peptidefox.com

.com crawl

First seen 2026-04-12 · Last seen 2026-04-30 · ok HTTP/1.1 200 800 ms crawled 2026-05-04

US · 188.114.96.3 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: PeptideFox — Peptide research, the how and why
Description: A proprietary peptide research corpus and knowledge graph. Ask FoxAI what your last AI couldn’t answer — mechanism, dose, cycling, stacks, reasoned through from primary sources.
Language: en
Canonical: https://peptidefox.com/

Open Graph

url: https://peptidefox.com/
title: PeptideFox — Peptide research, the how and why
site name: PeptideFox
description: A proprietary peptide research corpus and knowledge graph. Ask FoxAI what your last AI couldn’t answer — mechanism, dose, cycling, stacks, reasoned through from primary sources.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (2)

analytics.ahrefs.com×1
www.googletagmanager.com×1

Registration

Registrar

Cloudflare, Inc.

Created

2025-09-16

Expires

2026-09-16 119 days left

Updated

2025-09-16

Name servers

daisy.ns.cloudflare.com
justin.ns.cloudflare.com

DNS records live

NS

daisy.ns.cloudflare.com
justin.ns.cloudflare.com

MX

14 route1.mx.cloudflare.net
75 route3.mx.cloudflare.net
84 route2.mx.cloudflare.net

TXT

google-site-verification=Xt97KuRZFKA4y65ufAQNLqtDra8tEogKXp5GEG4f6tk
v=spf1 include:_spf.mx.cloudflare.net ~all
google-site-verification=NiMU4GlC0wHZm5nAvpwI14uDNZrDNTDlM27ZaMf9k6k

Certificate (current)

WE1

from 2026-03-12 to 2026-06-10

Expires in 21 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://peptidefox.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://analytics.ahrefs.com https://static.cloudflareinsights.com https://js.stripe.com https://*.clerk.accounts.dev https://clerk.peptidefox.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://analytics.ahrefs.com https://api.peptidefox.com https://api.stripe.com https://*.clerk.accounts.dev https://clerk.peptidefox.com https://api.anthropic.com https://api2.amplitude.com https://api-secure.session-replay.amplitude.com https://config.session-replay.amplitude.com https://sr-client-cfg.amplitude.com https://*.amplitude.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.clerk.accounts.dev https://clerk.peptidefox.com https://challenges.cloudflare.com; worker-src 'self' bl
strict-transport-security: max-age=31536000; includeSubDomains

Links to (1)

apple.com×1

Linked from (1)

za1.co×2