urlscan.io logo urlscan.io
SecurityTrails logo

service.boxcars.ai Open in urlscan Pro
2a09:8280:1::f:4c9e  Public Scan

Go To Rescan Add Verdict Report
URL: https://service.boxcars.ai/
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 2a09:8280:1::f:4c9e, located in United States and belongs to FLY, US. The main domain is service.boxcars.ai.
TLS certificate: Issued by R3 on October 9th 2023. Valid for: 3 months.
This is the only time service.boxcars.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a09:8280:1::... 40509 (FLY)
3 1
Apex Domain
Subdomains		 Transfer
3 boxcars.ai
service.boxcars.ai
191 KB
3 1
Domain Requested by
3 service.boxcars.ai service.boxcars.ai
3 1

This site contains links to these domains. Also see Links.

Domain
boxcars.ai
Subject Issuer Validity Valid
service.boxcars.ai
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://service.boxcars.ai/
Frame ID: 8DE2447B4E3C05D4DEE67CA77F84E13E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

191 kB
Transfer

590 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
service.boxcars.ai/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.boxcars.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::f:4c9e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/55f8eaa0 (2023-10-09) /
Resource Hash
801c50f199f0203a7d2492e021203cde2c9b41a3c62d522b12d5ac2a13410fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 22:05:18 GMT
etag
W/"801c50f199f0203a7d2492e021203cde"
fly-request-id
01HCB7J80GN9JHMDVQZBWRZT2E-fra
link
</assets/application-2720c3f7a81c06cbc3a081f856fdc2df7e4e5f3e0a1ce3c7d37539dc23edd789.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
Fly/55f8eaa0 (2023-10-09)
via
2 fly.io
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
37d95bdb-e9d0-41ee-a2c7-1570d2cd3667
x-runtime
0.006425
x-xss-protection
0
application-2720c3f7a81c06cbc3a081f856fdc2df7e4e5f3e0a1ce3c7d37539dc23edd789.css
service.boxcars.ai/assets/ 		47 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.boxcars.ai/assets/application-2720c3f7a81c06cbc3a081f856fdc2df7e4e5f3e0a1ce3c7d37539dc23edd789.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::f:4c9e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/55f8eaa0 (2023-10-09) /
Resource Hash
70c3b72ce9abd7eaa80aa5423e728aad2e002ab81f16a258bd74ac1b7d98d408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.boxcars.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 22:05:19 GMT
content-encoding
gzip
via
2 fly.io
last-modified
Mon, 09 Oct 2023 20:29:56 GMT
server
Fly/55f8eaa0 (2023-10-09)
fly-request-id
01HCB7J8AJ5CKZ85B828PWV51T-fra
etag
W/"bbf8-652462c4.0"
content-type
text/css
cache-control
public, max-age=0, must-revalidate
fly-cache-status
HIT
accept-ranges
bytes
application-e336da92502e8e0888c7c38a1d922a0e2a634cbf766c7956cbef63ae61c9278e.js
service.boxcars.ai/assets/ 		538 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.boxcars.ai/assets/application-e336da92502e8e0888c7c38a1d922a0e2a634cbf766c7956cbef63ae61c9278e.js
Requested by
Host: service.boxcars.ai
URL: https://service.boxcars.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::f:4c9e , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/55f8eaa0 (2023-10-09) /
Resource Hash
057275c7732649f6321855186e387b45d021e18722604703d18f7772b25ddf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.boxcars.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 22:05:18 GMT
content-encoding
gzip
via
2 fly.io
last-modified
Mon, 09 Oct 2023 20:29:56 GMT
server
Fly/55f8eaa0 (2023-10-09)
fly-request-id
01HCB7J8AJDSNB1W4X8PB1WW06-fra
etag
W/"86800-652462c4.0"
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
fly-cache-status
HIT
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Turbo object| Trix object| MicroModal object| App function| constructor function| findAll function| findParent function| findParents function| addClass function| removeClass function| toggleClass function| hasClass function| _classModifier function| attr function| _setAttributes function| data function| _setDataset function| removeAttr function| removeData function| insertHTML function| elem function| render function| serialize function| submit function| visit function| back function| reload function| currentUrl function| getParam function| setParam function| _setParam function| on function| currentElement function| currentEvent function| _addListener function| ajax function| get function| post function| __defineGetter__ function| __defineSetter__ function| hasOwnProperty function| __lookupGetter__ function| __lookupSetter__ function| isPrototypeOf function| propertyIsEnumerable function| toString function| valueOf function| toLocaleString function| toggleMenu function| closeFlashAlert

1 Cookies

Domain/Path Name / Value
service.boxcars.ai/ Name: _api_server_session
Value: z4WF6UQK%2FmD5FHKCZyGhcZ4Ji4cV4%2BY9y%2BGifhjk3mTJ220Ry9X69ewt%2FxSsKIVRKuWzCmXX1oe%2Be4O4o0z5BKeI%2B6rVVN5Et79xA5f5eu8SYAOoRWUG4LmuBMO6uiv60zB9w3f6vQsB%2BKA7DCcj56t0FbCliwmBBjIoW0Wlwwa48QlvCyO7xFKRE8QJY0OVeB92ST8yp9L6sAoOfMXwEkLuRBtj20vQAmawoKpmXSHfFPbi2XyEBKHNAx4vznzV5BYroJYFFwWS%2FXfkKA%2F7LMZqiVYC4FZ1NL9Q--MrF2RbX8uG5kEQzL--m6iv7jN8R1%2FTwi1lPQBaKg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

service.boxcars.ai
2a09:8280:1::f:4c9e
057275c7732649f6321855186e387b45d021e18722604703d18f7772b25ddf83
70c3b72ce9abd7eaa80aa5423e728aad2e002ab81f16a258bd74ac1b7d98d408
801c50f199f0203a7d2492e021203cde2c9b41a3c62d522b12d5ac2a13410fe5