urlscan.io logo urlscan.io
SecurityTrails logo

api-canary.chef.io Open in urlscan Pro
52.5.12.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api-canary.chef.io/
Effective URL: https://api-canary.chef.io/login
Submission: On April 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 52.5.12.3, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is api-canary.chef.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 5th 2023. Valid for: a year.
This is the only time api-canary.chef.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 52.5.12.3 14618 (AMAZON-AES)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
12 4
Apex Domain
Subdomains		 Transfer
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 314
145 KB
5 chef.io
api-canary.chef.io
1 MB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 552
314 B
12 3
Domain Requested by
6 cdn.cookielaw.org api-canary.chef.io
cdn.cookielaw.org
5 api-canary.chef.io 1 redirects api-canary.chef.io
1 geolocation.onetrust.com cdn.cookielaw.org
12 3

This site contains links to these domains. Also see Links.

Domain
www.chef.io
www.progress.com
Subject Issuer Validity Valid
chef.io
Amazon RSA 2048 M02		 2023-09-05 -
2024-10-02		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api-canary.chef.io/login
Frame ID: 8351BC4ED8770EE7F08198E8211F3D3B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - Chef Manage

Page URL History Show full URLs

  1. https://api-canary.chef.io/ HTTP 302
    https://api-canary.chef.io/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

12
Requests

92 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

1493 kB
Transfer

2118 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api-canary.chef.io/ HTTP 302
    https://api-canary.chef.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
api-canary.chef.io/
Redirect Chain
  • https://api-canary.chef.io/
  • https://api-canary.chef.io/login
11 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-canary.chef.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-3.compute-1.amazonaws.com
Software
/
Resource Hash
29046094fbcb683c6e788010a9615b51690b7e7d2a4f0ffbf3f02eadd68bb192
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; font-src 'self' themes.googleusercontent.com; frame-src 'self' www.google.com www.gstatic.com scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; img-src 'self' app.getsentry.com:443 ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com data: blob:; media-src 'none'; object-src 'none'; script-src 'self' ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com www.gstatic.com blob: 'nonce-LrHRjZI6V4+2F8/ECokPXqdZQsO66gdIoJ8X1qfpyfs=' 'unsafe-inline'; style-src 'self' fonts.googleapis.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, private, must-revalidate no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5024
Content-Security-Policy
default-src 'self'; connect-src 'self' scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; font-src 'self' themes.googleusercontent.com; frame-src 'self' www.google.com www.gstatic.com scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; img-src 'self' app.getsentry.com:443 ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com data: blob:; media-src 'none'; object-src 'none'; script-src 'self' ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com www.gstatic.com blob: 'nonce-LrHRjZI6V4+2F8/ECokPXqdZQsO66gdIoJ8X1qfpyfs=' 'unsafe-inline'; style-src 'self' fonts.googleapis.com 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Sat, 06 Apr 2024 11:53:20 GMT
ETag
W/"29046094fbcb683c6e788010a9615b51"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
cfdc1eeb-e9a4-480c-a07a-2b542aae3cd4
X-Runtime
0.007714
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache no-store
Connection
keep-alive
Content-Length
98
Content-Security-Policy
default-src 'self'; connect-src 'self' scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; font-src 'self' themes.googleusercontent.com; frame-src 'self' www.google.com www.gstatic.com scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; img-src 'self' app.getsentry.com:443 ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com data: blob:; media-src 'none'; object-src 'none'; script-src 'self' ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com www.gstatic.com blob:; style-src 'self' fonts.googleapis.com 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Sat, 06 Apr 2024 11:53:20 GMT
Location
https://api-canary.chef.io/login
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
74f6a401-7ab1-4a3e-99f3-e6bf07f41a44
X-Runtime
0.002755
X-XSS-Protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/otSDKStub.js
Requested by
Host: api-canary.chef.io
URL: https://api-canary.chef.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
1C7BuQ3LGAlBcdxyvs3Sgw==
content-length
6884
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 13:13:41 GMT
server
cloudflare
etag
0x8DC2D5EC38E60CF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cb61df38-601e-005b-5e47-5f00b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
870193aeaea84bcf-BUF
expires
Sun, 07 Apr 2024 11:53:20 GMT
application-c50c8a38bdcfe3d757226ffd3c75f337a6681b741e6c2fd1afa76aba72605151.css
api-canary.chef.io/assets/ 		227 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api-canary.chef.io/assets/application-c50c8a38bdcfe3d757226ffd3c75f337a6681b741e6c2fd1afa76aba72605151.css
Requested by
Host: api-canary.chef.io
URL: https://api-canary.chef.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-3.compute-1.amazonaws.com
Software
/
Resource Hash
c50c8a38bdcfe3d757226ffd3c75f337a6681b741e6c2fd1afa76aba72605151

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 11:53:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jan 2024 14:45:49 GMT
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
48346
Expires
Sun, 06 Apr 2025 11:53:20 GMT
application_en-554f5be97950755da13509b4968b68790ec24cf813326d5fe763f3f92eadf898.js
api-canary.chef.io/assets/locale/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-canary.chef.io/assets/locale/application_en-554f5be97950755da13509b4968b68790ec24cf813326d5fe763f3f92eadf898.js
Requested by
Host: api-canary.chef.io
URL: https://api-canary.chef.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-3.compute-1.amazonaws.com
Software
/
Resource Hash
554f5be97950755da13509b4968b68790ec24cf813326d5fe763f3f92eadf898

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 11:53:20 GMT
Last-Modified
Wed, 24 Jan 2024 14:45:49 GMT
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1315543
Expires
Sun, 06 Apr 2025 11:53:20 GMT
e231efa5-3ed9-4b92-96bc-f4c0872ca486.json
cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/e231efa5-3ed9-4b92-96bc-f4c0872ca486.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a9d5212f10af74a2d5266002a7a5ec70aea2fdfea8f6708ccda7c39d7d3e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
4cLcjZ+I9CVIzZh5ijdwuQ==
content-length
1693
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 13:13:41 GMT
server
cloudflare
etag
0x8DC2D5EC3B8ED20
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
882922de-f01e-0014-4618-8871ec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
870193affd7a4bbd-BUF
expires
Sun, 07 Apr 2024 11:53:20 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 11:53:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
870193b188724bc1-BUF
access-control-allow-headers
Content-Type
7eb128db-ae65-4a3b-b619-ee7376ad9f4d
https://api-canary.chef.io/ 		46 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://api-canary.chef.io/7eb128db-ae65-4a3b-b619-ee7376ad9f4d
Requested by
Host: api-canary.chef.io
URL: https://api-canary.chef.io/login
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
46
Content-Type
image/svg+xml;charset=utf-8
favicon-02462a0574bfec8c0c738a4e0922204029eaa1b8cc4370593b6b38ceabe1d0b2.png
api-canary.chef.io/assets/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api-canary.chef.io/assets/favicon-02462a0574bfec8c0c738a4e0922204029eaa1b8cc4370593b6b38ceabe1d0b2.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-3.compute-1.amazonaws.com
Software
/
Resource Hash
02462a0574bfec8c0c738a4e0922204029eaa1b8cc4370593b6b38ceabe1d0b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 11:53:20 GMT
Last-Modified
Wed, 24 Jan 2024 14:45:49 GMT
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6632
Expires
Sun, 06 Apr 2025 11:53:20 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.2.0/ 		430 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ekgyiOgvSPjNzcyXVUS11Q==
age
15920
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106739
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:28 GMT
server
cloudflare
etag
0x8DC3E996ED117D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
870193b1dbb94bcf-BUF
en.json
cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/1b62d455-5930-4b90-8b6e-4b1e0c09d10d/ 		99 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/1b62d455-5930-4b90-8b6e-4b1e0c09d10d/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2347da892033c888a2c1f2edf5722bc9f0230caee8356c6b28df0c717d64a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
jO60dWi5z/XZJA+srkckYw==
content-length
24157
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 13:13:51 GMT
server
cloudflare
etag
0x8DC2D5EC9BE1C8B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
98ad16d0-e01e-0018-6419-88e6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
870193b26f384bbd-BUF
expires
Sun, 07 Apr 2024 11:53:21 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BhDz7QN6NZvDbVeQXXKKbA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:21 GMT
server
cloudflare
etag
0x8DC3E996A8D0BAE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d819b97f-d01e-0085-3118-88145e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
870193b3a8a74bbd-BUF
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://api-canary.chef.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 11:53:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ceb06468-f01e-003b-0818-887c27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
870193b3a8a84bbd-BUF

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Chef function| $ function| jQuery function| _ object| Backbone function| Jed function| moment object| Slick object| Slickback function| saveAs object| d3 object| nv undefined| TraceKit object| Raven string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| OneTrustStub object| Optanon object| OneTrust

2 Cookies

Domain/Path Name / Value
api-canary.chef.io/ Name: chef-manage
Value: bf4746c7b6aa0cf5ed1cd46435b76759
.chef.io/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Apr+06+2024+01%3A53%3A21+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=98ba486b-85c6-4d36-9eae-871a81e52154&interactionCount=0&landingPath=https%3A%2F%2Fapi-canary.chef.io%2Flogin&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; font-src 'self' themes.googleusercontent.com; frame-src 'self' www.google.com www.gstatic.com scripts.demandbase.com api.demandbase.com b.company-target.com www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com; img-src 'self' app.getsentry.com:443 ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com data: blob:; media-src 'none'; object-src 'none'; script-src 'self' ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.google-analytics.com cdn.cookielaw.org scripts.demandbase.com api.demandbase.com b.company-target.com *.onetrust.com connect.facebook.net snap.licdn.com *.linkedin.com bat.bing.com/ stats.g.doubleclick.net/ static.ads-twitter.com/uwt.js www.google.com www.google.co.in *.eloqua.com analytics.twitter.com www.facebook.com t.co analytics.google.com obseu.ytwohlcq.telerik.com script.hotjar.com content.hotjar.io wss://ws.hotjar.com www.gstatic.com blob: 'nonce-LrHRjZI6V4+2F8/ECokPXqdZQsO66gdIoJ8X1qfpyfs=' 'unsafe-inline'; style-src 'self' fonts.googleapis.com 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block