prod-auth.clcv2deven.xyz Open in urlscan Pro
34.42.126.58  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://user.chipleader.com/ Page URL
2. https://prod-auth.clcv2deven.xyz/?redirect=https%3A%2F%2Fuser.chipleader.com%2F Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ Show response user.chipleader.com/	702 B 878 B	378ms 352ms	Document text/html	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b752eaaaa723cad52659aafbdefbbcce383a5ddc4d3f8455fec2c5a72fc598d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 87baafff3f61903a-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Apr 2024 23:03:46 GMT last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kjrg8lhkl2CLOYj%2FE1TnqDUl1FAZR%2FW8dX%2Fhk9Eg3rSUqumnZ6t9T8EEwwMfVC%2FyQ32gFzE0C%2FYVRm6UsX9TADSyb11szAC6nmPHhrh78T1L3SAtLorOC3NEMqKzkNNYyrZJBp%2BW"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	chargebee.js Show response js.chargebee.com/v2/	271 KB 80 KB	45ms 8ms	Script application/x-javascript	13.35.58.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.chargebee.com/v2/chargebee.js Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-99.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash aaa1fdabe043e35009ead64e05abc1f614b4c85c4662cf1c7c518a07d4445add Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 3oikPbWfmjBYqbIJPS8Ef3gqrb5msiCd strict-transport-security max-age=300; includeSubdomains; preload content-encoding gzip date Sun, 28 Apr 2024 23:03:14 GMT via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 33 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 24 Apr 2024 08:16:58 GMT server AmazonS3 etag W/"4435d4656000f5a7101ab9ba8684a3f1" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300,public x-amz-cf-id Ds0V-bvf8imSbgAUmXPxFhpLR_TdQ6hi_WJWh13RU3qSRjahfLrPNQ==
GET H3	200	styles.2d09ef512862f952.css user.chipleader.com/	125 KB 42 KB	693ms 692ms	Stylesheet text/css	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/styles.2d09ef512862f952.css Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae19539ed6801cbec617d4af60adf254cdcfc6392c532263f5cfbdefd7ef1f2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:46 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"675676-128487-2024-04-28T22:06:48.572Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKE9QzJ6Jw2bwEd%2FnYw%2FktLQdC1ApOqWBHy0kNIejvOq4bTtcmu7mysMUYDxsCKXZYWbF7RjVSCKmP6h4T%2FE1WxNELVOLw47aVKVExa4l0M8ariks5QTLGYh%2FTsQ2K%2BuIBXp2G%2BI"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab0017907903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H3	200	main.eea4e21b95a06850.css user.chipleader.com/	48 KB 11 KB	566ms 566ms	Stylesheet text/css	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/main.eea4e21b95a06850.css Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17006b457c7974b9f2ad03720f55fd29cfab05e3d9a33602ef4bb22afef9bf8a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:46 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"676141-49092-2024-04-28T22:06:48.624Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqd3vQRTxxxHt5%2B4nR89v2S%2FJSqJct02UU%2BN%2BgIZDvucYM%2BVFnl72BNkTxwVWv0bb6OrKiQuwI1myRKrrEfhHQOR9LTbR0l0k6c4Ajd%2F2j9oLwG5q68y19Bv%2BUDlveTBgUyfmwW6"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab0017908903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H3	200	runtime.4381133e3b4de8a0.js Show response user.chipleader.com/	2 KB 2 KB	351ms 351ms	Script application/javascript	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/runtime.4381133e3b4de8a0.js Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7e3540ef3d4fe2db279d05b872f08c32eff32fff086bf561a108af60c09f9ac Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Origin https://user.chipleader.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:46 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"675970-2164-2024-04-28T22:06:48.620Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Boq7N%2BANqXZfX%2BUF%2BxgjYqXL%2BOW%2F8%2BWlOtQKxUSw7CONwLGVMSFsD6JmEEzt7ltrH6FdG%2ByONPwfZgGi5QS%2FLy23PJVNMaZLXtlrxQCwQDRfgHz8ohVVuKHFfFdPoJYSauEyj3oA"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab0017909903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H3	200	styles.fe1faf91bdbc8c0b.js Show response user.chipleader.com/	112 B 650 B	348ms 348ms	Script application/javascript	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/styles.fe1faf91bdbc8c0b.js Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d419182ce84d3673287a18d23e16559dcb0cfce30426be2a3d8156a0aae59f87 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Origin https://user.chipleader.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:46 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"675684-112-2024-04-28T22:06:48.572Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqESL55yogLbyj4bC0ArMoLZSAwQhMiM3Cwm0%2BZvq4ROFQzNGM9H6SbAqJkmlnE66CiZuoDDVxRlQSsCQX0G7TWu%2BeS%2BDmUjiMwGRQpmdLb%2FKWjsgXCxeXm0TDTwSaMt9YjKVJ8P"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab001790a903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H3	200	main.83b7daa293c8b983.js Show response user.chipleader.com/	3 MB 559 KB	894ms 894ms	Script application/javascript	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/main.83b7daa293c8b983.js Requested by Host: user.chipleader.com URL: https://user.chipleader.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48d0170826078694d5a260774b931f9f7b69921db6007700fb8586f280edeb74 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Origin https://user.chipleader.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:47 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"675926-2732750-2024-04-28T22:06:48.596Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KStP8MiEkepg48y9bsAoYvSBJSxi5orjQlRTLn6jHY01NLnFJkjPkairBjhsjgq2GASmEsSaHj6GaX6bKm9ndeODG85%2FVBEK6WLiN%2BQu1i45KDAse5207gDSSIJuSXqAihzLYI9Y"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab001790b903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H2	200	200-200f3804239193d3ae2d.js Show response js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/	17 KB 5 KB	8ms 8ms	Script application/x-javascript	13.35.58.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/200-200f3804239193d3ae2d.js Requested by Host: js.chargebee.com URL: https://js.chargebee.com/v2/chargebee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-99.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 136ba86f4da5813804f3deffb92f70146860261c980499f1744e98167c796748 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id p1TFdgFRzSTUR59HuljCtAhCwrI3_3w6 strict-transport-security max-age=300; includeSubdomains; preload content-encoding gzip date Sun, 28 Apr 2024 23:00:01 GMT via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 237 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 24 Apr 2024 08:16:58 GMT server AmazonS3 etag W/"09cbd39797006089f728c3798027e401" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300,public x-amz-cf-id WM8EF-kXNHU-Y7zayNCVTMgz6w0btFEDJ9Gh3ZB9D0T1Xq10P67bsA==
GET H2	200	css2 fonts.googleapis.com/	792 B 805 B	39ms 17ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Krona+One&display=swap Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.eea4e21b95a06850.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d6410ec2e562c03e0c443b0aa90bf11f9eece7bd67a0219cd4134d59f4bee7a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 28 Apr 2024 23:03:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 28 Apr 2024 23:03:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 28 Apr 2024 23:03:46 GMT
GET H2	200	animation.css js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/	722 B 1 KB	10ms 10ms	Stylesheet text/css	13.35.58.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/animation.css Requested by Host: js.chargebee.com URL: https://js.chargebee.com/v2/chargebee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-99.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id RPPvisZf6dPl9BcWJrYj80Nbp4eMNQnz strict-transport-security max-age=300; includeSubdomains; preload via 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront) date Sun, 28 Apr 2024 22:59:57 GMT x-amz-cf-pop FRA60-P10 age 230 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 722 last-modified Wed, 24 Apr 2024 08:17:00 GMT server AmazonS3 etag "520016f3fad41f77bb889758ac030aaf" vary Accept-Encoding content-type text/css cache-control max-age=300,public accept-ranges bytes x-amz-cf-id 8JewGMbx_GGY_X2dAdel9OMWSscX2TV92m4QDMqwKbVvYZaaTJkY_A==
GET H2	200	master.html js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/ Frame 4864	0 0	19ms 7ms	Document text/html	13.35.58.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/master.html Requested by Host: js.chargebee.com URL: https://js.chargebee.com/assets/cbjs-2024.04.24-08.11/v2/200-200f3804239193d3ae2d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-99.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://user.chipleader.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 79 cache-control max-age=300,public content-length 234 content-type text/html date Sun, 28 Apr 2024 23:02:31 GMT etag "0f8f231588c8b5fc8a733fd518f394a3" last-modified Wed, 24 Apr 2024 08:17:00 GMT server AmazonS3 strict-transport-security max-age=300; includeSubdomains; preload vary Accept-Encoding via 1.1 9b253b6508bd634345864697c48abb50.cloudfront.net (CloudFront) x-amz-cf-id m9AubilGWhgC9Kua8gRhBXWkvdzI3cOLvyYkS7eUc6n9pb8sOKVZIw== x-amz-cf-pop FRA60-P10 x-amz-server-side-encryption AES256 x-amz-version-id AbPnkxL0n__rvHIKuM3dzsWQgWrSMhRy x-cache Hit from cloudfront
GET H/1.1	200 OK	prize-texts Show response prod-api.clcv2deven.xyz/api/	337 B 605 B	479ms 237ms	XHR application/json	34.42.126.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prod-api.clcv2deven.xyz/api/prize-texts Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.83b7daa293c8b983.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.42.126.58 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.126.42.34.bc.googleusercontent.com Software nginx/1.22.1 / Express Resource Hash f2a1d1afeffa161cd7f6525b0395b5658f2d9e2fee7b903e42e951ae352012fe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 23:03:47 GMT Server nginx/1.22.1 X-Powered-By Express ETag W/"151-AO2L6xA5Ja4LbQyiVJyol4Vu/tA" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 337
GET H/1.1	200 OK	glossary prod-api.clcv2deven.xyz/api/topic-lesson-question/	26 KB 27 KB	482ms 240ms	XHR application/json	34.42.126.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prod-api.clcv2deven.xyz/api/topic-lesson-question/glossary Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.83b7daa293c8b983.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.42.126.58 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.126.42.34.bc.googleusercontent.com Software nginx/1.22.1 / Express Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 23:03:47 GMT Server nginx/1.22.1 X-Powered-By Express ETag W/"69cd-1SK5iZbvrXJx3k7pem/OpNVqxpc" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 27085
GET H/1.1	200 OK	current-time Show response prod-api.clcv2deven.xyz/api/	19 B 278 B	358ms 116ms	XHR text/html	34.42.126.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prod-api.clcv2deven.xyz/api/current-time Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.83b7daa293c8b983.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.42.126.58 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.126.42.34.bc.googleusercontent.com Software nginx/1.22.1 / Express Resource Hash 942092114ffc89d47a2c7b71a2d21bc139beb61c53f02b8ba36d2e4a62a6627f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 23:03:47 GMT Server nginx/1.22.1 X-Powered-By Express ETag W/"13-y5I1SNbZYyWxxFQEYISia5knrKA" Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 19
GET H3	200	Inter-Regular.991468dd4e43f260e6a4.ttf user.chipleader.com/	514 KB 149 KB	561ms 561ms	Font font/ttf	172.67.165.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://user.chipleader.com/Inter-Regular.991468dd4e43f260e6a4.ttf Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.eea4e21b95a06850.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.165.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/main.eea4e21b95a06850.css Origin https://user.chipleader.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:48 GMT content-encoding br cf-cache-status BYPASS last-modified Sun, 28 Apr 2024 22:06:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"675723-526148-2024-04-28T22:06:48.576Z" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5slO%2BjcYXuiP9Fcu9YWvyhBr54%2BnY5YZ1l9IU504OIHBqrECugUox%2FV16xhXGHj6NprGv1%2BUY7x1FFECrVE8LM8S8Uzv0jztKLkSsYIJF6CKLxiGY8FN4Diyo4dX8dx2DiprzCYe"}],"group":"cf-nel","max_age":604800} content-type font/ttf access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cf-ray 87bab0099d9b903a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range alt-svc h3=":443"; ma=86400
GET H2	200	client Show response accounts.google.com/gsi/	215 KB 82 KB	99ms 46ms	Script application/javascript	2a00:1450:400c:c0a::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.83b7daa293c8b983.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b653013433ea6051a258c6b90c62e3139663c488f3d19c245c9e661e0ca7a36a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UrjizFNKsnyEx5oeK35Fpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://user.chipleader.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 23:03:47 GMT content-security-policy script-src 'report-sample' 'nonce-UrjizFNKsnyEx5oeK35Fpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Sun, 28 Apr 2024 23:03:47 GMT
GET		clc-logo2.0.png prod-clc-user.clcv2deven.xyz/public/	0 0
GET H/1.1	404 Not Found	Primary Request / Show response prod-auth.clcv2deven.xyz/	109 B 383 B	519ms 115ms	Document application/json	34.42.126.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prod-auth.clcv2deven.xyz/?redirect=https%3A%2F%2Fuser.chipleader.com%2F Requested by Host: user.chipleader.com URL: https://user.chipleader.com/main.83b7daa293c8b983.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.42.126.58 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.126.42.34.bc.googleusercontent.com Software nginx/1.22.1 / Express Resource Hash 2f535a8d395b46c1e0f9e141a944762ccb5a88529dcac09457d53c85affd4784 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://user.chipleader.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 109 Content-Type application/json; charset=utf-8 Date Sun, 28 Apr 2024 23:03:48 GMT ETag W/"6d-PmLw6g2fW94hY6/mmjct6TieIo4" Server nginx/1.22.1 X-Powered-By Express
GET H/1.1	404 Not Found	favicon.ico prod-auth.clcv2deven.xyz/	74 B 347 B	116ms 115ms	Other application/json	34.42.126.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prod-auth.clcv2deven.xyz/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.42.126.58 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.126.42.34.bc.googleusercontent.com Software nginx/1.22.1 / Express Resource Hash 130f948f814486c133f4d33e2e3482a4bf961ec6cded4453e0ef90d980ca2809 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://prod-auth.clcv2deven.xyz/?redirect=https%3A%2F%2Fuser.chipleader.com%2F Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 23:03:48 GMT Server nginx/1.22.1 X-Powered-By Express ETag W/"4a-/wQpyBpRyI6XDnAW2OqTwoc8sog" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 74

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

prod-clc-user.clcv2deven.xyz

URL

https://prod-clc-user.clcv2deven.xyz/public/clc-logo2.0.png

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prod-auth.clcv2deven.xyz/?redirect=https%3A%2F%2Fuser.chipleader.com%2F Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://prod-auth.clcv2deven.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
fonts.googleapis.com
js.chargebee.com
prod-api.clcv2deven.xyz
prod-auth.clcv2deven.xyz
prod-clc-user.clcv2deven.xyz
user.chipleader.com
prod-clc-user.clcv2deven.xyz
13.35.58.99
172.67.165.203
2a00:1450:4001:811::200a
2a00:1450:400c:c0a::54
34.42.126.58
130f948f814486c133f4d33e2e3482a4bf961ec6cded4453e0ef90d980ca2809
136ba86f4da5813804f3deffb92f70146860261c980499f1744e98167c796748
17006b457c7974b9f2ad03720f55fd29cfab05e3d9a33602ef4bb22afef9bf8a
1b752eaaaa723cad52659aafbdefbbcce383a5ddc4d3f8455fec2c5a72fc598d
2f535a8d395b46c1e0f9e141a944762ccb5a88529dcac09457d53c85affd4784
48d0170826078694d5a260774b931f9f7b69921db6007700fb8586f280edeb74
8ae19539ed6801cbec617d4af60adf254cdcfc6392c532263f5cfbdefd7ef1f2
942092114ffc89d47a2c7b71a2d21bc139beb61c53f02b8ba36d2e4a62a6627f
aaa1fdabe043e35009ead64e05abc1f614b4c85c4662cf1c7c518a07d4445add
b653013433ea6051a258c6b90c62e3139663c488f3d19c245c9e661e0ca7a36a
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
d419182ce84d3673287a18d23e16559dcb0cfce30426be2a3d8156a0aae59f87
d6410ec2e562c03e0c443b0aa90bf11f9eece7bd67a0219cd4134d59f4bee7a5
e7e3540ef3d4fe2db279d05b872f08c32eff32fff086bf561a108af60c09f9ac
f2a1d1afeffa161cd7f6525b0395b5658f2d9e2fee7b903e42e951ae352012fe