cspm-demo.saas.chef.io Open in urlscan Pro
3.233.164.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cspm-demo.saas.chef.io/
Effective URL:
https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profi...
Submission: On March 30 via api (March 30th 2024, 10:18:20 am UTC) from US — Scanned from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 3.233.164.102, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is cspm-demo.saas.chef.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 15th 2023. Valid for: a year.

This is the only time cspm-demo.saas.chef.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	3.233.164.102 3.233.164.102	14618 (AMAZON-AES) (AMAZON-AES)
2	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.32.123 142.251.32.123	15169 (GOOGLE) (GOOGLE)
29	4

25 3.233.164.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-164-102.compute-1.amazonaws.com

cspm-demo.saas.chef.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.123 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f27.1e100.net

pendo-io-static.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	chef.io 1 redirects cspm-demo.saas.chef.io services.chef.io Failed	12 MB
2	googleapis.com pendo-io-static.storage.googleapis.com — Cisco Umbrella Rank: 28905	283 KB
2	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 761	283 KB
29	3

	Domain	Requested by
25	cspm-demo.saas.chef.io	1 redirects cspm-demo.saas.chef.io
2	pendo-io-static.storage.googleapis.com	cdn.pendo.io
2	cdn.pendo.io	cspm-demo.saas.chef.io
0	services.chef.io Failed	cspm-demo.saas.chef.io
29	4

This site contains no links.

Subject Issuer	Validity	Valid
*.saas.chef.io Amazon RSA 2048 M01	`2023-09-15` - `2024-10-14`	a year	crt.sh
cdn.pendo.io GTS CA 1D4	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
Frame ID: 75365B8B767EB3AE8DF3154CB56B7EF3
Requests: 20 HTTP requests in this frame

Frame: https://cspm-demo.saas.chef.io/preload-mfe/
Frame ID: 21C9A3347E420E7C9FDF6AF6CF7B6C4A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chef Automate

Page URL History Show full URLs

https://cspm-demo.saas.chef.io/ Page URL
https://cspm-demo.saas.chef.io/session/new?state=/ HTTP 303
https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=cod... Page URL

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

12580 kB
Transfer

13807 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cspm-demo.saas.chef.io/ Page URL
https://cspm-demo.saas.chef.io/session/new?state=/ HTTP 303
https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
cspm-demo.saas.chef.io/ 5 KB
5 KB 85ms
23ms Document
text/html 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ddb69345f3bda5248914d46a61d49aacdb3618866139f8c5be06562a2c4a2a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: private
content-type: text/html
date: Sat, 30 Mar 2024 10:18:13 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 automate.conf.js Show response
cspm-demo.saas.chef.io/ 66 B
358 B 23ms
22ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/automate.conf.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

16c3be168854066b10d71310ae820556c06b51441b8ec4625b12e17089144379

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 15 Sep 2023 14:19:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "650467fe-42"
content-type: application/javascript
cache-control: private, no-cache, no-store
accept-ranges: bytes
content-length: 66
x-xss-protection: 1; mode=block

GET
H2 200 styles.35d8b12757455949f1e8.css
cspm-demo.saas.chef.io/ 126 KB
22 KB 43ms
42ms Stylesheet
text/css 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/styles.35d8b12757455949f1e8.css

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ff09f92a4617d02fe17f3e7b395f81733d72e6c2b9a0c5ccf0faf96a93e37881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6501910e-1f77b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: private
x-xss-protection: 1; mode=block

GET
H2 200 runtime-es2019.6c7e0f6a05788b7a1ac1.js Show response
cspm-demo.saas.chef.io/ 4 KB
4 KB 35ms
35ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/runtime-es2019.6c7e0f6a05788b7a1ac1.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0c146548c36026d7c6ecd5b49b8b37622fbc7e4a5fe025cefdb9e9278ebb4df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-f0b"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 3851
x-xss-protection: 1; mode=block

GET
H2 200 polyfills-es2019.61eaef4c2ced896e2303.js Show response
cspm-demo.saas.chef.io/ 117 KB
118 KB 27ms
27ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/polyfills-es2019.61eaef4c2ced896e2303.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3d415f15791dafe8a745f4c12f82887ee1ba8d89b6f47d607da6e79abd0b3774

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-1d55b"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 120155
x-xss-protection: 1; mode=block

GET
H2 200 scripts.cc8a29e31189c7ef0450.js Show response
cspm-demo.saas.chef.io/ 7 KB
8 KB 34ms
33ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/scripts.cc8a29e31189c7ef0450.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fc973239c3509d9c1eb55cc599da934d89ae49472dff5608d466d82eb0291008

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-1cd0"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 7376
x-xss-protection: 1; mode=block

GET
H2 200 main-es2019.71bce5da5d71e1d338a3.js Show response
cspm-demo.saas.chef.io/ 6 MB
6 MB 34ms
34ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/main-es2019.71bce5da5d71e1d338a3.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bd37473c6ef8ee46c9cf2b42bbcca1c03b58a2f908c477302cea5e6e1c66f6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-617314"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 6386452
x-xss-protection: 1; mode=block

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/ 427 KB
142 KB 113ms
93ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7f63954f083f8975afcc979c3ef07cff88683c542bdef870812fa400a18cb870

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-guploader-uploadid: ABPtcPrL8rP505_RyDp7kaGgCriP6IkfWY94pyhOhz2twoDFPdYH6b-M4aNNr9mhQCVw7WDIpqU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144458
last-modified: Thu, 18 Jan 2024 19:12:44 GMT
server: UploadServer
etag: "69b27e9de98d24351c495d1301427a62"
vary: Accept-Encoding
x-goog-generation: 1705605164162445
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=OmckUw==, md5=abJ+nemNJDUcSV0TAUJ6Yg==
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 144458
accept-ranges: bytes

GET
H2 200 Muli-Regular.ttf
cspm-demo.saas.chef.io/assets/fonts/muli/ 92 KB
93 KB 68ms
67ms Font
application/octet-stream 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/assets/fonts/muli/Muli-Regular.ttf

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/styles.35d8b12757455949f1e8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6b77c0a3d0a163dd173ccf8d4cbe4d19d63f108b8fba52a854cc666d9663a4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/styles.35d8b12757455949f1e8.css
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-17070"
x-frame-options: sameorigin
content-type: application/octet-stream
cache-control: private
accept-ranges: bytes
content-length: 94320
x-xss-protection: 1; mode=block

GET
H2 200 pendo-staging.js
pendo-io-static.storage.googleapis.com/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/ 427 KB
142 KB 148ms
120ms Script
application/javascript 142.251.32.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-io-static.storage.googleapis.com/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo-staging.js
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.32.123 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f27.1e100.net
Software: UploadServer /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrm9ki3Gh6hVAieIFTIpmdDhEmX71lmaC2p_VrJ8qZNkpTlzzMVrbiBRjEtYrd7L3d3qBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144341
last-modified: Tue, 16 Jan 2024 19:13:32 GMT
server: UploadServer
etag: "04db4a39289d2782ee5286dee974ed39"
vary: Accept-Encoding
x-goog-generation: 1705432412051316
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=go5AvQ==, md5=BNtKOSidJ4LuUobe6XTtOQ==
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 144341
accept-ranges: bytes
expires: Sun, 30 Mar 2025 10:18:14 GMT

GET
H2 200 custom_settings.js
cspm-demo.saas.chef.io/ 281 B
612 B 24ms
24ms XHR
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/custom_settings.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/polyfills-es2019.61eaef4c2ced896e2303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 15 Sep 2023 14:19:27 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "650467ef-119"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: private, no-cache, no-store, private
accept-ranges: bytes
content-length: 281
x-xss-protection: 1; mode=block

GET remoteclient.js
services.chef.io/usage/v1/ 0
0

GET
H2 200 logout
cspm-demo.saas.chef.io/session/ 0
214 B 18ms
18ms XHR
text/plain 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/session/logout

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/polyfills-es2019.61eaef4c2ced896e2303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://cspm-demo.saas.chef.io/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
cache-control: no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

Primary Request auth Show response
cspm-demo.saas.chef.io/dex/
Redirect Chain

https://cspm-demo.saas.chef.io/session/new?state=/
https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D

3 KB
3 KB

16ms
16ms

Document
text/html

3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/main-es2019.71bce5da5d71e1d338a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0e5753d3bd789e1e5f77be0c0f921643b2258d9003f88132955df019ffff77da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cspm-demo.saas.chef.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 10:18:14 GMT
server: nginx/1.18.0 (Ubuntu)
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 10:18:14 GMT
location: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 main.css
cspm-demo.saas.chef.io/dex/static/ 2 KB
3 KB 32ms
31ms Stylesheet
text/css 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/dex/static/main.css

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bdc75409c598c9e0d4d650782407723df0c711ed9c83e370035d29b29ad6083c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 16:41:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 2552
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
cspm-demo.saas.chef.io/dex/theme/ 4 KB
4 KB 20ms
19ms Stylesheet
text/css 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/dex/theme/styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

dd6bd604d87d7c43dfb20e3a6ec6ef1e740ff08d053c04382a3e808b62e300b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 16:41:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
content-type: text/css; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 3791
x-xss-protection: 1; mode=block

GET
H2 200 automate-blue-d9789f4b.svg
cspm-demo.saas.chef.io/dex/static/img/ 1 KB
2 KB 34ms
33ms Image
image/svg+xml 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cspm-demo.saas.chef.io/dex/static/img/automate-blue-d9789f4b.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0bba50d30b8826c521e37d17832a7d17389c22f61ae576325c3ae0dca01f7d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 16:41:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 1395
x-xss-protection: 1; mode=block

GET
H2 200 email-icon.png
cspm-demo.saas.chef.io/dex/static/img/ 6 KB
6 KB 22ms
22ms Image
image/png 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cspm-demo.saas.chef.io/dex/static/img/email-icon.png

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/dex/theme/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

271aeaec028bc426e950069305c0fce0c9c1f1b19312a09223d321a5baebb3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/theme/styles.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 16:41:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 5929
x-xss-protection: 1; mode=block

GET
H2 200 Muli-Regular.ttf
cspm-demo.saas.chef.io/dex/static/fonts/ 92 KB
92 KB 19ms
19ms Font
font/ttf 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/dex/static/fonts/Muli-Regular.ttf

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/dex/theme/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6b77c0a3d0a163dd173ccf8d4cbe4d19d63f108b8fba52a854cc666d9663a4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/theme/styles.css
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Aug 2023 16:41:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: sameorigin
content-type: font/ttf
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 94320
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
cspm-demo.saas.chef.io/ 1 KB
1 KB 18ms
18ms Other
image/x-icon 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5f4080fbaa493463c163433fc3c7f57b891e43a00694557ac29c057cc7f62803

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 10:38:06 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6501910e-4c2"
x-frame-options: sameorigin
content-type: image/x-icon
cache-control: private
accept-ranges: bytes
content-length: 1218
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
cspm-demo.saas.chef.io/preload-mfe/ Frame 21C9 1 KB
2 KB 21ms
14ms Document
text/html 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cspm-demo.saas.chef.io/preload-mfe/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-164-102.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

08b29fe42d129faae3fe2d60534648b5f56402babc0b70335f6500b838123c69

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cspm-demo.saas.chef.io/dex/auth?client_id=automate-session&redirect_uri=%2Fsignin&response_type=code&scope=openid+profile+email+offline_access+groups+federated%3Aid&state=57OAwZX_tWOFDg%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=2592000
content-type: text/html
date: Sat, 30 Mar 2024 10:18:16 GMT
expires: Mon, 29 Apr 2024 10:18:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN

GET
H2 200 env.js Show response
cspm-demo.saas.chef.io/mfe/assets/ Frame 21C9 153 B
301 B 31ms
17ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/assets/env.js
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b3d402b07fea807c0ae9a3279f9af0612536b9a99e9d73f5e628d9399f1c4ead

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 polyfills.1c068a2bdc5d1dc6.js Show response
cspm-demo.saas.chef.io/mfe/ Frame 21C9 3 MB
3 MB 118ms
104ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/polyfills.1c068a2bdc5d1dc6.js
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6ec8bddbae98c68fe7639dc91d290868877e6b5aa41a9e1c084c640b8d6e31bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 scripts.366698a0031c9352.js Show response
cspm-demo.saas.chef.io/mfe/ Frame 21C9 78 KB
78 KB 192ms
179ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/scripts.366698a0031c9352.js
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 290415590e18df215488a4f62801fa67cb2e2b55d94aed6f2b67c10dc372dc79

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 main.6663caabf648df1e.js Show response
cspm-demo.saas.chef.io/mfe/ Frame 21C9 2 MB
2 MB 31ms
17ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/main.6663caabf648df1e.js
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d16e36b517388380f58d15d9ab6e8f357c53584a1625320d342826a3002c2508

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/ Frame 21C9 427 KB
141 KB 27ms
14ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo.js

Requested by

Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7f63954f083f8975afcc979c3ef07cff88683c542bdef870812fa400a18cb870

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:13 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 4
x-guploader-uploadid: ABPtcPrL8rP505_RyDp7kaGgCriP6IkfWY94pyhOhz2twoDFPdYH6b-M4aNNr9mhQCVw7WDIpqU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144458
last-modified: Thu, 18 Jan 2024 19:12:44 GMT
server: UploadServer
etag: "69b27e9de98d24351c495d1301427a62"
vary: Accept-Encoding
x-goog-generation: 1705605164162445
x-goog-hash: crc32c=OmckUw==, md5=abJ+nemNJDUcSV0TAUJ6Yg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 144458
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 styles.53e40756ba6f01b9.css
cspm-demo.saas.chef.io/mfe/ Frame 21C9 5 KB
5 KB 210ms
198ms Stylesheet
text/css 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/styles.53e40756ba6f01b9.css
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/preload-mfe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 77217047c13d00242d7c892d3a893ebd625acd25e2badf6d015cf0b53c33b060

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: text/css

GET
H2 200 pendo-staging.js Show response
pendo-io-static.storage.googleapis.com/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/ Frame 21C9 427 KB
141 KB 41ms
36ms Script
application/javascript 142.251.32.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-io-static.storage.googleapis.com/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo-staging.js
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/110b1eaa-bf93-4ffb-596e-c81cf90b1611/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.32.123 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f27.1e100.net
Software: UploadServer /
Resource Hash: aeae72e7be45812b51e222bab516a6d0350f7784505e87019b7d5f45b047e8da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:18:17 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPpdOyyZuK6dYV_-lm_QFThsKEUOYhDLubyDUC-eQlIm_Thh3ESudzSZ0GUlXA835yws6i5FkpXQjQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144341
last-modified: Tue, 16 Jan 2024 19:13:32 GMT
server: UploadServer
etag: "04db4a39289d2782ee5286dee974ed39"
vary: Accept-Encoding
x-goog-generation: 1705432412051316
x-goog-hash: crc32c=go5AvQ==, md5=BNtKOSidJ4LuUobe6XTtOQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache
x-goog-stored-content-length: 144341
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 30 Mar 2025 10:18:17 GMT

GET
H2 200 957.38a1d90ef70a989f.js Show response
cspm-demo.saas.chef.io/mfe/ Frame 21C9 166 KB
167 KB 38ms
9ms Script
application/javascript 3.233.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cspm-demo.saas.chef.io/mfe/957.38a1d90ef70a989f.js
Requested by: Host: cspm-demo.saas.chef.io
URL: https://cspm-demo.saas.chef.io/mfe/main.6663caabf648df1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-164-102.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e58794dcb9c0e342d82eac25a56a5ad03270eb5091a58be3a99decd84165d19

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cspm-demo.saas.chef.io/preload-mfe/
Origin: https://cspm-demo.saas.chef.io
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 29 Apr 2024 10:18:17 GMT
date: Sat, 30 Mar 2024 10:18:17 GMT
cache-control: max-age=2592000
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: services.chef.io
URL: https://services.chef.io/usage/v1/remoteclient.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cspm-demo.saas.chef.io/	1970-01-20 19:31:20	Name: session Value: WtxCLCguiNJWY9Etwq07JmrikB2RId1F49gN9fWi6KU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
cspm-demo.saas.chef.io
pendo-io-static.storage.googleapis.com
services.chef.io
services.chef.io
142.251.32.123
3.233.164.102
34.36.213.229
08b29fe42d129faae3fe2d60534648b5f56402babc0b70335f6500b838123c69
0bba50d30b8826c521e37d17832a7d17389c22f61ae576325c3ae0dca01f7d05
0c146548c36026d7c6ecd5b49b8b37622fbc7e4a5fe025cefdb9e9278ebb4df5
0e5753d3bd789e1e5f77be0c0f921643b2258d9003f88132955df019ffff77da
16c3be168854066b10d71310ae820556c06b51441b8ec4625b12e17089144379
271aeaec028bc426e950069305c0fce0c9c1f1b19312a09223d321a5baebb3f5
290415590e18df215488a4f62801fa67cb2e2b55d94aed6f2b67c10dc372dc79
3d415f15791dafe8a745f4c12f82887ee1ba8d89b6f47d607da6e79abd0b3774
4e58794dcb9c0e342d82eac25a56a5ad03270eb5091a58be3a99decd84165d19
5f4080fbaa493463c163433fc3c7f57b891e43a00694557ac29c057cc7f62803
6b77c0a3d0a163dd173ccf8d4cbe4d19d63f108b8fba52a854cc666d9663a4bf
6ec8bddbae98c68fe7639dc91d290868877e6b5aa41a9e1c084c640b8d6e31bf
77217047c13d00242d7c892d3a893ebd625acd25e2badf6d015cf0b53c33b060
7f63954f083f8975afcc979c3ef07cff88683c542bdef870812fa400a18cb870
aeae72e7be45812b51e222bab516a6d0350f7784505e87019b7d5f45b047e8da
b3d402b07fea807c0ae9a3279f9af0612536b9a99e9d73f5e628d9399f1c4ead
bd37473c6ef8ee46c9cf2b42bbcca1c03b58a2f908c477302cea5e6e1c66f6e2
bdc75409c598c9e0d4d650782407723df0c711ed9c83e370035d29b29ad6083c
d16e36b517388380f58d15d9ab6e8f357c53584a1625320d342826a3002c2508
dd6bd604d87d7c43dfb20e3a6ec6ef1e740ff08d053c04382a3e808b62e300b1
ddb69345f3bda5248914d46a61d49aacdb3618866139f8c5be06562a2c4a2a09
fc973239c3509d9c1eb55cc599da934d89ae49472dff5608d466d82eb0291008
ff09f92a4617d02fe17f3e7b395f81733d72e6c2b9a0c5ccf0faf96a93e37881

cspm-demo.saas.chef.io Open in urlscan Pro 3.233.164.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

29 Requests

97 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

12580 kBTransfer

13807 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

cspm-demo.saas.chef.io Open in urlscan Pro
3.233.164.102 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

12580 kB
Transfer

13807 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions