/ |
192 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shop-pay-demo-video-abc0222e45daac15a93d10df87952796cebb98aebd44e6f959b6223ccfd449f2.mp4
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/ |
34 KB 35 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
produce
monorail-edge.shopifysvc.com/v1/ |
0 471 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 202 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shop-pay-demo-video-abc0222e45daac15a93d10df87952796cebb98aebd44e6f959b6223ccfd449f2.mp4
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/ |
802 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-photo-1-small-af2715d336b494525d05e7e51be0af893f365beab776c418cdaa8cb59da5e29a.jpg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-photo-2-small-2692a98686a269550e98474908f360e3457f09294dfd77b19bb3d65d863439ca.jpg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-loop-205b243cadbbf298b0182c0f3dd7acd5cedb8ff9f817b2627032a437295c8a35.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/global/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay-7eae5c5489efc4cdfd0ebb6ea9ced410b2d8e4fba849c366da8c3296397781f9.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/icons/ |
7 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track-e94df617937144d94fd2fe840b652832f7f61f0073f4c0f0035b58faf8bfabde.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/icons/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recommend-ad84c0a6ec5f8290e090a09bc83d3808ba6f2fd2a9db739df03a7fb9f091e2a9.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/icons/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
starburst-116db1c8f96cce4201c130ca13c651610ee96ae66bc65b6787142285e8390d34.svg
cdn.shopify.com/shopifycloud/arrive_website/assets/marketing/index/icons/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp object| lazySizes object| ShopifyMarketing object| experimentFlags object| analytics object| trekkie string| GoogleAnalyticsObject function| ga object| _visit object| google_tag_data object| gaplugins object| gaGlobal object| gaData8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.shop.app/ | Name: _y Value: 6f9183c6-9536-444D-61DB-0FA7B597CA85 |
|
.shop.app/ | Name: _shopify_y Value: 6f9183c6-9536-444D-61DB-0FA7B597CA85 |
|
.shop.app/ | Name: _s Value: 6f9183d1-DA96-4624-A573-74B7F126CE08 |
|
.shop.app/ | Name: _shopify_s Value: 6f9183d1-DA96-4624-A573-74B7F126CE08 |
|
shop.app/ | Name: _session_id Value: qvFWLHjYTIa41IjzfvoN9WFZ3iDsbTNkZDqvea2vdwY913C8Z%2BYdMSlpWb%2FYGyWKqG6pvG3Y7e%2FduNI6G%2FmUNB8L9FW5hJOTA%2B1jXxmVRDC2OJZmGCk%2BnF9Vok4IamkHkoTmEr0WykuS42xkf5yWb%2B2qvmayh6DCc8JuVdOsoMUtxfnGfLI4Md%2BtNMxRyu1r5SLUQbRu6CxdtYzNYob7rTTrASXVo4ULDVOILq75A0%2Bt--eGA4SlX6KhfjB%2Bal--LjT3kdBbzsG3ewBbE8Gn%2BQ%3D%3D |
|
.shop.app/ | Name: _ga Value: GA1.2.551937859.1633959379 |
|
.shop.app/ | Name: _gid Value: GA1.2.73191132.1633959379 |
|
.shop.app/ | Name: _gat Value: 1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'none'; font-src 'self' https: data:; child-src blob:; script-src 'self' blob: cdn.shopify.com cdnjs.cloudflare.com d2wy8f7a9ursnm.cloudfront.net fast.wistia.com v.shopify.com www.google-analytics.com maps.googleapis.com arrive-server.shopifycloud.com www.recaptcha.net www.google.com www.gstatic.com 'nonce-/GcDhkqAjihKAncTuvgzyw=='; style-src 'self' 'unsafe-inline' cdn.shopify.com sdks.shopifycdn.com fonts.googleapis.com; media-src 'self' blob: data: cdn.shopify.com embedwistia-a.akamaihd.net; img-src 'self' data: blob: api.mapbox.com cdn.shopify.com embedwistia-a.akamaihd.net fast.wistia.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com www.google-analytics.com maps.googleapis.com maps.gstatic.com; connect-src 'self' https: api.mapbox.com distillery.wistia.com events.mapbox.com monorail-edge.shopifysvc.com pipedream.wistia.com *.bugsnag.com arrive-server.shopifycloud.com; frame-src fast.wistia.com www.google.com www.gstatic.com www.recaptcha.net; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=ArriveWebsite&source%5Bcontroller%5D=marketing&source%5Buuid%5D=3ee1b2c5-86df-4cab-ad3d-d594d05df5b4 |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=ArriveWebsite&source%5Bcontroller%5D=marketing&source%5Buuid%5D=3ee1b2c5-86df-4cab-ad3d-d594d05df5b4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.shopify.com
monorail-edge.shopifysvc.com
shop-accounts-staging.shopifycloud.com
shop.app
www.google-analytics.com
104.198.248.251
23.227.38.33
2a00:1450:4001:811::200e
2a04:4e42::268
34.75.215.233
0d62bfb40d1ed02c1bf920ae6ffc31b3c4d1b11e7a72bdae151c5c66c34c4058
116db1c8f96cce4201c130ca13c651610ee96ae66bc65b6787142285e8390d34
205b243cadbbf298b0182c0f3dd7acd5cedb8ff9f817b2627032a437295c8a35
2d17d73f4916bac340a842ee2d67fad8d2ded5d6c6f21a2d0e59b1648345ef8e
3cb0de3b189d57e9f40883dbb64d47f022af4389a7b4d8701f60ff7d813382d2
560dcd3e9a61d66c6cfab025f8a91e151777916c4cccf9bccd1669156ff760e1
7b5528f274e5b54db26f80bbcf466ca3c5a227671c893749437771df59f6253d
7eae5c5489efc4cdfd0ebb6ea9ced410b2d8e4fba849c366da8c3296397781f9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1a2828a74864698f655ecb0be8002c9382b9e79d0bf0d4e1845cb6bdeb504db
a670c34393a8086b371b378ef83c72b670a614caa54c4e35840eac3082b4f9b9
ace766052676019defd41f8f869c9e7d9976d3fd79f945cd51e5b5a035480a8f
ad84c0a6ec5f8290e090a09bc83d3808ba6f2fd2a9db739df03a7fb9f091e2a9
b095a1bad0266d732ac092531ffd7c2c4f12aa78e3fc938bd7b16352843fc120
b6e0b2d46babb9e132be2ebe797f6fbaacb142f76fad2bfc79fc47b175353f91
d5833892a75ef71b7fad7d1ca40d9ab88651fd8c80023476718dfd5d6fbbbeff
d5ab0311ce5ef91c83710164c5674dda2796ebb703a7a6441f0d77c9b2779a1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94df617937144d94fd2fe840b652832f7f61f0073f4c0f0035b58faf8bfabde
ed71b71d28bf55a702ed6e7db958a6d82cf23f28e6a2a777e285d9aaef5ae398
f1ed19f850a7ae27b423697a041cec917463bb14b7f3302c4224b012c1852afd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffdf3844c101f103b21a4be4e8617f0b3a9d29ef185e0a723e826abfec2236dd