urlscan.io logo urlscan.io
SecurityTrails logo

api.manheim.com Open in urlscan Pro
54.243.76.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sell.manheim.com/ui/inventory
Effective URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_t...
Submission: On February 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 54.243.76.136, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is api.manheim.com.
TLS certificate: Issued by Thawte RSA CA 2018 on June 5th 2018. Valid for: 2 years.
This is the only time api.manheim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.206.135.243 14618 (AMAZON-AES)
1 1 95.101.177.215 16625 (AKAMAI-AS)
1 1 52.4.235.68 14618 (AMAZON-AES)
6 54.243.76.136 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
16 5
1    52.206.135.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-135-243.compute-1.amazonaws.com
sell.manheim.com
1    95.101.177.215 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-177-215.deploy.static.akamaitechnologies.com
www.manheim.com
1    52.4.235.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-235-68.compute-1.amazonaws.com
members.manheim.com
6    54.243.76.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-76-136.compute-1.amazonaws.com
api.manheim.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::681a:5d9 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.useriq.com
engage.useriq.com
2    2606:4700:20::681a:4d9 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.useriq.com
Domain Requested by
6 api.manheim.com api.manheim.com
3 fonts.googleapis.com api.manheim.com
2 engage.useriq.com feed.useriq.com
2 stream.useriq.com feed.useriq.com
1 feed.useriq.com api.manheim.com
1 members.manheim.com 1 redirects
1 www.manheim.com 1 redirects
1 sell.manheim.com 1 redirects
16 8

This site contains no links.

Subject Issuer Validity Valid
*.api.manheim.com
Thawte RSA CA 2018		 2018-06-05 -
2020-06-30		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-08 -
2020-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Frame ID: 5AB0757F9C0B9450DD8504BC9986095D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sell.manheim.com/ui/inventory HTTP 302
    https://www.manheim.com/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory HTTP 302
    https://members.manheim.com//gateway/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassi... HTTP 303
    https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

88 %
HTTPS

43 %
IPv6

3
Domains

8
Subdomains

5
IPs

3
Countries

1549 kB
Transfer

1699 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sell.manheim.com/ui/inventory HTTP 302
    https://www.manheim.com/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory HTTP 302
    https://members.manheim.com//gateway/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassic%3Dtrue HTTP 303
    https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set authorization.oauth2
api.manheim.com/auth/
Redirect Chain
  • https://sell.manheim.com/ui/inventory
  • https://www.manheim.com/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory
  • https://members.manheim.com//gateway/login?back=https%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassic%3Dtrue
  • https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=h...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
049d1b11c59c357a7a12e74f8eda8c6490895f2335b4ed0c9d6e873abb78cffc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Host
api.manheim.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
visitor_session_id=1581441578_4216_10.141.164.4; ak_bmsc=DB331B59FCA94A2D478696D78F46386C02148EA7AA780000D2E1425E9509C431~plN9wrStQuFlUWmF4ZL56ByJiHqjDm+N+mlq4bgIt6rwC7MqT2yx+e/ltIU8cMTpuRlD0rz7k5NR7wVqyOpHq95AOuI4nZt1nj3UN87TOfoSMDbss3Q3C1mA007g16qUNIis8thg90ntRRuDGJTeqP0PJufp5OeMNwHbe+uXXTKWhhsLJ7t9Ras0qTmWigZtUxCXnMJ7mF0t91oXtZCVQrAf0qV4S1v72BvWo2AhbEBv4=; bm_sz=841F0BF17FDCEA68756BFC88AE1683C9~YAAQp44UAqnVLPVvAQAAPB1CNQZmrPxF2TAoCBYwBVoEKkJRpKBqURyMZUL9lhtR1m03vJWVKIC2zaUoYg/gZll2C/ie5u7IjPzKNkqHYSfcR9cVFZ0sPtACDLBPclFb2aVnlflfc0he0EaMop1767AtLd5zGSKIp/BRGT6EPnCQT+wvmXRmQBImH8ueURrq; _abck=B616C7CC7C3CCCEDE55A07AB57AFC369~-1~YAAQp44UAqrVLPVvAQAAPB1CNQPbB+5gTZUAcRA3YoqvGB6wQXE4QF/ifbVEgj5whhiYN2eh3+lDRy2o/hO9IpxryTXpLeB7ngWss1dSAnQ7WLMNL/gkvmaVtvwdObPafv6mJPdEKXQtjcPgPDE17xEOF/6T/u2/uBi5p4WDFNVrWbrulu6vpQI0Wjovb6kHuNJsuBHfsKnDwfDX//wI9gFG55BcLRBOOj8bxRZDOV33hhenSGaBnAUP0rphKqK+F+JQQfulMG/DIp6gMrM8qkHGf45RCYeT05/aS1Be6LOBCbrzRR7p3XKJiA==~-1~-1~-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Content-Type
text/html;charset=utf-8
Date
Tue, 11 Feb 2020 17:18:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Server
nginx/1.14.1
Set-Cookie
PF=kxxiYUcgPa0mxnkcWRILJh;Path=/;SameSite=None;Secure;HttpOnly
X-Mashery-Message-ID
2f87f066-68db-4f9c-913e-e7721ab49cb3
X-Mashery-Responder
prod-j-worker-us-east-1d-59.mashery.com
Content-Length
1230
Connection
keep-alive

Redirect headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Cache-control
no-cache="set-cookie"
Content-Language
en-US
Date
Tue, 11 Feb 2020 17:18:10 GMT
Location
https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Server
Apache-Coyote/1.1
Set-Cookie
SESSION=2957eb33-2de2-41d7-8941-0efa6e892645; Path=/; Secure; HttpOnly AWSELB=017367790E05718832E0EA0D21561D46B51EEB892A8A7BE24577119053DCB18D0EB58052C57965D1934A34AEDC1BC55AF3FE0B22E2105149213C678253E0F02D1F6D86DF4B;PATH=/ AWSELBCORS=017367790E05718832E0EA0D21561D46B51EEB892A8A7BE24577119053DCB18D0EB58052C57965D1934A34AEDC1BC55AF3FE0B22E2105149213C678253E0F02D1F6D86DF4B;PATH=/;SECURE;SAMESITE=None
X-Application-Context
application:prod:8083
Content-Length
0
Connection
keep-alive
main.chunk.css
api.manheim.com/assets/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/assets/css/main.chunk.css
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
a490e99de87ed21e331ba5333d522e6d5eee340fd16a0b7e6779240b3dfc24d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Referrer-Policy
origin
X-Mashery-Message-ID
c17b23a7-f76e-4d17-b1e5-9ec080eaa2e2
Server
nginx/1.14.1
Date
Tue, 11 Feb 2020 17:18:11 GMT
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sat, 08 Feb 2020 02:14:02 GMT
Connection
keep-alive
X-Mashery-Responder
prod-j-worker-us-east-1b-55.mashery.com
Content-Length
1311
2.chunk.css
api.manheim.com/assets/css/ 		274 KB
275 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/assets/css/2.chunk.css
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
246461e7c7c22aff1900470bacf3bdd4ce4f5549ac56d4a331a8606b4de36128
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Referrer-Policy
origin
X-Mashery-Message-ID
5c220bcf-177c-47d4-b8d6-e2be2ca59ea5
Server
nginx/1.14.1
Date
Tue, 11 Feb 2020 17:18:11 GMT
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sat, 08 Feb 2020 02:14:02 GMT
Connection
keep-alive
X-Mashery-Responder
prod-j-worker-us-east-1e-65.mashery.com
Content-Length
280623
2.chunk.js
api.manheim.com/assets/js/ 		811 KB
811 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/assets/js/2.chunk.js
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
756442a8f8ac894b3a056660bfcb4aeff4c4a12a06621cb3f7fd7940b09011be
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Referrer-Policy
origin
X-Mashery-Message-ID
59617b34-87ba-4633-bb17-606764b2d94d
Server
nginx/1.14.1
Date
Tue, 11 Feb 2020 17:18:11 GMT
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sat, 08 Feb 2020 02:14:02 GMT
Connection
keep-alive
X-Mashery-Responder
prod-j-worker-us-east-1d-57.mashery.com
Content-Length
830185
main.chunk.js
api.manheim.com/assets/js/ 		405 KB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/assets/js/main.chunk.js
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
bfcf56f8decf6425a9e61558848bee6117cdf2019df41ef5c3a3583d6b71e749
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Referrer-Policy
origin
X-Mashery-Message-ID
d8d28479-ad1b-47c3-b432-f4d02aa4e0e1
Server
nginx/1.14.1
Date
Tue, 11 Feb 2020 17:18:11 GMT
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sat, 08 Feb 2020 02:14:02 GMT
Connection
keep-alive
X-Mashery-Responder
prod-j-worker-us-east-1b-53.mashery.com
Content-Length
414741
runtime~main.js
api.manheim.com/assets/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.manheim.com/assets/js/runtime~main.js
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.76.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-76-136.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
6b15ff8756e97e5bea28b6c68a88e362cc912702ac0e2a74b7f2fe0153fe95de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Security-Policy
frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com
Referrer-Policy
origin
X-Mashery-Message-ID
8820111d-9c14-4925-aca2-0b5c3439ca5e
Server
nginx/1.14.1
Date
Tue, 11 Feb 2020 17:18:11 GMT
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sat, 08 Feb 2020 02:14:02 GMT
Connection
keep-alive
X-Mashery-Responder
prod-j-worker-us-east-1d-61.mashery.com
Content-Length
1502
css
fonts.googleapis.com/ 		14 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40da83c7c5ea553cb8fb9b5e7de246450b0559a631943c3a81a7212ddb179f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Feb 2020 17:18:11 GMT
server
ESF
date
Tue, 11 Feb 2020 17:18:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Feb 2020 17:18:11 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono:300,300i,400,400i,700,700i&display=swap
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b5f141d56b23e2154d200ea6f90d0f5fd9eb6f63119e47c15603c36c0624060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Feb 2020 17:18:11 GMT
server
ESF
date
Tue, 11 Feb 2020 17:18:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Feb 2020 17:18:11 GMT
css
fonts.googleapis.com/ 		11 KB
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,400i,700
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
364db5bd14793b8e432894b6352347d84cdcf0b09a72c81098647035943c9905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Feb 2020 17:18:11 GMT
server
ESF
date
Tue, 11 Feb 2020 17:18:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Feb 2020 17:18:11 GMT
useriq.js
feed.useriq.com/ 		161 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.useriq.com/useriq.js
Requested by
Host: api.manheim.com
URL: https://api.manheim.com/auth/authorization.oauth2?adaptor=manheim_customer&client_id=qdp6ewmug522t9umyxyqydnx&response_type=code&redirect_uri=https://members.manheim.com/gateway/callback&back_uri=https://sell.manheim.com/ui/inventory?classic=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519460969df4d3f4ea1b433cc1eaada590949e2875acc773b8d77b15ee806551

Request headers

Referer
https://api.manheim.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 11 Feb 2020 17:18:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 16:42:58 GMT
server
cloudflare
age
2749
etag
W/"939a0784b4c9a22a901456db9671f4cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
5637fb0e0d32bedd-FRA
x-amz-request-id
413D2053AB3595F7
x-amz-id-2
+ADREVwwLpysMhtYoMJ7AMj5dQzEtNZTx9SUDZAcFlcK/9bWjosuEzUDvY4KJU/WsT8YpFAdfHE=
push
stream.useriq.com/visits/ 		2 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.useriq.com/visits/push
Requested by
Host: feed.useriq.com
URL: https://feed.useriq.com/useriq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Access-Control-Request-Method
POST
Origin
https://api.manheim.com
Referer
https://api.manheim.com/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 11 Feb 2020 17:18:12 GMT
via
1.1 vegur
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://api.manheim.com
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
cf-ray
5637fb0e994a1f25-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
admin
engage.useriq.com/campaigns/ 		2 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engage.useriq.com/campaigns/admin?site_id=403025501
Requested by
Host: feed.useriq.com
URL: https://feed.useriq.com/useriq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f802c5b5651fe168561b9875b8d6018688606dde8e005376c5a9f191534e1a29

Request headers

Referer
https://api.manheim.com/
Origin
https://api.manheim.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5637fb0e7d97bedd-FRA
date
Tue, 11 Feb 2020 17:18:12 GMT
via
1.1 vegur
status
200
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"617-guSittsWxfS27/RQg5OFaQmyiZY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
content-type
application/json; charset=utf-8
access-control-allow-origin
https://api.manheim.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
check
engage.useriq.com/campaigns/ 		0
0
tips
engage.useriq.com/campaigns/ 		0
0
push
stream.useriq.com/visits/ 		2 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.useriq.com/visits/push
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://api.manheim.com/
Origin
https://api.manheim.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Feb 2020 17:18:13 GMT
via
1.1 vegur
status
200
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://api.manheim.com
access-control-allow-credentials
true
cf-ray
5637fb12acf41f25-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
cancel
engage.useriq.com/campaigns/ 		2 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://engage.useriq.com/campaigns/cancel?site_id=403025501&visitor_id=5173bdf423983897&uid=&iframed=false&_ref=https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%3Fadaptor%3Dmanheim_customer%26client_id%3Dqdp6ewmug522t9umyxyqydnx%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fmembers.manheim.com%2Fgateway%2Fcallback%26back_uri%3Dhttps%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassic%3Dtrue&_cvars=%7B%222%22%3A%5B%22user_name%22%2C%22%22%5D%2C%223%22%3A%5B%22account_id%22%2C%22%22%5D%2C%224%22%3A%5B%22account_name%22%2C%22%22%5D%2C%225%22%3A%5B%22user_email%22%2C%22%22%5D%2C%226%22%3A%5B%22signup_date%22%2C%22DO_NOT_USE%22%5D%2C%227%22%3A%5B%22login_id%22%2C%22%22%5D%2C%228%22%3A%5B%22site%22%2C%22https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%22%5D%7D&_imp=&client_uuid=4307b7d19715db8c
Requested by
Host: feed.useriq.com
URL: https://feed.useriq.com/useriq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://api.manheim.com/
Origin
https://api.manheim.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Feb 2020 17:18:16 GMT
via
1.1 vegur
status
200
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://api.manheim.com
access-control-allow-credentials
true
cf-ray
5637fb2769d6bedd-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
engage.useriq.com
URL
https://engage.useriq.com/campaigns/check?site_id=403025501&visitor_id=5173bdf423983897&uid=&iframed=false&_ref=https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%3Fadaptor%3Dmanheim_customer%26client_id%3Dqdp6ewmug522t9umyxyqydnx%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fmembers.manheim.com%2Fgateway%2Fcallback%26back_uri%3Dhttps%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassic%3Dtrue&_cvars=%7B%222%22%3A%5B%22user_name%22%2C%22%22%5D%2C%223%22%3A%5B%22account_id%22%2C%22%22%5D%2C%224%22%3A%5B%22account_name%22%2C%22%22%5D%2C%225%22%3A%5B%22user_email%22%2C%22%22%5D%2C%226%22%3A%5B%22signup_date%22%2C%22DO_NOT_USE%22%5D%2C%227%22%3A%5B%22login_id%22%2C%22%22%5D%2C%228%22%3A%5B%22site%22%2C%22https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%22%5D%7D&_imp=&client_uuid=4307b7d19715db8c
Domain
engage.useriq.com
URL
https://engage.useriq.com/campaigns/tips?url=https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%3Fadaptor%3Dmanheim_customer%26client_id%3Dqdp6ewmug522t9umyxyqydnx%26response_type%3Dcode%26redirect_uri%3Dhttps%3A%2F%2Fmembers.manheim.com%2Fgateway%2Fcallback%26back_uri%3Dhttps%3A%2F%2Fsell.manheim.com%2Fui%2Finventory%3Fclassic%3Dtrue&site_id=403025501&uid=undefined&vid=5173bdf423983897&_cvars=%7B%222%22%3A%5B%22user_name%22%2C%22%22%5D%2C%223%22%3A%5B%22account_id%22%2C%22%22%5D%2C%224%22%3A%5B%22account_name%22%2C%22%22%5D%2C%225%22%3A%5B%22user_email%22%2C%22%22%5D%2C%226%22%3A%5B%22signup_date%22%2C%22DO_NOT_USE%22%5D%2C%227%22%3A%5B%22login_id%22%2C%22%22%5D%2C%228%22%3A%5B%22site%22%2C%22https%3A%2F%2Fapi.manheim.com%2Fauth%2Fauthorization.oauth2%22%5D%7D

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| msgs object| appConfig object| webpackJsonp function| setImmediate function| clearImmediate object| _uiq function| _uiq_forEach function| _uiq_getComputedStyle function| _uiq_removeNode function| _uiq_getEmbeddedCampaign function| _uiq_getEmbeddedTour function| _uiq_removeEmbeddedTour function| _uiq_stopMedia function| _uiq_trackVideoEvent function| _uiq_resetActiveData function| _uiq_checkInsideFrames function| _uiq_activateCampaign function| _uiq_previewCampaign function| _uiq_checkTooltipsXhr function| _uiq_checkAdminXhr function| _uiq_checkFeaturesXhr function| _uiq_executeWhenLoaded function| _uiq_onInitOrReload function| _uiq_XHR_fallback function| _uiq_XHR function| UserIQ string| _uiq_base_cf_url object| _uiq_JSON undefined| Sizzle function| Tether object| uiqscroll object| __zalgopromise__ object| __postRobot__ object| useriqPostRobot object| _uiq_app object| Useriq object| _uiq_admin object| _uiq_site_settings string| _uiq_cf_site_id string| _uiq_site_id boolean| _uiq_tooltip

6 Cookies

Domain/Path Name / Value
api.manheim.com/ Name: _uiq_id.403025501.bec8
Value: 5173bdf423983897.1581441492.0.1581441492..
.manheim.com/ Name: _abck
Value: B616C7CC7C3CCCEDE55A07AB57AFC369~-1~YAAQp44UAqrVLPVvAQAAPB1CNQPbB+5gTZUAcRA3YoqvGB6wQXE4QF/ifbVEgj5whhiYN2eh3+lDRy2o/hO9IpxryTXpLeB7ngWss1dSAnQ7WLMNL/gkvmaVtvwdObPafv6mJPdEKXQtjcPgPDE17xEOF/6T/u2/uBi5p4WDFNVrWbrulu6vpQI0Wjovb6kHuNJsuBHfsKnDwfDX//wI9gFG55BcLRBOOj8bxRZDOV33hhenSGaBnAUP0rphKqK+F+JQQfulMG/DIp6gMrM8qkHGf45RCYeT05/aS1Be6LOBCbrzRR7p3XKJiA==~-1~-1~-1
.manheim.com/ Name: bm_sz
Value: 841F0BF17FDCEA68756BFC88AE1683C9~YAAQp44UAqnVLPVvAQAAPB1CNQZmrPxF2TAoCBYwBVoEKkJRpKBqURyMZUL9lhtR1m03vJWVKIC2zaUoYg/gZll2C/ie5u7IjPzKNkqHYSfcR9cVFZ0sPtACDLBPclFb2aVnlflfc0he0EaMop1767AtLd5zGSKIp/BRGT6EPnCQT+wvmXRmQBImH8ueURrq
api.manheim.com/ Name: PF
Value: kxxiYUcgPa0mxnkcWRILJh
.manheim.com/ Name: ak_bmsc
Value: DB331B59FCA94A2D478696D78F46386C02148EA7AA780000D2E1425E9509C431~plN9wrStQuFlUWmF4ZL56ByJiHqjDm+N+mlq4bgIt6rwC7MqT2yx+e/ltIU8cMTpuRlD0rz7k5NR7wVqyOpHq95AOuI4nZt1nj3UN87TOfoSMDbss3Q3C1mA007g16qUNIis8thg90ntRRuDGJTeqP0PJufp5OeMNwHbe+uXXTKWhhsLJ7t9Ras0qTmWigZtUxCXnMJ7mF0t91oXtZCVQrAf0qV4S1v72BvWo2AhbEBv4=
.manheim.com/ Name: visitor_session_id
Value: 1581441578_4216_10.141.164.4

4 Console Messages

Source Level URL
Text
console-api error URL: https://api.manheim.com/assets/js/2.chunk.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api error URL: https://feed.useriq.com/useriq.js(Line 4)
Message:
TypeError: Cannot read property 'removeItem' of null
console-api warning URL: https://feed.useriq.com/useriq.js(Line 1)
Message:
console-api warning URL: https://feed.useriq.com/useriq.js(Line 1)
Message:
SyntaxError: Unexpected end of JSON input

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.elementremarketing.com https://*.manheim.com https://*.ove.com https://*.vauto.com https://*.fordquic.com https://*.kiadirect.com