urlscan.io logo urlscan.io
SecurityTrails logo

app.yeschef.studio Open in urlscan Pro
15.197.216.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.yeschef.studio/
Effective URL: https://app.yeschef.studio/login
Submission: On February 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 30 HTTP transactions. The main IP is 15.197.216.40, located in United States and belongs to AMAZON-02, US. The main domain is app.yeschef.studio.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.
This is the only time app.yeschef.studio was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 15.197.216.40 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 151.101.128.176 54113 (FASTLY)
1 18.164.116.82 16509 (AMAZON-02)
1 13.225.66.26 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
1 44.240.235.135 16509 (AMAZON-02)
1 13.32.87.59 16509 (AMAZON-02)
1 44.205.146.126 14618 (AMAZON-AES)
2 108.139.47.108 16509 (AMAZON-02)
30 10
15    15.197.216.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa78d2725671e3d37.awsglobalaccelerator.com
app.yeschef.studio
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    18.164.116.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net
cdn.heapanalytics.com
1    13.225.66.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-26.ewr53.r.cloudfront.net
d3nauzviflkfb4.cloudfront.net
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
1    44.240.235.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-235-135.us-west-2.compute.amazonaws.com
m.stripe.com
1    13.32.87.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-87-59.mia3.r.cloudfront.net
widget.intercom.io
1    44.205.146.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-146-126.compute-1.amazonaws.com
heapanalytics.com
2    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
15 yeschef.studio
app.yeschef.studio
327 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1356
q.stripe.com — Cisco Umbrella Rank: 8764
m.stripe.com — Cisco Umbrella Rank: 1289
170 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2533
267 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1444
16 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 1016
heapanalytics.com — Cisco Umbrella Rank: 909
37 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1981
3 KB
1 cloudfront.net
d3nauzviflkfb4.cloudfront.net
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
30 8
Domain Requested by
15 app.yeschef.studio 1 redirects app.yeschef.studio
3 q.stripe.com app.yeschef.studio
3 js.stripe.com app.yeschef.studio
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 m.stripe.network js.stripe.com
m.stripe.network
1 heapanalytics.com
1 widget.intercom.io app.yeschef.studio
1 m.stripe.com m.stripe.network
1 d3nauzviflkfb4.cloudfront.net app.yeschef.studio
1 cdn.heapanalytics.com app.yeschef.studio
1 fonts.googleapis.com app.yeschef.studio
30 11

This site contains no links.

Subject Issuer Validity Valid
app.yeschef.studio
R3		 2024-02-14 -
2024-05-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.yeschef.studio/login
Frame ID: 0521DF4B18924F4A801D93C672845999
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B170EBB674DD46EFEB8DEDD0197E6F4A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 91FEFFCF26F39F72FF2C82745892452B
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e713de2f.js
Frame ID: 09DECF1AF00F75F29C89A3A1676812B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Yes Chef

Page URL History Show full URLs

  1. https://app.yeschef.studio/ HTTP 302
    https://app.yeschef.studio/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

30
Requests

100 %
HTTPS

10 %
IPv6

8
Domains

11
Subdomains

10
IPs

1
Countries

828 kB
Transfer

2906 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.yeschef.studio/ HTTP 302
    https://app.yeschef.studio/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.yeschef.studio/
Redirect Chain
  • https://app.yeschef.studio/
  • https://app.yeschef.studio/login
160 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy nginx /
Resource Hash
f8c1500841da36407a036e4ea33d7a574e852340a454c3284643f29903b6e72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 20:46:49 GMT
server
Caddy nginx
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-length
374
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 20:46:49 GMT
location
https://app.yeschef.studio/login
server
Caddy nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 20:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 19:27:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 20:46:50 GMT
/
js.stripe.com/v3/ 		597 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8319175321d53572caca2cb710e19c79feaed6fafbe48921a890be2b5234f3eb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 20:46:50 GMT
via
1.1 varnish
age
56
x-cache
HIT
content-length
169615
x-request-id
655e5016-0cf7-44a5-84d1-e6078e73d7db
x-served-by
cache-mia-kmia1760071-MIA
last-modified
Wed, 14 Feb 2024 18:40:57 GMT
server
Fastly
etag
"85a51f77cbc0358c9875da911eeacf90"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18
app.e6d1a157.css
app.yeschef.studio/build/assets/ 		158 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/app.e6d1a157.css
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
e6d1a157853cf2fd49a5f87a1aa6473336a51b2926eb45ad1aaee021c4513040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-27795"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
app.9ff5c6d6.js
app.yeschef.studio/build/assets/ 		771 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/app.9ff5c6d6.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
e29c5551aa1e6c161194af2bbf76bdfdf67d9c477cdb7856c89438a97344ee9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-c0bcd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
Login.cde1f5af.js
app.yeschef.studio/build/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/Login.cde1f5af.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
f4815cdbcf47a61bf66ae9f4299f03f16349ebb0266e1b438e9d0585def0d0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-bfa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
1353
x-xss-protection
1; mode=block
BaseButton.2562c0d5.js
app.yeschef.studio/build/assets/ 		908 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/BaseButton.2562c0d5.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
d3e7335bdbfb7fecdb9f621cedc60e8c668ae95f3c4fcbc3d74ec2ee73957d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-38c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
485
x-xss-protection
1; mode=block
BaseInput.284db2bc.js
app.yeschef.studio/build/assets/ 		1 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/BaseInput.284db2bc.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
f0b51e83d6c25d98961458cc1637ae6992270a76b2e613a640602c9d3b7dc41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-5f9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
801
x-xss-protection
1; mode=block
Checkbox.f27f07dd.js
app.yeschef.studio/build/assets/ 		576 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/Checkbox.f27f07dd.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
27ddbfc6b749c16e7de55a71b101b19e6a3116260474b06438a278f30748ab9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-240"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
383
x-xss-protection
1; mode=block
Label.29858b10.js
app.yeschef.studio/build/assets/ 		332 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/Label.29858b10.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
5064ff2b93320cd57c7712d15353c6e9e4d9de1cd3ad851ccc2f8f998eb8c4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-14c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
261
x-xss-protection
1; mode=block
ValidationErrors.9f812c20.js
app.yeschef.studio/build/assets/ 		518 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/ValidationErrors.9f812c20.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
5e25fd4e0f268d6ddf1c02e81a86d766832fe4a44700dece0bdb05796f899f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-206"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
366
x-xss-protection
1; mode=block
GuestLayout.6cf4e9d7.js
app.yeschef.studio/build/assets/ 		613 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/GuestLayout.6cf4e9d7.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
f77995cf436b5c004bae427c13f2876d95e06358d686022d32ce31efa27eea75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-265"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
430
x-xss-protection
1; mode=block
functions.231aede0.js
app.yeschef.studio/build/assets/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/functions.231aede0.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
8254b533d67aa0aa02f7a8d910a633f1893ab79610a0c95111aa27fd7b22aaf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-12d6c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
modelWrapper.aaee08d4.js
app.yeschef.studio/build/assets/ 		136 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/modelWrapper.aaee08d4.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
25ae175b77008fed685e2e21627cdbae62d4f15383253512dd7bcbab379bddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
"65cd06b0-88"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
136
x-xss-protection
1; mode=block
ExclamationCircleIcon.3dcb29ed.js
app.yeschef.studio/build/assets/ 		378 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/ExclamationCircleIcon.3dcb29ed.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
1c5e8a3ff656451baa2efb26d8d58fb667503bfc49e802ad879ab1e4a6c76bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-17a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
278
x-xss-protection
1; mode=block
ApplicationLogo.23f9c702.js
app.yeschef.studio/build/assets/ 		800 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yeschef.studio/build/assets/ApplicationLogo.23f9c702.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.216.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa78d2725671e3d37.awsglobalaccelerator.com
Software
Caddy, nginx /
Resource Hash
1bb8b087da64344c73e937cd329b97fefcbb71e8a3a95e3667628d8384625713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.yeschef.studio/login
Origin
https://app.yeschef.studio
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 18:30:08 GMT
server
Caddy, nginx
etag
W/"65cd06b0-320"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
content-length
447
x-xss-protection
1; mode=block
heap-800375789.js
cdn.heapanalytics.com/js/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-800375789.js
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-82.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
461809a7ff167753b0a67cb2a22b9fb99ed3322f49bb66b9ce5af664b18d14f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:44:55 GMT
content-encoding
br
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
JFK50-P6
age
116
x-powered-by
Express
etag
W/"1c869-X3Sl/lN1HzuA0hZzGKkk4RBKzr8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vjPu4E21ujceh4KiNDeRii9Nn2jqIBvaKj5FFSLq5cAx49_nd3hQ8w==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B170 		200 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.yeschef.studio/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
132410
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 20:46:50 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15306
x-content-type-options
nosniff
x-request-id
7e910012-f153-458c-b1f1-0b32e753d1c5
x-served-by
cache-mia-kmia1760071-MIA
b00d5174-ba5b-4bb1-b1c1-66f6b986d7c4.png
d3nauzviflkfb4.cloudfront.net/tenants/efc4f1a5-d208-44b6-89c4-5bbd76613227/branding/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3nauzviflkfb4.cloudfront.net/tenants/efc4f1a5-d208-44b6-89c4-5bbd76613227/branding/b00d5174-ba5b-4bb1-b1c1-66f6b986d7c4.png
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.66.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-26.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c738c823b53e80ccc8671fef12dbdb0a0cee9af606ee3e3ca8bf1539ecad81c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 20:46:52 GMT
via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront)
last-modified
Tue, 06 Feb 2024 10:46:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
etag
"a6ed139a733023d12cefd6c21877df01"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6751
x-amz-cf-id
lfs02WttsrDll-2D318az4VcJdMADw0bvp4CHhI6jBZMWB_oPE9M5g==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame B170 		526 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 20:46:50 GMT
via
1.1 varnish
age
1948253
x-cache
HIT
content-length
315
x-request-id
1da7033f-6fe6-44b9-b686-12024ac0db1f
x-served-by
cache-mia-kmia1760071-MIA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14309
csp-report
q.stripe.com/ Frame B170 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 14 Feb 2024 20:46:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707943611119056
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707943611118293
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B170 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 14 Feb 2024 20:46:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707943611118757
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707943611118359
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 91FE 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
92
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 20:46:51 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
215
x-content-type-options
nosniff
x-request-id
be79b4f1-20df-46f4-8525-d036e77178c5
x-served-by
cache-mia-kmia1760071-MIA
x-timer
S1707943611.090504,VS0,VE0
csp-report
q.stripe.com/ Frame 91FE 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 14 Feb 2024 20:46:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707943611170143
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1707943611169673
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 91FE 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 14 Feb 2024 20:46:51 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
295
x-cache
HIT
content-length
15509
x-request-id
ac56e3cb-775b-40c7-8e4a-63fcee75eed5
x-served-by
cache-mia-kmia1760071-MIA
server
Fastly
x-timer
S1707943611.129402,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
624
6
m.stripe.com/ Frame 91FE 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.235.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-235-135.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
91038326a12a49b3c0f54fd359b2146809c5a69d4241a4e66255d8a768c33a91
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Wed, 14 Feb 2024 20:46:51 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707943611652937
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707943611652209
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
wdiadoi8
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/wdiadoi8
Requested by
Host: app.yeschef.studio
URL: https://app.yeschef.studio/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-87-59.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
206ab54e81f50ee9e2aa1430ffed7c0c06dd0618f8f6e7460b63dcfe077c971d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
7BJILPfSH1a67dg7vdiiutr3c4BLAPd.
content-encoding
gzip
via
1.1 6bcc5cb16e0756268a257daab0f6082c.cloudfront.net (CloudFront)
date
Wed, 14 Feb 2024 20:40:45 GMT
x-amz-cf-pop
MIA3-C1
age
374
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Wed, 14 Feb 2024 18:18:22 GMT
server
AmazonS3
etag
"c00aed6ca33b251fa531c92a1278427d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
wEH6ZTT_0ZCgnoOHL38xbYXP6356vvF09JmIN8w_CUO4XLnyCOdwNg==
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=800375789&u=4070188015542875&v=7404356326070864&s=5303173255591793&b=web&tv=4.0&z=0&h=%2Flogin&d=app.yeschef.studio&t=Log%20in%20-%20Yes%20Chef&ts=1707943611277&st=1707943611284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.146.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-146-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.yeschef.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 20:46:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
frame-modern.e713de2f.js
js.intercomcdn.com/ Frame 09DE 		507 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e713de2f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wdiadoi8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0a4f4d4c68d0f396dd67e1a82db788a43bb0c8253fe3f74f3bea5c19138032f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ParQsNWg6T7QEYlI6Nh0tpKbutGqRICi
content-encoding
gzip
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
date
Wed, 14 Feb 2024 20:18:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143587
last-modified
Wed, 14 Feb 2024 18:15:37 GMT
server
AmazonS3
etag
"6957d96c3ba495753044b5e366ab76fd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
KzHK1DcNi0RNnMxCqxYuGJnazV0TpDl1Bk7POgnCMyYqu1eV4vfEEw==
vendor-modern.4fe5adaa.js
js.intercomcdn.com/ Frame 09DE 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.4fe5adaa.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/wdiadoi8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8db32f58d4d4fbf7fd3b0430ba49b94cb742f34ceb1050ed4659eb988771a0b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
86vvZT2XcwMq1gl1ndeDfnhz8lF1Nrrz
content-encoding
gzip
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
date
Wed, 14 Feb 2024 20:13:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128354
last-modified
Wed, 14 Feb 2024 17:37:06 GMT
server
AmazonS3
etag
"18b768628ba59a84aef29780fdb51048"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
bz5jezDOj8xcFQw9Nuoy_2L_3q4qgl882JMYn-6hfZsv77M0dT6MJA==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe function| route object| _translations string| _currentLocale object| heap function| Intercom function| Pusher function| _ function| axios object| Vapor object| Echo object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ function| __intercomAssignLocation function| __intercomReloadLocation

7 Cookies

Domain/Path Name / Value
app.yeschef.studio/ Name: XSRF-TOKEN
Value: eyJpdiI6ImFmeXJWRG9ZSnQvM1R3NG10QnRTUGc9PSIsInZhbHVlIjoiTW4xbnVyZzhkZkRrcCtlYjB3UVVpdm9FOEZITGFtNlVKYnR5U3lHSnE2TTdTTlZQQXRXeDd1Tlg3dFZVenZxK1pEVklLS2lPRGlUMCthOW8xK1ZqUzIwVFNiNTFmaVNFSHBBUTFPVDEyN3UzQ0lXcTlTZXJxNE5qMFh6ZXF5ejIiLCJtYWMiOiJiZGRhOTk0ZmM1ZDliNWJiOTM3MWQ4Yjc2ZWZmMzNlZDgyMTBhMmI5N2I2MTAzOTJjMDcwMDBiNjQ0ZDM2YTI2IiwidGFnIjoiIn0%3D
app.yeschef.studio/ Name: manyrequests_session
Value: eyJpdiI6IjN6UmdicmVLbDNyTDY4YkZmM0JLRHc9PSIsInZhbHVlIjoiWTBQTXM4Qm0zZ1RCN3hIOS9OT0svS1lhYkZNUTEwdmVXNnR6RjJLVjVxVkVxYk5YWWpIK1NEVnVGZndBWlZpMnh2WE5pZ1BPRVFDeFJyazBLYllNMUtIQjBmTk9heU1YQnZuM0VNK2dMRkpFMVd2eHQxbjdMUjhXTk9sa1JJU1YiLCJtYWMiOiJiMmZmMzlmYTU3MzQxMmI2YjEyNTQ5NWY1N2YyZjNjZmYwNGIxZTljZjBlYzNjNDlhOWM3YzIzNWE3NDJmMjMzIiwidGFnIjoiIn0%3D
.yeschef.studio/ Name: _hp2_id.800375789
Value: %7B%22userId%22%3A%224070188015542875%22%2C%22pageviewId%22%3A%227404356326070864%22%2C%22sessionId%22%3A%225303173255591793%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.yeschef.studio/ Name: _hp2_ses_props.800375789
Value: %7B%22ts%22%3A1707943611277%2C%22d%22%3A%22app.yeschef.studio%22%2C%22h%22%3A%22%2Flogin%22%7D
m.stripe.com/ Name: m
Value: 93a6e231-86ca-4dfe-8c6a-97e9a2dec701df6510
.app.yeschef.studio/ Name: __stripe_mid
Value: 66685b10-0975-4d70-9792-3e6aa8420fe496615a
.app.yeschef.studio/ Name: __stripe_sid
Value: 7a4cac58-8570-4333-ae88-78e7b18f3018a0791a

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://app.yeschef.studio/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.yeschef.studio
cdn.heapanalytics.com
d3nauzviflkfb4.cloudfront.net
fonts.googleapis.com
heapanalytics.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
widget.intercom.io
108.139.47.108
13.225.66.26
13.32.87.59
15.197.216.40
151.101.128.176
18.164.116.82
2607:f8b0:4006:81c::200a
44.205.146.126
44.240.235.135
54.187.119.242
1bb8b087da64344c73e937cd329b97fefcbb71e8a3a95e3667628d8384625713
1c5e8a3ff656451baa2efb26d8d58fb667503bfc49e802ad879ab1e4a6c76bec
206ab54e81f50ee9e2aa1430ffed7c0c06dd0618f8f6e7460b63dcfe077c971d
25ae175b77008fed685e2e21627cdbae62d4f15383253512dd7bcbab379bddc7
27ddbfc6b749c16e7de55a71b101b19e6a3116260474b06438a278f30748ab9e
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
461809a7ff167753b0a67cb2a22b9fb99ed3322f49bb66b9ce5af664b18d14f0
5064ff2b93320cd57c7712d15353c6e9e4d9de1cd3ad851ccc2f8f998eb8c4c3
5e25fd4e0f268d6ddf1c02e81a86d766832fe4a44700dece0bdb05796f899f6d
8254b533d67aa0aa02f7a8d910a633f1893ab79610a0c95111aa27fd7b22aaf1
8319175321d53572caca2cb710e19c79feaed6fafbe48921a890be2b5234f3eb
8db32f58d4d4fbf7fd3b0430ba49b94cb742f34ceb1050ed4659eb988771a0b1
91038326a12a49b3c0f54fd359b2146809c5a69d4241a4e66255d8a768c33a91
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c738c823b53e80ccc8671fef12dbdb0a0cee9af606ee3e3ca8bf1539ecad81c6
d3e7335bdbfb7fecdb9f621cedc60e8c668ae95f3c4fcbc3d74ec2ee73957d1c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e29c5551aa1e6c161194af2bbf76bdfdf67d9c477cdb7856c89438a97344ee9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d1a157853cf2fd49a5f87a1aa6473336a51b2926eb45ad1aaee021c4513040
f0a4f4d4c68d0f396dd67e1a82db788a43bb0c8253fe3f74f3bea5c19138032f
f0b51e83d6c25d98961458cc1637ae6992270a76b2e613a640602c9d3b7dc41d
f4815cdbcf47a61bf66ae9f4299f03f16349ebb0266e1b438e9d0585def0d0d3
f77995cf436b5c004bae427c13f2876d95e06358d686022d32ce31efa27eea75
f8c1500841da36407a036e4ea33d7a574e852340a454c3284643f29903b6e72b