urlscan.io logo urlscan.io
SecurityTrails logo

api.staging-use-19.fountain.com Open in urlscan Pro
2606:4700::6812:12a4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.staging-use-19.fountain.com/
Effective URL: https://api.staging-use-19.fountain.com/signin
Submission: On June 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6812:12a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is api.staging-use-19.fountain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 26th 2023. Valid for: a year.
This is the only time api.staging-use-19.fountain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 2606:4700::68... 13335 (CLOUDFLAR...)
2 108.138.32.115 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 35.186.194.58 15169 (GOOGLE)
17 5
Apex Domain
Subdomains		 Transfer
13 fountain.com
api.staging-use-19.fountain.com
1 MB
4 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2394
rs.fullstory.com — Cisco Umbrella Rank: 2203
77 KB
2 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1543
65 KB
17 3
Domain Requested by
13 api.staging-use-19.fountain.com 2 redirects api.staging-use-19.fountain.com
2 rs.fullstory.com www.datadoghq-browser-agent.com
2 edge.fullstory.com api.staging-use-19.fountain.com
www.datadoghq-browser-agent.com
2 www.datadoghq-browser-agent.com api.staging-use-19.fountain.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.fountain.com
Subject Issuer Validity Valid
fountain.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-05-03 -
2024-08-01		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-05-02 -
2024-07-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://api.staging-use-19.fountain.com/signin
Frame ID: 57E8DC281EFCC22ACC861BEB32E0A8CB
Requests: 16 HTTP requests in this frame

Frame: https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: B934644E06DBE39629FFF4D40DA1E95D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://api.staging-use-19.fountain.com/ HTTP 302
    https://api.staging-use-19.fountain.com/signin Page URL

Detected technologies

Overall confidence: 75%
Detected patterns

Page Statistics

17
Requests

94 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

1486 kB
Transfer

5564 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.staging-use-19.fountain.com/ HTTP 302
    https://api.staging-use-19.fountain.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
api.staging-use-19.fountain.com/
Redirect Chain
  • https://api.staging-use-19.fountain.com/
  • https://api.staging-use-19.fountain.com/signin
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ff97c2bbe9b33f51f577e2e3883bb4b021195c8796c207bdf2da4b72bf710c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
896bd56d3d2e4d3a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 20 Jun 2024 12:41:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
63edd727-d2ca-4420-9070-048c2508672c
x-runtime
0.008383
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
896bd569af2d4d3a-FRA
content-type
text/html; charset=utf-8
date
Thu, 20 Jun 2024 12:41:32 GMT
location
https://api.staging-use-19.fountain.com/signin
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c5d917f2-2b80-4670-8e32-f55fadd9246b
x-runtime
0.022906
x-xss-protection
1; mode=block
devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
api.staging-use-19.fountain.com/assets/ 		151 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:10 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
896bd570aaf24d3a-FRA
expires
Thu, 20 Jun 2024 16:41:34 GMT
shared-vendors-application-f0a0780ebec0320c1d0ecf4da5477c79a2715fa593d647e85372314b5ebde1fc.js
api.staging-use-19.fountain.com/assets/ 		381 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/shared-vendors-application-f0a0780ebec0320c1d0ecf4da5477c79a2715fa593d647e85372314b5ebde1fc.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a0780ebec0320c1d0ecf4da5477c79a2715fa593d647e85372314b5ebde1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Apr 2024 21:19:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
896bd570aaf64d3a-FRA
expires
Thu, 20 Jun 2024 16:41:33 GMT
vendors-a07586bfdbefddf7ef4a.bundle.js
api.staging-use-19.fountain.com/front/v1/ 		4 MB
978 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/front/v1/vendors-a07586bfdbefddf7ef4a.bundle.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a2e8705913250802fe6b769f9586acd94c44429db07dcd23798311e0ffb0a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:53 GMT
server
cloudflare
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
896bd570aaf84d3a-FRA
expires
Thu, 20 Jun 2024 16:41:34 GMT
shared-fdc677568d0502d8ebb4.bundle.js
api.staging-use-19.fountain.com/front/v1/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/front/v1/shared-fdc677568d0502d8ebb4.bundle.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d040d4062831f2603fb7e5f14c6ded07d0dd0c9e482c5a7ecbd7220faf3160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:52 GMT
server
cloudflare
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
896bd570aaf94d3a-FRA
expires
Thu, 20 Jun 2024 16:41:34 GMT
devise-fc4c44b3c89be4e74c4fc8a723765fd7f2836748b562e462b30325a728a9d1f8.js
api.staging-use-19.fountain.com/assets/ 		170 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/devise-fc4c44b3c89be4e74c4fc8a723765fd7f2836748b562e462b30325a728a9d1f8.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4c44b3c89be4e74c4fc8a723765fd7f2836748b562e462b30325a728a9d1f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Apr 2024 21:19:10 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
896bd570aafd4d3a-FRA
expires
Thu, 20 Jun 2024 16:41:33 GMT
datadog-logs-v4.js
www.datadoghq-browser-agent.com/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-115.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:29 GMT
content-encoding
br
via
1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:12 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
6
x-amz-server-side-encryption
AES256
etag
W/"44c5d2c58c3f065730a026e0868767da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
wObwbOE9pHaVRHemy_WJB-VUhGuwuZM08jXuPnnTWuGeUSKnF7-b9w==
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-115.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:31 GMT
content-encoding
br
via
1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
23
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
GV75RiyfecQ11XTt4qiiI9MQCStx2sY6HNxW441aBtuIs4C5ftDReg==
fs.js
edge.fullstory.com/s/ 		273 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/
Origin
https://api.staging-use-19.fountain.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:14:48 GMT
content-encoding
br
age
1607
x-guploader-uploadid
ACJd0NpUD2ALbhq3MbSmM28E91gUC5PxzTMlDo3_RDEQW6mZg4zNYNLt6kELGRltqesNrxaS7GA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75362
last-modified
Thu, 06 Jun 2024 13:11:57 GMT
server
UploadServer
etag
"505d5df439fda0ef6083305f079651ff"
vary
Accept-Encoding
x-goog-generation
1717679517113319
x-goog-hash
crc32c=dZHqrA==, md5=UF1d9Dn9oO9ggzBfB5ZR/w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75362
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 Jun 2024 13:14:48 GMT
main.js
api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame B934
Redirect Chain
  • https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/signin
Protocol
H2
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8a3a481194a41421dc95fd0fc5d5c39f9c4c0886b51a73902eee0dea3ce908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
896bd579eaef4d3a-FRA

Redirect headers

date
Thu, 20 Jun 2024 12:41:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control
max-age=300, public
cf-ray
896bd57979f94d3a-FRA
content-length
0
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c47db094423e5cd117db5ad1d689509d0ede9d39c0d1415c40dd9c52e0f94ec

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
CircularXXWeb-Medium-562c13f2dbc820963b71ec9714f5ee859bd1b07c1e83ca81677d14f91e57b714.woff
api.staging-use-19.fountain.com/assets/ 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/CircularXXWeb-Medium-562c13f2dbc820963b71ec9714f5ee859bd1b07c1e83ca81677d14f91e57b714.woff
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/assets/devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562c13f2dbc820963b71ec9714f5ee859bd1b07c1e83ca81677d14f91e57b714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/assets/devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
Origin
https://api.staging-use-19.fountain.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=14400
cf-ray
896bd5798a124d3a-FRA
expires
Thu, 20 Jun 2024 16:41:35 GMT
CircularXXWeb-Book-945a0813851e38a1569e7c57c64eacd43f3e8e985c060d8f4e81ff71683ea592.woff
api.staging-use-19.fountain.com/assets/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/CircularXXWeb-Book-945a0813851e38a1569e7c57c64eacd43f3e8e985c060d8f4e81ff71683ea592.woff
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/assets/devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945a0813851e38a1569e7c57c64eacd43f3e8e985c060d8f4e81ff71683ea592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/assets/devise-bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611.css
Origin
https://api.staging-use-19.fountain.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=14400
cf-ray
896bd5798a154d3a-FRA
expires
Thu, 20 Jun 2024 16:41:35 GMT
896bd56d3d2e4d3a
api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B934 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/h/b/jsd/r/896bd56d3d2e4d3a
Requested by
Host: api.staging-use-19.fountain.com
URL: https://api.staging-use-19.fountain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
896bd57acc4b4d3a-FRA
content-length
0
content-type
text/plain; charset=UTF-8
web
edge.fullstory.com/s/settings/G868H/v1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/G868H/v1/web
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cacd373c8ff19bfb4951d9e4ade862f57647de527650df3883fc9c8337eaf653

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ACJd0Npk97A-lE4Q_w4s_pHUtydDlyLvxbPPLfNp7GrWt_Il3a_aA8IblnySc3BUrsLFSs0YZv8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1306
last-modified
Thu, 20 Jun 2024 12:39:32 GMT
server
UploadServer
etag
"13967f3122583e0c9be71851c07c8843"
x-goog-generation
1717687172295248
x-goog-hash
crc32c=MRgIDA==, md5=E5Z/MSJYPgyb5xhRwHyIQw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1306
accept-ranges
bytes
content-type
application/json
expires
Thu, 20 Jun 2024 12:56:35 GMT
page
rs.fullstory.com/rec/ 		1 KB
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ae5554a485ea202209514d87b24ec8ca8ac90d1646ee4e8ee79dcaa1dee47296

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://api.staging-use-19.fountain.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 12:41:35 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://api.staging-use-19.fountain.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
beta-b8a808dd1140e0a75951b302a45439c8d85fd872676395898123b562056529bf.ico
api.staging-use-19.fountain.com/assets/ 		1 KB
614 B 		Other
General
Check archive.org
Download Go to
Full URL
https://api.staging-use-19.fountain.com/assets/beta-b8a808dd1140e0a75951b302a45439c8d85fd872676395898123b562056529bf.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a808dd1140e0a75951b302a45439c8d85fd872676395898123b562056529bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://api.staging-use-19.fountain.com/signin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 12:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 21:19:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=14400
cf-ray
896bd57e7b334d3a-FRA
expires
Thu, 20 Jun 2024 16:41:36 GMT
v2
rs.fullstory.com/rec/bundle/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=G868H&UserId=eda24807-252b-4c04-997d-37ad85111944&SessionId=9b76242f-64b9-40f2-a962-f2ee8100e796&PageId=470299d5-4410-45ef-8116-9e4be1fee780&Seq=1&ClientTime=1718887298079&PageStart=1718887295567&PrevBundleTime=0&LastActivity=2359&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
0d96c8fa7918e6924e074e42b0e28798f04898a334dc73ed5cf300762f609745

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://api.staging-use-19.fountain.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://api.staging-use-19.fountain.com
date
Thu, 20 Jun 2024 12:41:38 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| DD_LOGS object| DD_RUM object| webpackJsonp function| AxDropdown function| $ function| jQuery function| Messenger object| Routes object| __core-js_shared__ function| _ function| ga function| moment function| uuid function| Popper function| getGaTracker function| obiqAjax function| URI function| URITemplate function| Sifter object| MicroPlugin function| Selectize function| datepickerLocalize object| signedUpload object| flash_messages boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| obiqDropdown string| _fs_loaded function| _fs_shutdown

6 Cookies

Domain/Path Name / Value
.fountain.com/ Name: __cf_bm
Value: WbdBJL7nFt2TtKhS8wS.EHx_rXgedFuUSRRyGr38LLk-1718887292-1.0.1.1-UV6iQYEXhqfNQn1MfIXDj5ALyRmfxYIv.8f9i7li2czUf99l_s_YV6V3MOr0ICdwAG8QTVZMFAWdx4H4BkumHg
api.staging-use-19.fountain.com/ Name: _session_id
Value: b399bf0e94621966081eacc22aa7ba98
.fountain.com/ Name: cf_clearance
Value: GyPyzMEz5eGFOB6XozdHH3ifpSR5YV_b4_oGdNl.6oc-1718887295-1.0.1.1-qaWYVgGY4P_.QjyCM2ZMVAX1pnSbRe1fZLVXYH2XT7.UomH8E2FR3dFs5UYo1X8pYljTTy0X9arWJWoATqnbQQ
.fountain.com/ Name: fs_lua
Value: 1.1718887295566
.fountain.com/ Name: fs_uid
Value: #G868H#eda24807-252b-4c04-997d-37ad85111944:9b76242f-64b9-40f2-a962-f2ee8100e796:1718887295566::1#/1750423297
api.staging-use-19.fountain.com/ Name: _dd_s
Value: logs=1&id=39a5fe8c-bba5-43ef-9cfa-a679dbb79eba&created=1718887294414&expire=1718888194482&rum=2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.staging-use-19.fountain.com
edge.fullstory.com
rs.fullstory.com
www.datadoghq-browser-agent.com
108.138.32.115
2606:4700::6812:12a4
35.186.194.58
35.201.112.186
0d96c8fa7918e6924e074e42b0e28798f04898a334dc73ed5cf300762f609745
11f5637cd1e69c5416520a3f0cb75816b0207728752deb02f7f164fc8e584499
18ff97c2bbe9b33f51f577e2e3883bb4b021195c8796c207bdf2da4b72bf710c
3a2e8705913250802fe6b769f9586acd94c44429db07dcd23798311e0ffb0a4f
4c47db094423e5cd117db5ad1d689509d0ede9d39c0d1415c40dd9c52e0f94ec
562c13f2dbc820963b71ec9714f5ee859bd1b07c1e83ca81677d14f91e57b714
945a0813851e38a1569e7c57c64eacd43f3e8e985c060d8f4e81ff71683ea592
ae5554a485ea202209514d87b24ec8ca8ac90d1646ee4e8ee79dcaa1dee47296
ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85
b8a808dd1140e0a75951b302a45439c8d85fd872676395898123b562056529bf
bb4f7b95e3299633fd7ef5389b4b57edc59680237c7baaf06ec0059c176d6611
c9d040d4062831f2603fb7e5f14c6ded07d0dd0c9e482c5a7ecbd7220faf3160
cacd373c8ff19bfb4951d9e4ade862f57647de527650df3883fc9c8337eaf653
cb8a3a481194a41421dc95fd0fc5d5c39f9c4c0886b51a73902eee0dea3ce908
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a0780ebec0320c1d0ecf4da5477c79a2715fa593d647e85372314b5ebde1fc
fc4c44b3c89be4e74c4fc8a723765fd7f2836748b562e462b30325a728a9d1f8