All shieldsup does is a port scan against your public IP address, which is more often than not the IP address your ISP gives your router (unless you have some non standard setup like a business line or your own IP address assignment to hand out inside your border) … So chances are high that you and GRC are just scanning your router for open ports.