auto-ciq.com Open in urlscan Pro
2606:4700:3030::6815:1001  Malicious Activity! Public Scan

URL: https://auto-ciq.com/
Submission: On December 16 via api from US — Scanned from DE

Summary

This website contacted 29 IPs in 3 countries across 24 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3030::6815:1001, located in United States and belongs to CLOUDFLARENET, US. The main domain is auto-ciq.com.
TLS certificate: Issued by WE1 on December 16th 2024. Valid for: 3 months.
This is the only time auto-ciq.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 146.75.120.157 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 104.18.142.119 13335 (CLOUDFLAR...)
3 142.250.185.100 15169 (GOOGLE)
7 2600:9000:235... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.21.80.1 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.3 13414 (TWITTER)
2 2620:1ec:21::14 8068 (MICROSOFT...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 172.217.23.110 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.66.102.27 16509 (AMAZON-02)
69 29
Apex Domain
Subdomains
Transfer
7 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3811
45 KB
6 auto-ciq.com
auto-ciq.com
2 MB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
22 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5209
45 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
216 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
143 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
1 KB
2 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 3653
api.hubspot.com — Cisco Umbrella Rank: 5268
cta-service-cms2.hubspot.com Failed
25 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
15 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
725 B
1 t.co
t.co — Cisco Umbrella Rank: 904
629 B
1 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3812
138 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
1 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
18 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6979
157 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
19 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3341
4 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5955
92 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5194
27 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
26 KB
1 gstatic.com
www.gstatic.com
216 KB
69 24
Domain Requested by
7 images.ctfassets.net auto-ciq.com
6 auto-ciq.com auto-ciq.com
4 www.youtube.com auto-ciq.com
cmp.osano.com
3 www.google.com auto-ciq.com
www.googletagmanager.com
3 cmp.osano.com auto-ciq.com
cmp.osano.com
3 www.googletagmanager.com auto-ciq.com
www.googletagmanager.com
2 cdnjs.cloudflare.com cmp.osano.com
2 px.ads.linkedin.com snap.licdn.com
auto-ciq.com
2 snap.licdn.com auto-ciq.com
1 api.hubspot.com js.usemessages.com
1 analytics.twitter.com auto-ciq.com
1 t.co auto-ciq.com
1 acsbapp.com auto-ciq.com
1 js.hs-scripts.com auto-ciq.com
1 i.ytimg.com auto-ciq.com
1 js.hsforms.net auto-ciq.com
1 static.ads-twitter.com auto-ciq.com
1 www.redditstatic.com auto-ciq.com
1 js.hs-banner.com auto-ciq.com
js.hs-banner.com
1 js.hsadspixel.net auto-ciq.com
1 js.hsleadflows.net auto-ciq.com
1 js.hubspot.com auto-ciq.com
1 js.usemessages.com auto-ciq.com
1 js.hs-analytics.net auto-ciq.com
1 www.gstatic.com auto-ciq.com
0 cta-service-cms2.hubspot.com Failed js.hubspot.com
69 26

This site contains no links.

Subject Issuer Validity Valid
auto-ciq.com
WE1
2024-12-16 -
2025-03-16
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
hs-analytics.net
WE1
2024-12-05 -
2025-03-05
3 months crt.sh
usemessages.com
WE1
2024-12-04 -
2025-03-04
3 months crt.sh
hubspot.com
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
hsleadflows.net
WE1
2024-11-27 -
2025-02-25
3 months crt.sh
hsadspixel.net
WE1
2024-12-08 -
2025-03-08
3 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-06 -
2025-04-03
6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.osano.com
Amazon RSA 2048 M02
2024-09-17 -
2025-10-16
a year crt.sh
hsforms.net
WE1
2024-12-07 -
2025-03-07
3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02
2024-11-18 -
2025-12-16
a year crt.sh
edgestatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
hs-scripts.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
acsbapp.com
WE1
2024-12-14 -
2025-03-14
3 months crt.sh
t.co
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-30 -
2025-09-29
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 5 frames:

Primary Page: https://auto-ciq.com/
Frame ID: A918C5A353BB1B6F64F09C045876D08E
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdGZJsoAAAAAIwMJHRwqiAHA6A_6ZP6bTYpbgSX&co=aHR0cHM6Ly9tZXRhbWFzay5pbzo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&badge=inline&cb=862o21frmjva
Frame ID: F781FAE3C5371CC121805930154E4162
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YVgfHZMFFFQ?&rel=0&sub_confirmation=1&enablejsapi=1&origin=https%3A%2F%2Fmetamask.io
Frame ID: 673BA4CF2B41BAE7554C0533D35212A4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fauto-ciq.com
Frame ID: B137240D36FE96CB0D561A190BD61329
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 6B7339691B315BA84F6FED3B81671514
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

69
Requests

70 %
HTTPS

68 %
IPv6

24
Domains

26
Subdomains

29
IPs

3
Countries

3238 kB
Transfer

9998 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auto-ciq.com/
209 KB
40 KB
Document
General
Full URL
https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6a2c7858a598cb9c49699efd08fda94e8354dc03fc6f7d836e123373b63432

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3193302f92d375-FRA
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 20:55:33 GMT
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSE6A%2BVOXf4RZgFyZOYTotHAQNC%2BiOnNiweHJUyOjnw%2BqRq7kgw7hIK7hPI3HCRJYpYrkULRtehI2pXCLtdOUd%2FMiRCN79ArXj5ZsjCHpHBaW2O12u%2FdwnvX77NIfuTLdn9y7RBIieBdHiU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=12497&min_rtt=6660&rtt_var=12225&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4360&recv_bytes=2376&delivery_rate=548723&cwnd=254&unsent_bytes=0&cid=198f56f75728acd6&ts=124&x=0"
vary
Accept-Encoding
recaptcha__en.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/
547 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

content-encoding
gzip
age
13160
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 17:16:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 17:16:13 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220882
x-xss-protection
0
server
sffe
insight.old.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=58815
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Mon, 16 Dec 2024 20:55:33 GMT
last-modified
Mon, 02 Dec 2024 10:13:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/
2 KB
1006 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=69723
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
796
date
Mon, 16 Dec 2024 20:55:33 GMT
last-modified
Mon, 02 Dec 2024 19:28:43 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
4795067.js
js.hs-analytics.net/analytics/1734361500000/
72 KB
26 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1734361500000/4795067.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74db799bab0b041d9c66079cb9f6a474f1bcb0d30bcc011510106d318a59e37d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
0ef30a86-91a9-4d43-8c79-20546f815993
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"f5c87c550ca8d0ff202f26145e83814f"
x-amz-version-id
null
expires
Mon, 16 Dec 2024 21:00:33 GMT
x-evy-trace-listener
listener_https
date
Mon, 16 Dec 2024 20:55:33 GMT
x-hubspot-correlation-id
0ef30a86-91a9-4d43-8c79-20546f815993
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 20:43:51 GMT
vary
origin, Accept-Encoding
x-amz-id-2
DMN0SUDU9glmYGGhzBboA8CLT88j4iprpocZZ/RJ6KI/28mU1UEi3Y6jpk8Bw8mKS2GmFCSaHDE=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ttmxb
x-envoy-upstream-service-time
31
access-control-allow-credentials
false
x-amz-request-id
T81QXHZRBE14556T
cf-ray
8f319331ac78dc58-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
conversations-embed.js
js.usemessages.com/
94 KB
27 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44926b15fa32d695d4106e41cfce20efbf7949b5ff8fcef69d79d43168a5266
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
819ce62f-2e49-4407-b3d9-284a9322ed17
content-encoding
gzip
cf-cache-status
HIT
etag
W/"367d1b945d3461d46393340eb0a4d521"
x-amz-version-id
UJ87Z4u6gjpilnvweLjENnXDadMVeIov
age
198
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
jUtB8NFi7cQUMCwebQRiS-vPIoRQo1zKCcITcNbnyaBTv34tL_xr2A==
date
Mon, 16 Dec 2024 20:55:33 GMT
x-hubspot-correlation-id
819ce62f-2e49-4407-b3d9-284a9322ed17
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Dec 2024 15:21:35 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-2w2nl
x-envoy-upstream-service-time
0
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.19337/bundles/project.js&cfRay=8f318e59e8fb9f3c-FRA
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-ray
8f319331af30996e-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.19337/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
web-interactives-embed.js
js.hubspot.com/
84 KB
25 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

x-request-id
7b91f538-67fc-4960-9f3e-442898ad112f
content-encoding
gzip
cf-cache-status
EXPIRED
x-amz-version-id
_83IngeMtzUuERab6QgcByX86005NyG0
etag
W/"03686003e4860757c17ae65c11ab8ea4"
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB%2B8FOpXsy9kJ4hRsRvE4ascjvrAX8saOXiBpgUa51%2B5J2lDOWcv248pLLfZTBli%2FRBKfUZQ%2FRzYrg9mZCnyQyAKLpKw%2BbZeh0XkKvIpvkT83PKx6UaArIDdrmufl55GBgbuOl9SvyifUbb8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
fw3RtMvSA0q7G6eVYHFdCdDDA--7sX9uWg8xX9iZXym5AtQ7GxGH-Q==
x-hubspot-correlation-id
7b91f538-67fc-4960-9f3e-442898ad112f
content-type
application/javascript; charset=utf-8
last-modified
Fri, 13 Dec 2024 12:10:35 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-qg7nx
x-envoy-upstream-service-time
18
x-hs-target-asset
web-interactives-embed/static-2.1996/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Mon, 16 Dec 2024 20:55:33 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1996/bundles/project.js&cfRay=8f3193319ec0196a-WAW
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-ray
8f3193319ec0196a-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
leadflows.js
js.hsleadflows.net/
550 KB
92 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da57a437a999e2503178063a85ca9557211686f50d7671db0142a2ceb3095d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

x-request-id
0fbcd796-65a2-4b9e-aa9f-b40e667d4378
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
PqQn.3x38ZWRmSYb9J2u1wYA9Etnh36Z
etag
W/"e9829c28fae41e369bd948323746cc37"
age
21676
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
cTbBklcSdkaDtBA0fX5eE-v8XVwVTCPqzGFkJB0YMxng68TaBcvfiQ==
x-hubspot-correlation-id
0fbcd796-65a2-4b9e-aa9f-b40e667d4378
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 15:49:15 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=86400, max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fngld
x-envoy-upstream-service-time
7
x-hs-target-asset
lead-flows-js/static-1.2121/bundle/main/lead-flows-release.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Mon, 16 Dec 2024 20:55:33 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.2121/bundle/main/lead-flows-release.js&cfRay=8f2f8201ad55bc71-FRA
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-ray
8f319331acd04d58-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
fb.js
js.hsadspixel.net/
6 KB
4 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef7476c879379d694804e834bd6a5846522e845dc6840a8865708d738ecc4c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
05e73361-1f23-4457-90f1-896a9667499f
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5a023b4ebce089a46ec78957af69d1dc"
x-amz-version-id
Eq3Vi4Lxt5mAu9cQfYoFVm.V_pB.IUhz
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
371
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
1gPMr9yoLD8zpiF_2e18cuUAGvRkVYqeeBaD7GxD8KTqpPbG6gQEmg==
date
Mon, 16 Dec 2024 20:55:33 GMT
x-hubspot-correlation-id
05e73361-1f23-4457-90f1-896a9667499f
content-type
application/javascript; charset=utf-8
last-modified
Mon, 16 Dec 2024 20:39:16 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fndvb
x-envoy-upstream-service-time
1
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.987/bundles/pixels-release.js&cfRay=8f318a20ef06d36c-WAW
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-ray
8f319331ab079bef-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.987/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
4795067.js
js.hs-banner.com/
62 KB
19 KB
Script
General
Full URL
https://js.hs-banner.com/4795067.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae989b20ec1716a26d85e87e911c0a1c2ec617fcaf79157603495ef70184d42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
14d8c69b-43dd-4b17-bedb-5043ece7b8ae
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"4383ab0ff7b8eba692c345ef5a6226bb"
x-amz-version-id
c3gcR4GBll.SkzPzLv71BtGpuOMPBl_B
age
50
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Mon, 16 Dec 2024 20:59:24 GMT
x-evy-trace-listener
listener_https
date
Mon, 16 Dec 2024 20:55:33 GMT
x-hubspot-correlation-id
14d8c69b-43dd-4b17-bedb-5043ece7b8ae
content-type
text/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 09:35:23 GMT
vary
origin, Accept-Encoding
x-amz-id-2
riwFvQYjtcfOig/QEEK+svZgGluvQPQ1iY3mktFrpYkpAUN8XqC4xRKJFxlhV12HfhxdGlSYywd5xiqAWS3FGQ==
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-fhb5w
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
x-amz-request-id
XJT96PJCB0TAS37P
cf-ray
8f319331abaedbd0-FRA
access-control-allow-origin
https://metamask.io
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
www-widgetapi.js
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/
30 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
age
14487
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 16:54:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:54:06 GMT
last-modified
Wed, 11 Dec 2024 05:16:51 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
pixel.js
www.redditstatic.com/ads/
43 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Mon, 16 Dec 2024 20:55:33 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Mon, 16 Dec 2024 20:55:33 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-etou8220131-FRA
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/
295 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V74KQYX56N&l=dataLayer&cx=c&gtm=45He4cc1v9122980764za200
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c11a9f3e7367d3211600ad64e69eb93df8d93a6256980c1bc8f412fd58c4551a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 16 Dec 2024 20:55:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102419
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
376 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M67JQ84
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 20:55:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 18:01:39 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
118083
x-xss-protection
0
server
Google Tag Manager
osano.js
cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/
164 KB
45 KB
Script
General
Full URL
https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8a00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0d4f509bdaacdcdd200638568d31a720c12a9e1f19955f17b42aa62393e7c094
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
etag
"0537a6f66285a8c60cb9caa6abe95666"
age
33659
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
rFNn29yrxT68oUS-_xMMVUHFA8jrCuFPxrAbNCDWlN7bRhSdHKSBQw==
date
Mon, 16 Dec 2024 11:34:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 27 Aug 2024 09:26:49 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
content-length
44949
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
CloudFront
EuclidCircularB-Regular-WebXL.woff2
auto-ciq.com/fonts/
44 KB
45 KB
Font
General
Full URL
https://auto-ciq.com/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"b08c-62964b6b7c3e6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1v9uFTm3XphOIZDLgwWqGY0R9B1yanwnTIm%2BQ0QAXYGCnHdTLwkYpsLoeYhCFbZYnzK5KGwsTzRoDPTj9GUM5JBJmsb%2Bn04jCyh1eWCqSNKW3H0L8mM8I2qVXSeQfuqSQND0jm0GDOCG%2F%2B4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3193317b89d375-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8407&min_rtt=6507&rtt_var=504&sent=163&recv=60&lost=0&retrans=0&sent_bytes=172784&recv_bytes=2695&delivery_rate=5815457&cwnd=257&unsent_bytes=0&cid=198f56f75728acd6&ts=450&x=0"
content-length
45196
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
font/woff2
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
vary
Accept-Encoding
server
cloudflare
EuclidCircularB-Bold-WebXL.woff2
auto-ciq.com/fonts/
44 KB
44 KB
Font
General
Full URL
https://auto-ciq.com/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"ae00-62964b6b7b446"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNItotoLjmE2QQ9O07txmsFns8fHS%2B%2BNJC%2FpfMArhiXAk4YOUhIZPVk1YpndkMu7Q4GzVvDo%2FW2wTFsRSaYIxYn72mu4xP2jCYgi27DBRH%2BFBhXz%2BRu0vBNKz%2FL4iUlaRgXG2DCOviwrFjs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3193317b8dd375-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12256&min_rtt=6507&rtt_var=3177&sent=82&recv=41&lost=0&retrans=0&sent_bytes=78035&recv_bytes=2695&delivery_rate=2976477&cwnd=257&unsent_bytes=0&cid=198f56f75728acd6&ts=418&x=0"
content-length
44544
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
font/woff2
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
vary
Accept-Encoding
server
cloudflare
v2.js
js.hsforms.net/forms/
485 KB
157 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-request-id
b023ba0c-80b3-475b-95d2-aaf8e634b161
content-encoding
gzip
cf-cache-status
HIT
etag
W/"558de7b20c531aa81c999732b3c69474"
x-amz-version-id
nL.3tgVnBfE9VUOI2CFVsUxrNJIPlAAW
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age
428
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwDRuG6uQp8Zt%2BIG6wlLAnfuYCN8Uu2tXbqMEoQTJo%2Bc%2FIzpMYZgORONI062HtmJKWAYKK4HKJmRrkWH%2BH04rCal9IHchgsIPN04REy7Yvo19uxFFU8IC15V8P6ewo51"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
OdNvyCWfHLrikL3YJPLlNe2lOtZ7fYyo85qmHRh_TAFd0blQvJRQtQ==
x-hubspot-correlation-id
b023ba0c-80b3-475b-95d2-aaf8e634b161
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 15:46:41 UTC
priority
u=3,i=?0
server-timing
cfExtPri
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-mglm2
x-envoy-upstream-service-time
1
x-hs-target-asset
forms-embed/static-1.6926/bundles/project-v2.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 16 Dec 2024 20:55:34 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6926/bundles/project-v2.js&cfRay=8f11614b3a12ecdc-WAW
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray
8f31933559f92c2b-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
enterprise.js
www.google.com/recaptcha/
2 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_b4e5fa21_bcf5_4dfd_8ceb_b0e055d4d60e&render=explicit&hl=en
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 20:55:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 16 Dec 2024 20:55:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
98a8212f-0c81-49e1-9b61-0d0cd2f54ae3.js
auto-ciq.com/
5 MB
2 MB
Script
General
Full URL
https://auto-ciq.com/98a8212f-0c81-49e1-9b61-0d0cd2f54ae3.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316cd5532a0218203d450af81f5324cfde6bfffecd10cb16849eca430750bdde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
EXPIRED
etag
"54aeda-62964b6b6ba47-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ro%2Bv5KkjWJ%2B5DM3zx%2BkWCs4H9FlDydRyc3tJf2MekTHjKyRb5HlgYvV9ltEsizkLC2b2HDcqARQ11b%2BydYICedLt8rhH2riafPfe0%2B0a%2F2qslT%2FcmBsfpiYS82JhOTO863RxFMiUjmBeSYM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3193317ba0d375-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16154&min_rtt=6660&rtt_var=3717&sent=54&recv=36&lost=0&retrans=0&sent_bytes=46530&recv_bytes=2695&delivery_rate=1944370&cwnd=257&unsent_bytes=0&cid=198f56f75728acd6&ts=405&x=0"
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
vary
Accept-Encoding
server
cloudflare
mm-logo.svg
images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/
12 KB
4 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"51bcea2625eb2c6e9268a7377a792c86"
age
68806
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
8iPHxnLTNkhL0r3RipkMex2eh7Z02anMc0aFCKlc0yYn92ydr8PtAw==
date
Mon, 16 Dec 2024 07:09:00 GMT
content-type
image/svg+xml
last-modified
Thu, 14 Oct 2021 12:34:16 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
sddefault.webp
i.ytimg.com/vi_webp/YVgfHZMFFFQ/
18 KB
18 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27731898ea8846c9a9f428fb8cbe2da7c832a4bb6032af7b4b7f0c64f81de55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

etag
"1582837014"
age
150
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 22:53:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 20:53:03 GMT
content-type
image/webp
vary
Origin
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
18434
x-xss-protection
0
server
sffe
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee7bad7246ae2d16678993897b1b22a506841cbc03455b1d8fa566c19643b68b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Mon, 16 Dec 2024 20:55:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
4795067.js
js.hs-scripts.com/
3 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/4795067.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636145510ec3fba7fb79701dbc71b8521bf6bb55508c4596f4160472b4e148bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
18
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 20:57:03 GMT
date
Mon, 16 Dec 2024 20:55:33 GMT
x-hubspot-correlation-id
ca86aed0-3ab2-4cb9-8759-596661cc0713
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Mon, 16 Dec 2024 20:55:15 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8f3193324fae9f10-FRA
accept-ranges
bytes
access-control-allow-origin
https://metamask.io
content-length
689
server
cloudflare
webpack-runtime-47af0c4c734f94813cd3.js
auto-ciq.com/
5 KB
3 KB
Script
General
Full URL
https://auto-ciq.com/webpack-runtime-47af0c4c734f94813cd3.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
EXPIRED
etag
"135c-62964b6bbea61-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDzf8CmKR0CfUPSs5abRAcCJ8M1NXM8eOpKV%2BnzMkFplwK7yc%2BO2EHVy2xXSHoQftMfrvNA9TgN7U1QQxdbQWAqvGRgN6GViWvb3S1on9bBD6gJgNNY1BdV4X7M3lo4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f319335fb66d2c7-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2422
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
vary
Accept-Encoding
server
cloudflare
framework-97c8755eb44f2add89d2.js
auto-ciq.com/
0
0

app-f3d954dab9586aea35cf.js
auto-ciq.com/
0
0

app.js
acsbapp.com/apps/app/dist/js/
469 KB
138 KB
Script
General
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=qBNItA==, md5=rJn5teA6uVtAyHdbEPqzlg==
cf-cache-status
REVALIDATED
etag
W/"ac99f9b5e03ab95b40c8775b10fab396"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Tue, 16 Dec 2025 20:55:34 GMT
x-goog-stored-content-length
480716
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 02 Dec 2024 17:02:30 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7UP6C85QkldTCvCNYMLAtly9gVHAYtI1idy6mYh_jwz84WcKoM8aILLz_MwpceMuuh
cache-control
public, max-age=300, must-revalidate
x-goog-storage-class
STANDARD
cf-ray
8f31933618fb1e64-FRA
access-control-allow-origin
*
x-goog-generation
1733158950283903
server
cloudflare
adsct
t.co/1/i/
43 B
629 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=UTC%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%26800%26600%2628%2624%26800%26600%260%26na&eci=3&event=%7B%7D&event_id=5e0a047b-4f4d-4425-bfc1-47da51a05c83&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=959ca138-2356-4dc0-bb28-439cf583f998&tw_document_href=https%3A%2F%2Fmetamask.io%2F&tw_iframe_status=0&txn_id=oert2&type=javascript&version=2.3.31
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
9f9ac35fbd72798b
cache-control
no-cache, no-store, max-age=0
x-connection-hash
366c5f7e5a4b4e63c3c8d66e985d834e0520f04f17a93ef5669428bbb87b77b2
cf-cache-status
DYNAMIC
cf-ray
8f3193362b3b4d67-FRA
x-response-time
104
content-length
43
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=UTC%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%26800%26600%2628%2624%26800%26600%260%26na&eci=3&event=%7B%7D&event_id=5e0a047b-4f4d-4425-bfc1-47da51a05c83&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=959ca138-2356-4dc0-bb28-439cf583f998&tw_document_href=https%3A%2F%2Fmetamask.io%2F&tw_iframe_status=0&txn_id=oert2&type=javascript&version=2.3.31
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
45b3621b8612a9f9
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a4c20bf54b1713cb03b2f171db66acbd0afc80849560f340455c5470a57e64b6
x-response-time
171
content-length
43
date
Mon, 16 Dec 2024 20:55:34 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
attribution_trigger
px.ads.linkedin.com/
2 B
817 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1734382533402&url=https%3A%2F%2Fauto-ciq.com%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://auto-ciq.com/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
0006296966d0fd5980361adab6d1803c
x-msedge-ref
Ref A: 037A1212CB044DC3ADB4D43F7705E54C Ref B: DUS30EDGE0718 Ref C: 2024-12-16T20:55:33Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYpaWbQ/VmANhrattGAPA==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
0
667 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1734382533402&url=https%3A%2F%2Fauto-ciq.com%2F
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 82140EF085F545D78F96D8EE0B97106C Ref B: FRAEDGE1109 Ref C: 2024-12-16T20:55:34Z
x-li-fabric
prod-lva1
x-li-uuid
AAYpaWbaHKHhThOKSYnOGQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 16 Dec 2024 20:55:33 GMT
content-type
application/javascript
2c719ea3-1f80-4a21-9fa0-16d88d1e4419
https://auto-ciq.com/ Frame
0
0

page-data.json
auto-ciq.com/page-data/download/
0
6 KB
Other
General
Full URL
https://auto-ciq.com/page-data/download/page-data.json
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer
https://auto-ciq.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
etag
W/"9651-62964b6b8ecc5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DIwWghVlY3YNvOVj4QuV%2B3ZanyRSGTva4WD6L9MXtztumv0mZjB4dJFgMaHKoaln5n3zsSt7k5GT6xbJXOitPflrTE60TxLciVouD0EUvj%2B%2FyfFHB2sVo5vffo9zYwc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f319335fb69d2c7-FRA
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
application/json
last-modified
Mon, 16 Dec 2024 15:19:59 GMT
server
cloudflare
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/
59 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65384d58-4ca5"
age
503129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHzkjAYNY%2Fy4hIAVBC7VzQrwgq2%2FvdOIG0aXlfXq127lsB%2FYqGxaSk0GG2lvxsQBr9WSV9NXVC9%2B5LVySvRh%2Bi9ijqhAsUt76EzrZU0Qj0bISkXmRPAwjwrLyoa4c8jk0TzDNe49"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:55:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 24 Oct 2023 23:03:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3193360b5d9f3a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
19621
server
cloudflare
truncated
/
101 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
anchor
www.google.com/recaptcha/enterprise/ Frame F781
0
0
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdGZJsoAAAAAIwMJHRwqiAHA6A_6ZP6bTYpbgSX&co=aHR0cHM6Ly9tZXRhbWFzay5pbzo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&badge=inline&cb=862o21frmjva
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8PljY-A_bm2LOmYeUposkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto-ciq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8PljY-A_bm2LOmYeUposkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 20:55:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
a759cbb3-51a4-4d66-8216-fe3d24b4fcfe
https://auto-ciq.com/ Frame
0
0

truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://auto-ciq.com
Referer

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
Chrome_Logo.svg
images.ctfassets.net/9sy2a0egs6zh/6jY0xZYtP18iUGOuL7qsEa/255fab1bec903c6a079c5b171afa9504/
1 KB
937 B
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/6jY0xZYtP18iUGOuL7qsEa/255fab1bec903c6a079c5b171afa9504/Chrome_Logo.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"e4066a30b774878266f023e3ee346b15"
age
71371
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
6SPh78dal7AWYU7jSiI8qoN1RsGJ-t35djZkthOwpscYJb8zdAvnIQ==
date
Mon, 16 Dec 2024 01:17:45 GMT
content-type
image/svg+xml
last-modified
Tue, 14 Jun 2022 02:40:31 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
Firefox_Logo.svg
images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/
10 KB
4 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"7ab1520d2f60ffff326be5e95af56b94"
age
70086
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
Jz43rSYWFXC8Jqs-41TxPB0dsSWeekwoJOqDzbL-IYiVc2Xp-KUY8Q==
date
Mon, 16 Dec 2024 01:27:29 GMT
content-type
image/svg+xml
last-modified
Tue, 14 Jun 2022 02:40:32 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
Brave_Logo.svg
images.ctfassets.net/9sy2a0egs6zh/6K35nUJEYIXCoR49W9UbG2/7d517fbbc3918597ddbb12a4905e8ef4/
5 KB
3 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/6K35nUJEYIXCoR49W9UbG2/7d517fbbc3918597ddbb12a4905e8ef4/Brave_Logo.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"e7011b79e2cfebf73d7debca02134bfd"
age
70545
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
w1LdaM_B0wgbtIR1UtN6hpq6evkmA3NVykQRiWP73Jko5Nb0mq304Q==
date
Mon, 16 Dec 2024 01:19:50 GMT
content-type
image/svg+xml
last-modified
Tue, 14 Jun 2022 02:40:31 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
Edge_Logo.svg
images.ctfassets.net/9sy2a0egs6zh/3iHNcQMnMyfmbe7yG2yzkk/58ca0fc0b694f36bff3e528ee53ce958/
7 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/3iHNcQMnMyfmbe7yG2yzkk/58ca0fc0b694f36bff3e528ee53ce958/Edge_Logo.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"89cbed142253670761faee239ff297df"
age
71347
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
u10TY2gohw4HBqWSfLiBRfuGuikeZ9SgNOzWay-yer98Stz-lHLMkQ==
date
Mon, 16 Dec 2024 01:06:28 GMT
content-type
image/svg+xml
last-modified
Tue, 14 Jun 2022 02:40:32 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
Opera.svg
images.ctfassets.net/9sy2a0egs6zh/FtQvBSBi6iPCjGId8tTPe/90dd416a917c1e1d542ca2497ce786b1/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/FtQvBSBi6iPCjGId8tTPe/90dd416a917c1e1d542ca2497ce786b1/Opera.svg
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
etag
W/"f82b3d4aea497f577902b97c635d1543"
age
68805
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
hVmk4GCgrRKNEUsPHKPz9ku54No9SrZlLGQuRcBVEcbgconOldQNNw==
date
Mon, 16 Dec 2024 06:27:29 GMT
content-type
image/svg+xml
last-modified
Fri, 16 Sep 2022 04:45:55 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
home-hero.png
images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/
30 KB
31 KB
Image
General
Full URL
https://images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1111&h=1046&q=80&fm=webp
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cache-control
max-age=31536000
etag
"5ebdaaff7a5c8f93af55287c2a4a37f5"
age
70663
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
31204
x-amz-cf-id
zcn2AWgNWQX0PJ9KPKegRMXWX_oeRFT1kLpQZHogpAW1_-dS40Q5Mw==
date
Mon, 16 Dec 2024 04:40:51 GMT
content-type
image/webp
last-modified
Sun, 24 Nov 2024 09:39:59 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
vary
Accept-Encoding
YVgfHZMFFFQ
www.youtube.com/embed/ Frame 673B
0
0
Document
General
Full URL
https://www.youtube.com/embed/YVgfHZMFFFQ?&rel=0&sub_confirmation=1&enablejsapi=1&origin=https%3A%2F%2Fmetamask.io
Requested by
Host: auto-ciq.com
URL: https://auto-ciq.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auto-ciq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 20:55:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
ffcc54e6-9bd3-4ee6-833a-f42c4820f18a
https://auto-ciq.com/ Frame
0
0

f3daf7bc-0518-429d-9df9-c0465ea1fb5e
https://auto-ciq.com/ Frame
0
0

collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fauto-ciq.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1800179282.1734382534&dt=The%20Ultimate%20Crypto%20Wallet%20for%20DeFi%2C%20Web3%20Apps%2C%20and%20NFTs%20%7C%20MetaMask&navt=n&npa=1&us_privacy=1---&gtm=45He4cc1v9122980764za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734382534180&tfd=1084&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M67JQ84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
www-widgetapi.js
www.youtube.com/s/player/2f1832d2/www-widgetapi.vflset/
30 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/2f1832d2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

content-encoding
br
age
2352
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 20:16:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 20:16:22 GMT
last-modified
Thu, 12 Dec 2024 05:03:26 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
f37e93e9-7f5c-4896-a976-b4f934efc029
https://auto-ciq.com/ Frame
0
0

816f1494-a740-4feb-baa6-b8259b1b2cfd
https://auto-ciq.com/ Frame
0
0

ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/
719 KB
124 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://auto-ciq.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"62ad87d5-1eb91"
age
329174
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEb82J4IyKtURerGEd4HXVNVbYAQhnr%2BTngZFJUGQaIZ%2F3wLoKzAZnT4Mh8EvLOvR4fP1sqwxYO6sVwV61aut5RswJ%2FvcGjYlvKsFP47lsKWLIZq3UCTx4ECdZ3pWvWC3gcBLK5B"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 20:55:34 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 20:55:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 18 Jun 2022 08:07:49 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f319336ec529f3a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
125841
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame B137
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fauto-ciq.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M67JQ84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 20:55:34 GMT
expires
Tue, 16 Dec 2025 20:55:34 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc376dfb-69f1-4a31-b0fe-9d19f6254e0f
https://auto-ciq.com/ Frame
0
0

9af11f19-943e-4a54-b13c-1855927fde86
https://auto-ciq.com/ Frame
0
0

b159dbf5-7b8a-4932-a0af-d84156164ee9
https://auto-ciq.com/ Frame
0
0

cf3062fb-247e-4ce9-811b-497cc835e5e4
https://auto-ciq.com/ Frame
0
0

4a9cf360-22af-4014-9262-ea5d85455111
https://auto-ciq.com/ Frame
0
0

1ecfbf57-c92b-401a-a8dc-363acf23040d
https://auto-ciq.com/ Frame
0
0

9432f2aa-d3e5-4d17-a378-fe89cfa13104
https://auto-ciq.com/ Frame
0
0

73b06c6d-4fa7-4651-9d69-d9cdde6b2256
https://auto-ciq.com/ Frame
0
0

/
cmp.osano.com/ Frame 6B73
0
0
Document
General
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auto-ciq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
37052
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Mon, 16 Dec 2024 10:38:03 GMT
etag
W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified
Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding Origin
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
cFEy8u1QsFSVQ8RWpwPKLLpI0DLEqkot7texTOJHhJ5G_ek_mpIkEg==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
de.json
cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/ Frame
0
0
Preflight
General
Full URL
https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://auto-ciq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 20:55:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id
YqqRptE20GUN0kFbhDMxI1m4AlvebXwNDbwqh69UaU2ndBR9iHHMYQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
osano-ui.js
cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/
0
0

de.json
cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/
0
0

public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4795067&conversations-embed=static-1.19337&mobile=false&messagesUtk=3b74ae32bd374180ab3672b549f0322b&traceId=3b74ae32bd374180ab3672b549f0322b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://auto-ciq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://auto-ciq.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8f31933ecfd6196a-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Mon, 16 Dec 2024 20:55:35 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2dYDHQ56ZmhNiFzz9TNxsshzgPyH03NU%2B1egY6rD6UW2e1OYZan8YhPj%2FEcWcjx2ND0ypWsaxg7Nf9PqbBUYRUFyAdRSNnN9Jn9epHIcHfmr0lQJbf4Cx4WZIBXC6mRVNv6d%2FeUrvm55u2rOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
8ac9b994-971c-449d-8657-bb061031b2c0
public
api.hubspot.com/livechat-public/v1/message/
0
0

combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/
0
0

cf-location
js.hs-banner.com/cookie-banner-public/v1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auto-ciq.com
URL
https://auto-ciq.com/framework-97c8755eb44f2add89d2.js
Domain
auto-ciq.com
URL
https://auto-ciq.com/app-f3d954dab9586aea35cf.js
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/2c719ea3-1f80-4a21-9fa0-16d88d1e4419
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/a759cbb3-51a4-4d66-8216-fe3d24b4fcfe
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/ffcc54e6-9bd3-4ee6-833a-f42c4820f18a
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/f3daf7bc-0518-429d-9df9-c0465ea1fb5e
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/f37e93e9-7f5c-4896-a976-b4f934efc029
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/816f1494-a740-4feb-baa6-b8259b1b2cfd
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/cc376dfb-69f1-4a31-b0fe-9d19f6254e0f
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/9af11f19-943e-4a54-b13c-1855927fde86
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/b159dbf5-7b8a-4932-a0af-d84156164ee9
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/cf3062fb-247e-4ce9-811b-497cc835e5e4
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/4a9cf360-22af-4014-9262-ea5d85455111
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/1ecfbf57-c92b-401a-a8dc-363acf23040d
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/9432f2aa-d3e5-4d17-a378-fe89cfa13104
Domain
auto-ciq.com
URL
blob:https://auto-ciq.com/73b06c6d-4fa7-4651-9d69-d9cdde6b2256
Domain
cmp.osano.com
URL
https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/osano-ui.js
Domain
cmp.osano.com
URL
https://cmp.osano.com/AzZMxHTbQDOQD8c1J/a2e89f0e-f467-4542-bfea-30ea2c1a6648/de.json
Domain
api.hubspot.com
URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=4795067&conversations-embed=static-1.19337&mobile=false&messagesUtk=3b74ae32bd374180ab3672b549f0322b&traceId=3b74ae32bd374180ab3672b549f0322b
Domain
cta-service-cms2.hubspot.com
URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=4795067&currentUrl=https%3A%2F%2Fauto-ciq.com%2F
Domain
js.hs-banner.com
URL
https://js.hs-banner.com/cookie-banner-public/v1/cf-location

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Domain/Path Name / Value
.hsadspixel.net/ Name: __cf_bm
Value: m_G_sd4UXVPerIcDmye4dlWztGSxweO9QaL_5QemRCo-1734382533-1.0.1.1-0hOZYWmyRlm0r1rFYaEqPhDAKJu0LOhpmELT_JAwMrSQozj2PzevwwTakqtDjMOVrtAC3VNLcKcJSEuOMyxnAg
.hs-banner.com/ Name: __cf_bm
Value: 3nbJZVA.EYaupo0vxXOQyu5lrfQi3lgfG8.RKHQJg4g-1734382533-1.0.1.1-UhhqpRcub_lxhLCLN.raBekUgBCP1ELB5H3hV3JGFBiESaT2hdMDTfYd81qzim_sJMUKbfX6lJD.h.SqpRiyNw
.usemessages.com/ Name: __cf_bm
Value: V65LssUDzNMaYZ9HVwFdjH4rckajrn7X5WbRUJ4ToTI-1734382533-1.0.1.1-5xV4WxfePbRGgg2W75SG4kU3v4jvWzxVoFN0UUNhik174yFkH86fSgG3.afRSFUgoAdTNgVrnhMZ_isipDZ8uA
.hs-scripts.com/ Name: __cf_bm
Value: xYqtCM0nVXR0r_XvcQ.En.HoQu2ax4SfPE2Yphbbq4I-1734382533-1.0.1.1-bt5YqXx91u6ELvxoWY4OlN.lB0HsWLRM4tD4eKIcvabxfTCpE5AR42XpR08jRrFITsWWaBH3mdsXLKQpnK_grQ
.hs-analytics.net/ Name: __cf_bm
Value: rC1Mlc6QMbEt1YJS5eKnYlC2_A48nkx2eu47mEl7NWk-1734382533-1.0.1.1-LQ5r45Y4fjDKqg01muniDE8_ruK.YQH9EHhuxh9100eihZtnA4TnqnjMMSr3pu.enblfIcXufQz2VNHEXd.mcg
.youtube.com/ Name: YSC
Value: rXx7Z-cO4_o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: G_uzLJSljH8
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgTA%3D%3D
.hsforms.net/ Name: __cf_bm
Value: w_5lL_8t1f4ZoX1gwZfoZx2jd9DJTO5K9tJDitk41_I-1734382534-1.0.1.1-AYlQvhViwfsdWUxqPl0eZvDyH9bv_LRTYo0MP4G06thwk1q9OJ6b5Pi1mRyRwYq89_3Km.1J8CAqNO4hrxbE9Q
.linkedin.com/ Name: bcookie
Value: "v=2&8953b4d2-5c28-4da4-8783-c9983d3e9cf2"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzQzODI1MzQ7MjswMjHKXUnacqI9Pmyq8WcVKMvLWzgCGpiptUAw0V8g/9NB2Q==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=3068:u=1:x=1:i=1734382534:t=1734468934:v=2:sig=AQHEKrd5aid1SQkkwcep2NSQye2dJTud"
.t.co/ Name: muc_ads
Value: c1b0a040-f93c-4f1a-b113-407b9f887222
.t.co/ Name: __cf_bm
Value: 75o5SNuE8VMw8lRMPZ5PmHlAFoCqtFnt.gZrENlkFzA-1734382534-1.0.1.1-HWq.sP8g5pkVy3bIjXAvkjZFY6W857Kc2TCN3RdSYyM5G1S.Op33Ctup7Rwbb1IuR_GybCBhsPM6GxZ7xFa.Gw
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173438253416625457
.twitter.com/ Name: guest_id_ads
Value: v1%3A173438253416625457
.twitter.com/ Name: personalization_id
Value: "v1_5cNSnk3vkVD+RQi41aSOfg=="
.twitter.com/ Name: guest_id
Value: v1%3A173438253416625457

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.twitter.com
api.hubspot.com
auto-ciq.com
cdnjs.cloudflare.com
cmp.osano.com
cta-service-cms2.hubspot.com
i.ytimg.com
images.ctfassets.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
px.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
t.co
www.google.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
api.hubspot.com
auto-ciq.com
cmp.osano.com
cta-service-cms2.hubspot.com
js.hs-banner.com
104.17.25.14
104.18.142.119
104.21.80.1
104.244.42.3
142.250.185.100
146.75.120.157
172.217.23.110
172.66.0.227
18.66.102.27
2600:9000:223c:3000:3:b7e:8940:93a1
2600:9000:223c:8a00:3:b7e:8940:93a1
2600:9000:235a:da00:12:94b3:c380:93a1
2606:4700:10::6816:1cc
2606:4700:3030::6815:1001
2606:4700:4400::ac40:9310
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:8b11
2620:1ec:21::14
2a00:1450:4001:800::2016
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200e
2a02:26f0:480:33::212:40dc
2a04:4e42:400::396
0d4f509bdaacdcdd200638568d31a720c12a9e1f19955f17b42aa62393e7c094
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
2b6a2c7858a598cb9c49699efd08fda94e8354dc03fc6f7d836e123373b63432
316cd5532a0218203d450af81f5324cfde6bfffecd10cb16849eca430750bdde
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5ae989b20ec1716a26d85e87e911c0a1c2ec617fcaf79157603495ef70184d42
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
636145510ec3fba7fb79701dbc71b8521bf6bb55508c4596f4160472b4e148bb
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
74db799bab0b041d9c66079cb9f6a474f1bcb0d30bcc011510106d318a59e37d
7da57a437a999e2503178063a85ca9557211686f50d7671db0142a2ceb3095d2
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
a44926b15fa32d695d4106e41cfce20efbf7949b5ff8fcef69d79d43168a5266
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
c11a9f3e7367d3211600ad64e69eb93df8d93a6256980c1bc8f412fd58c4551a
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
ee7bad7246ae2d16678993897b1b22a506841cbc03455b1d8fa566c19643b68b
eef7476c879379d694804e834bd6a5846522e845dc6840a8865708d738ecc4c3
f27731898ea8846c9a9f428fb8cbe2da7c832a4bb6032af7b4b7f0c64f81de55