urlscan.io logo urlscan.io
SecurityTrails logo

app.thefox.ai Open in urlscan Pro
15.197.216.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.thefox.ai/
Effective URL: https://app.thefox.ai/login
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 15.197.216.40, located in United States and belongs to AMAZON-02, US. The main domain is app.thefox.ai.
TLS certificate: Issued by R3 on December 20th 2023. Valid for: 3 months.
This is the only time app.thefox.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 15.197.216.40 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.227.219.58 16509 (AMAZON-02)
1 13.32.27.116 16509 (AMAZON-02)
1 2600:9000:248... 16509 (AMAZON-02)
1 3.227.151.68 14618 (AMAZON-AES)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 44.228.215.240 16509 (AMAZON-02)
1 13.32.27.94 16509 (AMAZON-02)
2 18.66.147.43 16509 (AMAZON-02)
30 11
16    15.197.216.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa78d2725671e3d37.awsglobalaccelerator.com
app.thefox.ai
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.227.219.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-58.ams54.r.cloudfront.net
js.stripe.com
1    13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net
cdn.heapanalytics.com
1    2600:9000:248d:9e00:1a:830e:e000:21 (United States)

ASN16509 (AMAZON-02, US)
d3nauzviflkfb4.cloudfront.net
1    3.227.151.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-151-68.compute-1.amazonaws.com
heapanalytics.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2057:d600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com
m.stripe.com
1    13.32.27.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-94.fra56.r.cloudfront.net
widget.intercom.io
2    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
16 thefox.ai
app.thefox.ai
326 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1282
q.stripe.com — Cisco Umbrella Rank: 7730
m.stripe.com — Cisco Umbrella Rank: 1245
148 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2136
274 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1361
18 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 878
heapanalytics.com — Cisco Umbrella Rank: 784
37 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1721
3 KB
1 cloudfront.net
d3nauzviflkfb4.cloudfront.net
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
30 8
Domain Requested by
16 app.thefox.ai 2 redirects app.thefox.ai
3 q.stripe.com app.thefox.ai
3 js.stripe.com app.thefox.ai
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 m.stripe.network js.stripe.com
m.stripe.network
1 widget.intercom.io app.thefox.ai
1 m.stripe.com m.stripe.network
1 heapanalytics.com app.thefox.ai
1 d3nauzviflkfb4.cloudfront.net app.thefox.ai
1 cdn.heapanalytics.com app.thefox.ai
1 fonts.googleapis.com app.thefox.ai
30 11

This site contains no links.

Subject Issuer Validity Valid
app.thefox.ai
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.thefox.ai/login
Frame ID: 29A13905108280444B9477F2D807B763
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 7C5FDF6395465756AE19C66EE981815E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 73BF5987F8B6A92CA66ADBC9CA3CD06D
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.5a8623c7.js
Frame ID: DD5C61724E51C0CF6B2268E7ECB658A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - The Fox

Page URL History Show full URLs

  1. http://app.thefox.ai/ HTTP 308
    https://app.thefox.ai/ HTTP 302
    https://app.thefox.ai/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

30
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

819 kB
Transfer

2910 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.thefox.ai/ HTTP 308
    https://app.thefox.ai/ HTTP 302
    https://app.thefox.ai/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.thefox.ai/
Redirect Chain
  • http://app.thefox.ai/
  • https://app.thefox.ai/
  • https://app.thefox.ai/login
158 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy nginx /
Resource Hash
fa8f2dda873b2c5d60af461147dd5c6eb0d363d13b6c55165661324bbf5e68f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 20:02:26 GMT
server
Caddy nginx
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-length
354
content-type
text/html; charset=UTF-8
date
Wed, 20 Dec 2023 20:02:26 GMT
location
https://app.thefox.ai/login
server
Caddy nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 18:52:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Dec 2023 20:02:26 GMT
/
js.stripe.com/v3/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bed4ed406073398f8e51812a543b3c5994642624f948b20d407d801fbaf4aeab
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:19 GMT
content-encoding
br
via
1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
8
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 19:02:37 GMT
server
Cloudfront
etag
W/"18c673a7660d3e6fbaca6b286e3a557e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
5brr-czq8wKOIBckEl7D_6nZpbpv3UwHbg1zw8OAfxPK7-ktVJFutg==
app.4096128d.css
app.thefox.ai/build/assets/ 		150 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/app.4096128d.css
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
4096128d311cb7e924e3563257e6b4cd03aa53be29ddcb7f31f5596c3456e5ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:31 GMT
server
Caddy, nginx
etag
W/"6580a683-2572a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
app.ccf1da8e.js
app.thefox.ai/build/assets/ 		771 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/app.ccf1da8e.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
47fac8916064722f6e7b398642399bde3f70e12dd150f141f3ba7d8cdeb8edfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-c0b37"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
Login.b61a5d50.js
app.thefox.ai/build/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/Login.b61a5d50.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
553e87afead15de08abb981d8a25fc9100cb86bc3e92f3fbdc9ac1df14a3b87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-bfa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
1351
x-xss-protection
1; mode=block
BaseButton.dc215a9f.js
app.thefox.ai/build/assets/ 		908 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/BaseButton.dc215a9f.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
1fd841c191217346b696a3f949345d3155ed79209f805e73b32a3a9c59816818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-38c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
485
x-xss-protection
1; mode=block
BaseInput.63c95bba.js
app.thefox.ai/build/assets/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/BaseInput.63c95bba.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
532237f6909103a9f0451ea9115330ab020ef35d3e363432367c75d81b37ce98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-5f9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
800
x-xss-protection
1; mode=block
Checkbox.a51f6b68.js
app.thefox.ai/build/assets/ 		576 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/Checkbox.a51f6b68.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
b9512e6d9c8dff398370fdc090d9ab256a0de9c012a2b5039d9bd9e9d491daf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-240"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
382
x-xss-protection
1; mode=block
Label.63a1a134.js
app.thefox.ai/build/assets/ 		332 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/Label.63a1a134.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
53d4423261f5656ae3ec285b0d16a40adae82ee14ab73bc6846155dd554be5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-14c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
258
x-xss-protection
1; mode=block
ValidationErrors.0dceda4b.js
app.thefox.ai/build/assets/ 		518 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/ValidationErrors.0dceda4b.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
39daa5732c9a2d6b2a251d575b59cb3a89b90a02f7dbc53eddfdf3329e0c842a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-206"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
364
x-xss-protection
1; mode=block
GuestLayout.4cd678be.js
app.thefox.ai/build/assets/ 		613 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/GuestLayout.4cd678be.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
3d2690d6b01d4aadf96e7e29ea0a6f0c8ab69e14305e7265e5a471771da74343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-265"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
428
x-xss-protection
1; mode=block
functions.8dce19eb.js
app.thefox.ai/build/assets/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/functions.8dce19eb.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
dc72011ade220556c3ed1799e5548ce7eff2ecc9ccb97079be147049b72cb380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-12cd9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
modelWrapper.3535887a.js
app.thefox.ai/build/assets/ 		136 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/modelWrapper.3535887a.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
b6ed6e18ca6f0c9e4cfb81c9fdfdfd9166a1498f4437ca8d18b70b9b6814d7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
"6580a682-88"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
136
x-xss-protection
1; mode=block
ExclamationCircleIcon.3e54fdde.js
app.thefox.ai/build/assets/ 		378 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/ExclamationCircleIcon.3e54fdde.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
375e9199a489471f09c01f28d315b73a0d458b0c24fa6436801dc337ec3b3ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-17a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
277
x-xss-protection
1; mode=block
ApplicationLogo.e8dcfa73.js
app.thefox.ai/build/assets/ 		800 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.thefox.ai/build/assets/ApplicationLogo.e8dcfa73.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
88c1e7f184c5ed2a405ac99e16cd1dbf7850dd21f2e6ffe23ef529667896e3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.thefox.ai/login
Origin
https://app.thefox.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 20:07:30 GMT
server
Caddy, nginx
etag
W/"6580a682-320"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
447
x-xss-protection
1; mode=block
heap-800375789.js
cdn.heapanalytics.com/js/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-800375789.js
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-116.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
9d2ed5619a02a96288224ed042c2d83206a972d57da6b296d1e49db224074ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:01:41 GMT
content-encoding
br
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-C2
age
46
x-powered-by
Express
etag
W/"1c869-miZL4gQ8TJZzCx1fexmN4P0iw4Y"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
4su4TIKH54V7Tn8uEJ07v-FWW5Zauqc4_tnLR_qRpA55P-uMdjYcCg==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 7C5F 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.thefox.ai/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
611
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 20 Dec 2023 19:52:17 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Thu, 14 Dec 2023 21:10:54 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-id
30qTCd6u_HqQroQIWA3rdVeYVWHto-i6Xo_U6-X8vof1GE5N4h1rPg==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ce30831a-f423-4b89-b668-e53cad5a522a.png
d3nauzviflkfb4.cloudfront.net/tenants/afe12a16-d51d-4003-b31e-78b5874078d9/branding/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nauzviflkfb4.cloudfront.net/tenants/afe12a16-d51d-4003-b31e-78b5874078d9/branding/ce30831a-f423-4b89-b668-e53cad5a522a.png
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:248d:9e00:1a:830e:e000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac5801e3494e5340d73ecb42e2efd6f8fee4b793dee00f3f26f3ca0d59379217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 20:02:28 GMT
via
1.1 8b43c21f9c34b66c25937255407175e0.cloudfront.net (CloudFront)
last-modified
Tue, 28 Nov 2023 17:01:08 GMT
server
AmazonS3
x-amz-cf-pop
MXP64-P2
etag
"982ece99bbde35085a0a5ef338b4a289"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12298
x-amz-cf-id
9h4R2sutrmAQy5o6zppR8jkCQbL1Vl9parK5ZtRQ2hFJHy23xbj3VQ==
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=800375789&u=1502083113318330&v=3913861803334825&s=5422995888178697&b=web&tv=4.0&z=0&h=%2Flogin&d=app.thefox.ai&t=Log%20in%20-%20The%20Fox&ts=1703102547285&st=1703102547294
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.151.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-151-68.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Dec 2023 20:02:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 7C5F 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:43:54 GMT
via
1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1114
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Mon, 18 Dec 2023 21:17:08 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PxqidPIvkE8EFFkSWu-e-y1aEshlEfe5SB6MvTm3pPQ2nQkwCPCefg==
csp-report
q.stripe.com/ Frame 7C5F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Dec 2023 20:02:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703102548096637
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1703102548096338
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7C5F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Dec 2023 20:02:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703102548096603
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1703102548096310
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 73BF 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
121
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 20 Dec 2023 20:00:26 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-id
F-2I7PyKl_P6KmmZL-vpNEtao5Qq9TbKQJOXbTluoXcnIFI4aDPENA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 73BF 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Dec 2023 20:02:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703102548096957
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1703102548096485
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 73BF 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 19:58:04 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
263
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
a1OF97ErrZLvFue-eo4BsmPWS8jH9ilXgfhmVfkepdXBOlyy91q9oA==
6
m.stripe.com/ Frame 73BF 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-215-240.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
75c80349a3aafdd890ae9d6782e773fed75740891f21ac3d4d966aa77a7d5702
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 20 Dec 2023 20:02:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1703102548449017
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1703102548447762
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
wdiadoi8
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/wdiadoi8
Requested by
Host: app.thefox.ai
URL: https://app.thefox.ai/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6271f8b027de5133d6474716f399fc0c7bd0640f6d0f64a46ef7791c9a1fdee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.thefox.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
RwgDIXYOjG8tC_fKJrvT5Fl0iyEMNC_A
content-encoding
gzip
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 19:59:04 GMT
x-amz-cf-pop
FRA56-C2
age
205
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Wed, 20 Dec 2023 09:33:45 GMT
server
AmazonS3
etag
"037413f54b2aff08f2f74d04babc5e2a"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
4uy0HkfgRaIdtz3SLOxMAvZDEeLsHMf92QGvHkak95yr1-3Ajy1nxQ==
frame-modern.5a8623c7.js
js.intercomcdn.com/ Frame DD5C 		515 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.5a8623c7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wdiadoi8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c4379f16e8d0581236ce678a8cc9579a9bd6803e56c137025b9a81584af9603e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vhKSazZy3IBGMHadg0y0cl9glkAzyt.h
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 19:33:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1720
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145469
last-modified
Wed, 20 Dec 2023 09:31:27 GMT
server
AmazonS3
etag
"80eb30bb86556204cc7512e950ca57e5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
w9I10W4rQNp0-Xxczq5_HMkKtLEm2iXoD8bqxVJc2WZIOM9JdgTO3A==
vendor-modern.fd24ef3b.js
js.intercomcdn.com/ Frame DD5C 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.fd24ef3b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wdiadoi8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8339c637a3a2eabf451ab99b744c3474a0005d8fea01ee1d3bb45e7944bd41a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MUOzDacNeuojZMfAw7kFCyUM6KNkma7X
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Wed, 20 Dec 2023 19:47:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
905
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133796
last-modified
Mon, 18 Dec 2023 17:06:05 GMT
server
AmazonS3
etag
"274f07603cdf2b0e0ecdf767a2e42fa9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
m0wt9vGkOhMhpdEBc2C-qfZb7rE8QMmgSB6bJvu0dwbD6jJUW0jfPQ==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| route object| _translations string| _currentLocale object| heap function| Intercom object| webpackChunkStripeJSouter function| noop function| Stripe function| Pusher function| _ function| axios object| Vapor object| Echo object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ function| __intercomAssignLocation function| __intercomReloadLocation

7 Cookies

Domain/Path Name / Value
app.thefox.ai/ Name: XSRF-TOKEN
Value: eyJpdiI6ImlBUFo0bE5kbDkvVmNIK1MvelBkR3c9PSIsInZhbHVlIjoibm41QmxOSG01QjVuUnh3bndDM2cwWTFoWktYRWxtZncwSTZPUXhvZTYxcndTSUk0SEh2NXA1YVFhVWE0N3cybHAxck1VL3dyY2R6NG5yazZHU2FEZGVBeVMrUHEySUNzUVlBL2F2U1Rrc1RWVVprZTFmbkt3Z2plalVBRjQzTFIiLCJtYWMiOiI5NzRiYjQ4ZTJjNTc3NDNhYjNhZjU2MTgxNDM4NWFiNzY1OGFiN2MyMDQzNzQ0NjQ3N2ExNjQ5MTE0MDgyNmRmIiwidGFnIjoiIn0%3D
app.thefox.ai/ Name: manyrequests_session
Value: eyJpdiI6IjBOaWYxa1RPSUNNdTlOYy9pQUt0UXc9PSIsInZhbHVlIjoiS203QitSZW81alRXeFc2RndzU0I3R0VHdVN4Y0dUcFVveDJWV1BRU2NBaHBiNWZJbEo3QmNTRENWTjYrUFVNZHM2V2IrdVJ5M2NJTVNZejhsWVQrYjRzZWk2c0Z4THBseTdBWjA0NlYyK2sxWVBoZWpqV2ZtMndlN3hIRWxhSXYiLCJtYWMiOiI3MWExYzljOTQzMWQ3NGY5NDgwM2U4MzhiNzBjN2FhZjRiZDdhMjY5NzU3NGVmNjJhOTlmZTU2NWVlZDYxNmFiIiwidGFnIjoiIn0%3D
.thefox.ai/ Name: _hp2_id.800375789
Value: %7B%22userId%22%3A%221502083113318330%22%2C%22pageviewId%22%3A%223913861803334825%22%2C%22sessionId%22%3A%225422995888178697%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.thefox.ai/ Name: _hp2_ses_props.800375789
Value: %7B%22ts%22%3A1703102547285%2C%22d%22%3A%22app.thefox.ai%22%2C%22h%22%3A%22%2Flogin%22%7D
m.stripe.com/ Name: m
Value: ac5840a0-7593-48ee-85ad-ad1caa73fe86be7356
.app.thefox.ai/ Name: __stripe_mid
Value: c577068d-ecdf-4475-b39c-44c986efe55e426ad1
.app.thefox.ai/ Name: __stripe_sid
Value: 7f6816de-ed8e-4400-82a5-8341c0623fb52e8e7b

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.thefox.ai
cdn.heapanalytics.com
d3nauzviflkfb4.cloudfront.net
fonts.googleapis.com
heapanalytics.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
widget.intercom.io
13.227.219.58
13.32.27.116
13.32.27.94
15.197.216.40
18.66.147.43
2600:9000:2057:d600:19:7d10:bd80:93a1
2600:9000:248d:9e00:1a:830e:e000:21
2a00:1450:4001:813::200a
3.227.151.68
44.228.215.240
54.186.23.98
1fd841c191217346b696a3f949345d3155ed79209f805e73b32a3a9c59816818
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
375e9199a489471f09c01f28d315b73a0d458b0c24fa6436801dc337ec3b3ce2
39daa5732c9a2d6b2a251d575b59cb3a89b90a02f7dbc53eddfdf3329e0c842a
3d2690d6b01d4aadf96e7e29ea0a6f0c8ab69e14305e7265e5a471771da74343
3d6a1250b131483bf690875fcdb40533a394fff0880f007f48f9b8f2a1ccd8fb
4096128d311cb7e924e3563257e6b4cd03aa53be29ddcb7f31f5596c3456e5ef
47fac8916064722f6e7b398642399bde3f70e12dd150f141f3ba7d8cdeb8edfc
532237f6909103a9f0451ea9115330ab020ef35d3e363432367c75d81b37ce98
53d4423261f5656ae3ec285b0d16a40adae82ee14ab73bc6846155dd554be5b0
553e87afead15de08abb981d8a25fc9100cb86bc3e92f3fbdc9ac1df14a3b87a
6271f8b027de5133d6474716f399fc0c7bd0640f6d0f64a46ef7791c9a1fdee7
75c80349a3aafdd890ae9d6782e773fed75740891f21ac3d4d966aa77a7d5702
8339c637a3a2eabf451ab99b744c3474a0005d8fea01ee1d3bb45e7944bd41a1
88c1e7f184c5ed2a405ac99e16cd1dbf7850dd21f2e6ffe23ef529667896e3b5
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9d2ed5619a02a96288224ed042c2d83206a972d57da6b296d1e49db224074ed4
ac5801e3494e5340d73ecb42e2efd6f8fee4b793dee00f3f26f3ca0d59379217
b6ed6e18ca6f0c9e4cfb81c9fdfdfd9166a1498f4437ca8d18b70b9b6814d7ee
b9512e6d9c8dff398370fdc090d9ab256a0de9c012a2b5039d9bd9e9d491daf5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bed4ed406073398f8e51812a543b3c5994642624f948b20d407d801fbaf4aeab
c4379f16e8d0581236ce678a8cc9579a9bd6803e56c137025b9a81584af9603e
dc72011ade220556c3ed1799e5548ce7eff2ecc9ccb97079be147049b72cb380
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
fa8f2dda873b2c5d60af461147dd5c6eb0d363d13b6c55165661324bbf5e68f9