www.shultsfordsouth.com Open in urlscan Pro
143.204.89.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://westmifflincredit.com/
Effective URL:
https://www.shultsfordsouth.com/ApplyForCredit
Submission: On June 24 via automatic, source certstream-suspicious (June 24th 2022, 2:10:38 am UTC) — Scanned from DE

Summary HTTP 239 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 73 IPs in 6 countries across 55 domains to perform 239 HTTP transactions. The main IP is 143.204.89.6, located in United States and belongs to AMAZON-02, US. The main domain is www.shultsfordsouth.com.
TLS certificate: Issued by Amazon on June 10th 2022. Valid for: a year.

This is the only time www.shultsfordsouth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.204.89.97 143.204.89.97	16509 (AMAZON-02) (AMAZON-02)
2	143.204.89.6 143.204.89.6	16509 (AMAZON-02) (AMAZON-02)
22	143.204.89.85 143.204.89.85	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.7 143.204.89.7	16509 (AMAZON-02) (AMAZON-02)
13	2a02:26f0:ef:... 2a02:26f0:ef:280::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 6	34.248.142.13 34.248.142.13	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:ef:... 2a02:26f0:ef:290::1075	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	104.92.81.61 104.92.81.61	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	138.128.247.123 138.128.247.123	36007 (KAMATERA) (KAMATERA)
2	2600:9000:215... 2600:9000:2156:d800:a:7593:bf40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.248.150.209 3.248.150.209	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1	54.77.179.162 54.77.179.162	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.234.8.45 18.234.8.45	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	2600:9000:215... 2600:9000:2156:ca00:1d:cf92:a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.164.211.210 54.164.211.210	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 1	54.85.235.187 54.85.235.187	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:224... 2600:9000:224a:6400:12:e632:2080:93a1	() ()
1	2600:9000:215... 2600:9000:2156:1a00:6:5a0f:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	147.185.239.105 147.185.239.105	36007 (KAMATERA) (KAMATERA)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	54.84.84.22 54.84.84.22	14618 (AMAZON-AES) (AMAZON-AES)
2 4	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:205... 2600:9000:2057:6400:19:2275:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.225.134.186 34.225.134.186	14618 (AMAZON-AES) (AMAZON-AES)
1	35.170.158.2 35.170.158.2	14618 (AMAZON-AES) (AMAZON-AES)
26	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	52.201.41.73 52.201.41.73	14618 (AMAZON-AES) (AMAZON-AES)
2 7	13.57.85.43 13.57.85.43	16509 (AMAZON-02) (AMAZON-02)
2 4	143.204.89.20 143.204.89.20	16509 (AMAZON-02) (AMAZON-02)
1	141.193.251.239 141.193.251.239	46746 (SECURE-24-AS) (SECURE-24-AS)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:7600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	34.217.199.81 34.217.199.81	16509 (AMAZON-02) (AMAZON-02)
1	52.240.48.36 52.240.48.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 4	35.173.71.4 35.173.71.4	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.89.64 143.204.89.64	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.113 143.204.89.113	16509 (AMAZON-02) (AMAZON-02)
1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
7	3.213.19.182 3.213.19.182	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	52.48.114.92 52.48.114.92	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	174.137.122.131 174.137.122.131	54668 (MARCHEX-EAST) (MARCHEX-EAST)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	52.240.48.26 52.240.48.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	20.49.97.1 20.49.97.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.240.48.25 52.240.48.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	52.162.204.184 52.162.204.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
239	73

2 143.204.89.97 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-97.fra50.r.cloudfront.net

westmifflincredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.westmifflincredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-6.fra50.r.cloudfront.net

www.shultsfordsouth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 143.204.89.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-85.fra50.r.cloudfront.net

media.assets.sincrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-7.fra50.r.cloudfront.net

wsassets.sincrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:ef:280::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.248.142.13 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:ef:290::1075 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.ford.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.92.81.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-81-61.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.128.247.123 (New York, United States) 1 redirects

ASN36007 (KAMATERA, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d800:a:7593:bf40:93a1 (United States)

ASN16509 (AMAZON-02, US)

fo-static.assets-cdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.150.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-150-209.eu-west-1.compute.amazonaws.com

ford.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.ford.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.179.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-179-162.eu-west-1.compute.amazonaws.com

ford.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fps-prod-na-frontdoor.z01.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.234.8.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-8-45.compute-1.amazonaws.com

checkout.autofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

exos.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ca00:1d:cf92:a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.digops.sincro.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.164.211.210 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-211-210.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.235.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-235-187.compute-1.amazonaws.com

gubagootracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:224a:6400:12:e632:2080:93a1 (United States)

ASN- ()

cdn.gubagoo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1a00:6:5a0f:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

integrator.swipetospin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.185.239.105 (New York, United States)

ASN36007 (KAMATERA, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.84.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-84-22.compute-1.amazonaws.com

lender.autofi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:6400:19:2275:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.spincar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.225.134.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-134-186.compute-1.amazonaws.com

gubagoo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.158.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-158-2.compute-1.amazonaws.com

cbo-loader.gubagoo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.41.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-41-73.compute-1.amazonaws.com

fzlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.57.85.43 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-85-43.us-west-1.compute.amazonaws.com

dt.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dt.admission.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.89.20 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-20.fra50.r.cloudfront.net

traffic.prod.cobaltgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.251.239 (United States)

ASN46746 (SECURE-24-AS, US)

www.routeone.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:7600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.217.199.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-199-81.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.240.48.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

creativesham.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.173.71.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-71-4.compute-1.amazonaws.com

aalnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-64.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-113.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.213.19.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-19-182.compute-1.amazonaws.com

px.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snc.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.114.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

690327.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
690333.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.122.131 (United States)

ASN54668 (MARCHEX-EAST, US)

rw.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.240.48.26 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

creativesham.table.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.49.97.1 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mtafunctionapp.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.240.48.25 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

creativesham.queue.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.162.204.184 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.fdcampaignstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	713 KB
23	sincrod.com media.assets.sincrod.com — Cisco Umbrella Rank: 39107 wsassets.sincrod.com — Cisco Umbrella Rank: 42750	632 KB
14	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 690327.fls.doubleclick.net — Cisco Umbrella Rank: 45639 690333.fls.doubleclick.net — Cisco Umbrella Rank: 60982	6 KB
13	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 418	129 KB
12	gubagoo.io cdn.gubagoo.io — Cisco Umbrella Rank: 19538 gubagoo.io — Cisco Umbrella Rank: 18081 cbo-loader.gubagoo.io — Cisco Umbrella Rank: 26648	333 KB
12	evidon.com c.evidon.com — Cisco Umbrella Rank: 932 l.evidon.com — Cisco Umbrella Rank: 8033	33 KB
9	marchex.io px.marchex.io — Cisco Umbrella Rank: 12662 rw.marchex.io — Cisco Umbrella Rank: 24798 snc.marchex.io — Cisco Umbrella Rank: 25042	27 KB
9	cobaltgroup.com 4 redirects dt.cobaltgroup.com — Cisco Umbrella Rank: 20861 traffic.prod.cobaltgroup.com — Cisco Umbrella Rank: 7428	17 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	824 B
7	windows.net creativesham.blob.core.windows.net — Cisco Umbrella Rank: 38026 creativesham.table.core.windows.net — Cisco Umbrella Rank: 42584 creativesham.queue.core.windows.net — Cisco Umbrella Rank: 49470	42 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 8 region1.analytics.google.com — Cisco Umbrella Rank: 5133 adservice.google.com — Cisco Umbrella Rank: 92	2 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482 tracking.crazyegg.com — Cisco Umbrella Rank: 3393	40 KB
7	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 192 ford.demdex.net — Cisco Umbrella Rank: 11444	9 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 m.stripe.com — Cisco Umbrella Rank: 1533	77 KB
6	azurefd.net fps-prod-na-frontdoor.z01.azurefd.net — Cisco Umbrella Rank: 29753	1 KB
6	ford.com www.ford.com — Cisco Umbrella Rank: 24673 smetrics.ford.com — Cisco Umbrella Rank: 29018	187 KB
5	spincar.com cdn.spincar.com — Cisco Umbrella Rank: 20210	11 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	358 KB
5	azureedge.net exos.azureedge.net — Cisco Umbrella Rank: 62135	171 KB
4	azurewebsites.net mtafunctionapp.azurewebsites.net — Cisco Umbrella Rank: 44425	328 B
4	aalnk.com 1 redirects aalnk.com — Cisco Umbrella Rank: 29655	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5448	869 B
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 286	2 KB
4	acsbapp.com 1 redirects acsbapp.com — Cisco Umbrella Rank: 4507 cdn.acsbapp.com — Cisco Umbrella Rank: 4869	164 KB
3	sincro.io tag.digops.sincro.io — Cisco Umbrella Rank: 48506	2 KB
2	fdcampaignstudio.com www.fdcampaignstudio.com — Cisco Umbrella Rank: 42914	1 KB
2	admission.net dt.admission.net — Cisco Umbrella Rank: 8637	906 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	16 KB
2	autofi.com checkout.autofi.com — Cisco Umbrella Rank: 46973 lender.autofi.com — Cisco Umbrella Rank: 48034	173 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	29 KB
2	assets-cdk.com fo-static.assets-cdk.com — Cisco Umbrella Rank: 47268	4 KB
2	shultsfordsouth.com www.shultsfordsouth.com	53 KB
2	westmifflincredit.com 2 redirects westmifflincredit.com www.westmifflincredit.com	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	t.co t.co — Cisco Umbrella Rank: 455	338 B
1	everesttech.net pixel.everesttech.net — Cisco Umbrella Rank: 3023	695 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 594	261 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 387	275 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	turn.com d.turn.com — Cisco Umbrella Rank: 909	398 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 445	500 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	routeone.net www.routeone.net — Cisco Umbrella Rank: 48223	643 B
1	fzlnk.com fzlnk.com — Cisco Umbrella Rank: 14594	8 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 483	713 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 907	356 B
1	swipetospin.com integrator.swipetospin.com — Cisco Umbrella Rank: 23441	21 KB
1	gubagootracking.com 1 redirects gubagootracking.com — Cisco Umbrella Rank: 65564	284 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	868 B
1	omtrdc.net ford.tt.omtrdc.net — Cisco Umbrella Rank: 30721	1 KB
0	ixiaa.com Failed s.ixiaa.com Failed
239	55

	Domain	Requested by
26	www.googletagmanager.com	wsassets.sincrod.com www.shultsfordsouth.com media.assets.sincrod.com www.googletagmanager.com assets.adobedtm.com
22	media.assets.sincrod.com	www.shultsfordsouth.com media.assets.sincrod.com
13	assets.adobedtm.com	www.shultsfordsouth.com assets.adobedtm.com
9	www.facebook.com	www.shultsfordsouth.com 690327.fls.doubleclick.net
9	c.evidon.com	www.shultsfordsouth.com c.evidon.com
7	www.google-analytics.com	www.shultsfordsouth.com www.google-analytics.com
7	cdn.gubagoo.io	www.shultsfordsouth.com gubagootracking.com
6	fps-prod-na-frontdoor.z01.azurefd.net	www.ford.com
6	dpm.demdex.net	3 redirects www.shultsfordsouth.com
5	dt.cobaltgroup.com	2 redirects media.assets.sincrod.com dt.cobaltgroup.com
5	cdn.spincar.com	www.shultsfordsouth.com integrator.swipetospin.com cdn.spincar.com
5	cm.g.doubleclick.net	4 redirects
5	connect.facebook.net	www.shultsfordsouth.com connect.facebook.net
5	exos.azureedge.net	media.assets.sincrod.com exos.azureedge.net
4	mtafunctionapp.azurewebsites.net	creativesham.blob.core.windows.net
4	creativesham.table.core.windows.net	creativesham.blob.core.windows.net
4	px.marchex.io
4	aalnk.com	1 redirects fzlnk.com
4	www.google.de
4	www.google.com	1 redirects
4	script.crazyegg.com	wsassets.sincrod.com script.crazyegg.com
4	traffic.prod.cobaltgroup.com	2 redirects
4	gubagoo.io	gubagootracking.com
4	s.amazon-adsystem.com	2 redirects
4	www.ford.com	www.shultsfordsouth.com www.ford.com media.assets.sincrod.com
3	snc.marchex.io	rw.marchex.io snc.marchex.io
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	js.stripe.com	checkout.autofi.com js.stripe.com
3	l.evidon.com	www.shultsfordsouth.com
3	tag.digops.sincro.io	www.shultsfordsouth.com
2	www.fdcampaignstudio.com	www.shultsfordsouth.com
2	690333.fls.doubleclick.net	1 redirects 690327.fls.doubleclick.net
2	adservice.google.com	690327.fls.doubleclick.net 690333.fls.doubleclick.net
2	creativesham.queue.core.windows.net	creativesham.blob.core.windows.net
2	dt.admission.net
2	rw.marchex.io	www.shultsfordsouth.com rw.marchex.io
2	690327.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	idsync.rlcdn.com
2	bat.bing.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	www.shultsfordsouth.com
2	cdn.acsbapp.com	acsbapp.com
2	cdnjs.cloudflare.com	media.assets.sincrod.com integrator.swipetospin.com
2	smetrics.ford.com	assets.adobedtm.com
2	fo-static.assets-cdk.com	www.shultsfordsouth.com fo-static.assets-cdk.com
2	acsbapp.com	1 redirects www.shultsfordsouth.com
2	www.shultsfordsouth.com	media.assets.sincrod.com
1	analytics.twitter.com	690327.fls.doubleclick.net
1	t.co	690327.fls.doubleclick.net
1	pixel.everesttech.net	690327.fls.doubleclick.net
1	insight.adsrvr.org	690327.fls.doubleclick.net
1	static.ads-twitter.com	690327.fls.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	tracking.crazyegg.com	script.crazyegg.com
1	d.turn.com
1	aa.agkn.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	region1.analytics.google.com	www.googletagmanager.com
1	creativesham.blob.core.windows.net	www.shultsfordsouth.com
1	m.stripe.com	m.stripe.network
1	www.googleadservices.com	www.googletagmanager.com
1	www.routeone.net	media.assets.sincrod.com
1	fzlnk.com	media.assets.sincrod.com
1	cbo-loader.gubagoo.io	gubagootracking.com
1	lender.autofi.com	checkout.autofi.com
1	tags.bluekai.com	1 redirects
1	odr.mookie1.com	www.shultsfordsouth.com
1	integrator.swipetospin.com	media.assets.sincrod.com
1	gubagootracking.com	1 redirects
1	fonts.googleapis.com	media.assets.sincrod.com
1	checkout.autofi.com	media.assets.sincrod.com
1	ford.tt.omtrdc.net	assets.adobedtm.com
1	ford.demdex.net	assets.adobedtm.com
1	wsassets.sincrod.com	www.shultsfordsouth.com
1	www.westmifflincredit.com	1 redirects
1	westmifflincredit.com	1 redirects
0	s.ixiaa.com Failed
239	80

This site contains links to these domains. Also see Links.

Domain
order.shultsford.com
www.youtube.com
twitter.com
www.facebook.com
www.instagram.com
accessories.ford.com
parts.ford.com
shop.ford.com
www.fleet.ford.com
media.assets.sincrod.com
www.shultsford.com
fordwestmifflin.shultsfordsouth.com
shultsfordsouth.nlmnews.com
www.google.com
www.ford.com
www.forddirectprivacy.com
www.forddirect.com
www.mozilla.org
www.microsoft.com
blogs.windows.com
accessibe.com

Subject Issuer	Validity	Valid
shultsfordsouth.com Amazon	`2022-06-10` - `2023-07-09`	a year	crt.sh
*.assets.sincrod.com Amazon	`2022-05-21` - `2023-06-19`	a year	crt.sh
*.sincrod.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.ford.com GeoTrust RSA CA 2018	`2022-02-01` - `2022-09-13`	7 months	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.assets-cdk.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.ford.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-22` - `2023-06-22`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.azurefd.net Microsoft Azure TLS Issuing CA 01	`2022-05-17` - `2023-05-12`	a year	crt.sh
checkout.autofi.com R3	`2022-05-09` - `2022-08-07`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.digops.sincro.io Amazon	`2021-09-22` - `2022-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.impel.io Amazon	`2022-03-15` - `2023-04-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
lender.autofi.com R3	`2022-05-09` - `2022-08-07`	3 months	crt.sh
*.gubagoo.io Sectigo RSA Domain Validation Secure Server CA	`2022-04-11` - `2023-05-12`	a year	crt.sh
gubagoo.io R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
fzlnk.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
admission.net Amazon	`2021-12-06` - `2023-01-04`	a year	crt.sh
www.routeone.net DigiCert SHA2 Extended Validation Server CA	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-05-23` - `2023-05-23`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
aalnk.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.marchex.io Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.table.core.windows.net Microsoft RSA TLS CA 02	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.queue.core.windows.net Microsoft RSA TLS CA 01	`2022-05-23` - `2023-05-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tmogul.com Amazon	`2022-06-16` - `2023-07-15`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.fdcampaignstudio.com Go Daddy Secure Certificate Authority - G2	`2022-01-31` - `2023-02-20`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.shultsfordsouth.com/ApplyForCredit
Frame ID: 326214149606668A06CEE2EA247177AE
Requests: 204 HTTP requests in this frame

Frame: https://ford.demdex.net/dest5.html?d_nsid=0
Frame ID: AA559B2F85ABBD1415F100F2A7FC52A7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.spincar.com/spincar-static/ana2/client_id.html?_=3349ca898c3ce4
Frame ID: A8EA153857C46EF0BFDA3E8C75699994
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2A1F3D76D7486ECF8E8068658B5A218B
Requests: 1 HTTP requests in this frame

Frame: https://www.routeone.net/XRD/xrdStart.do?dealerId=IR4EQ
Frame ID: 8CC3EAAB0E621DB3B89BDE547A394CA2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 2CD7ED7B05F524713C6451916D5B9DCD
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5019CA417B58B49A96640CE0CD0406EF
Requests: 4 HTTP requests in this frame

Frame: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit
Frame ID: 89769953C8B205AACB39868C91E65A1A
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 72E557015AD80D4C16F80AEC3CBAFD6A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BAE9D137F4E001BE2E93BE1DF1A96542
Requests: 1 HTTP requests in this frame

Frame: https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501
Frame ID: BD7F6E6E50D029308C24873A11FF32E6
Requests: 2 HTTP requests in this frame

Frame: https://snc.marchex.io/sync.html?ruleSetId=fwABAVsFi_sefAAN
Frame ID: 55EACAA5E02D675E557D346C8359D597
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 951A58BA62DDFB3C5B3B897A078C4ECB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shults Ford South is a Pittsburgh Ford dealer and a new car and used car Pittsburgh PA Ford dealership. Start Chat

Page URL History Show full URLs

https://westmifflincredit.com/ HTTP 301
https://www.westmifflincredit.com/ HTTP 301
https://www.shultsfordsouth.com/ApplyForCredit Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

239
Requests

92 %
HTTPS

33 %
IPv6

55
Domains

80
Subdomains

73
IPs

6
Countries

3323 kB
Transfer

11618 kB
Size

87
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://order.shultsford.com/
Title: Custom Order A New Vehicle

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/shultsford07/videos
Title: Youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/ShultsFord
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShultsFordLincoln/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shultsford/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://accessories.ford.com/?pa=04682&intcmp=dc4-04682-F
Title: Order OEM Accessories

Search URL Search Domain Scan URL

URL: https://parts.ford.com/shultsfordsouth?dealerCode=04682&fmccmp=t3-lp-fparts-t1-fparts
Title: Order OEM Parts

Search URL Search Domain Scan URL

URL: https://shop.ford.com/configure/bronco/model/customize/base
Title: Customize Your Bronco

Search URL Search Domain Scan URL

URL: https://accessories.ford.com/pages/ford-bronco-2021
Title: Bronco Accessories Store

Search URL Search Domain Scan URL

URL: https://www.fleet.ford.com/content/dam/aem_fleet/en_us/fleet/brochures/order/general-information/2020_Fleet%20Preview%20Guide_Spreads%20v2.pdf
Title: Fleet Preview Guide

Search URL Search Domain Scan URL

URL: https://www.fleet.ford.com/get-started/
Title: Become a Fleet Account

Search URL Search Domain Scan URL

URL: https://media.assets.sincrod.com/teams/repository/export/4d9474f8ca7710058b0f0050568ba825/4d9474f8ca7710058b0f0050568ba825.pdf
Title: Commercial Drivers License Fact Sheet

Search URL Search Domain Scan URL

URL: https://www.fleet.ford.com/towing-guides/
Title: Towing Guides

Search URL Search Domain Scan URL

URL: https://www.shultsford.com/PaymentCalculator
Title: Estimate Payments

Search URL Search Domain Scan URL

URL: https://www.shultsford.com/xplan
Title: Ford X-Plan

Search URL Search Domain Scan URL

URL: http://fordwestmifflin.shultsfordsouth.com/
Title: Our Blog

Search URL Search Domain Scan URL

URL: https://shultsfordsouth.nlmnews.com/
Title: Our Newsletter

Search URL Search Domain Scan URL

URL: http://www.google.com/maps/search/Shults%20Ford%20South/@40.345858,-79.953604,16z
Title: Directions

Search URL Search Domain Scan URL

URL: https://www.ford.com/finance/apply/1?SourceOfData=DCF&dealerId=04682
Title: Pre-Qualify

Search URL Search Domain Scan URL

URL: https://www.forddirectprivacy.com/
Title: FordDirect Privacy

Search URL Search Domain Scan URL

URL: https://www.forddirect.com/dealerconnection-terms
Title: View Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.forddirect.com/adchoices

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Edge

Search URL Search Domain Scan URL

URL: https://blogs.windows.com/windowsexperience/2021/05/19/the-future-of-internet-explorer-on-windows-10-is-in-microsoft-edge/
Title: here

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://westmifflincredit.com/ HTTP 301
https://www.westmifflincredit.com/ HTTP 301
https://www.shultsfordsouth.com/ApplyForCredit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742

Request Chain 30

https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/dist/js/app.js

Request Chain 63

https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js HTTP 301
https://cdn.gubagoo.io/toolbars/118852/loader_118852_1.js

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTM0MzEwMzA3MjAxODU3OTU5OTIxNjY3ODc2OTIzMTYyNTQyOTk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTM0MzEwMzA3MjAxODU3OTU5OTIxNjY3ODc2OTIzMTYyNTQyOTk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKPOBMtpKaReUwYkhlRZ194&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 73

https://tags.bluekai.com/site/43981?id=13431030720185795992166787692316254299&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 76

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=3J4zbHxPQAm6u_9sANM6zQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13431030720185795992166787692316254299

Request Chain 97

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&header_page_layout=ApplyForCredit_D|standard&header_request_uri=%2FApplyForCredit&header_visitor_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_event_id=299f60183dad10068ef0080020f0176c113661995815&header_session_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_site_id=ee0f6c00ec3f10058a68080020f0176c&cs:plt=4810&cs:svrt=395&cs:ttfb=2285&cs:loc=en_US&cs:theme=dcw-design-ford-distinctly&cs:zip=15236-1447&cs:s=ford-shults-south&cs:userState=loggedOut&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=https%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.shultsfordsouth.com%2526header_page_name%253dApplyForCredit_D%2526header_page_label%253dApplyForCredit_D%2526header_page_layout%253dApplyForCredit_D%257cstandard%2526header_request_uri%253d%25252FApplyForCredit%2526header_visitor_id%253dB8C547FA7B0F62BA1EEA7327C60AE488%2526header_event_id%253d299f60183dad10068ef0080020f0176c113661995815%2526header_session_id%253dB8C547FA7B0F62BA1EEA7327C60AE488%2526header_site_id%253dee0f6c00ec3f10058a68080020f0176c%2526cs%253aplt%253d4810%2526cs%253asvrt%253d395%2526cs%253attfb%253d2285%2526cs%253aloc%253den_US%2526cs%253atheme%253ddcw-design-ford-distinctly%2526cs%253azip%253d15236-1447%2526cs%253as%253dford-shults-south%2526cs%253auserState%253dloggedOut%2526cs%253achecksum%253d1&uid=B8C547FA7B0F62BA1EEA7327C60AE488&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1656036632565727396&header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&header_page_layout=ApplyForCredit_D|standard&header_request_uri=%2FApplyForCredit&header_visitor_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_event_id=299f60183dad10068ef0080020f0176c113661995815&header_session_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_site_id=ee0f6c00ec3f10058a68080020f0176c&cs:plt=4810&cs:svrt=395&cs:ttfb=2285&cs:loc=en_US&cs:theme=dcw-design-ford-distinctly&cs:zip=15236-1447&cs:s=ford-shults-south&cs:userState=loggedOut&cs:checksum=1

Request Chain 107

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_responsive&cs:s=ford-shults-south&cs:si=ee0f6c00ec3f10058a68080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:vi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:theme=dcw-design-ford-distinctly&cs:wt=card-header-a72a7c31-c7d0-4858-8b51-5e26e6861e32,,0,0,0,1600,162,15,0,0&cs:wt=card-Home-5a7bdff0-7cfc-486f-b86a-fff6c846fa74,,0,20,28,72,44,18,0,0&cs:wt=card-Custom%20Order-fd9e395e-bfdb-4af8-9b25-8fe3ffbdabe9,,0,92,28,128,44,18,0,0&cs:wt=card-New-da3e4924-075f-44bf-bd42-97eda15118e7,,0,220,28,61,44,18,0,0&cs:wt=card-navigationModelInventoryb69184fc-fac69c56-0a3f-427a-b14f-90aa1737a651_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,18,0,0&cs:wt=card-Pre-Owned-017d83ad-bd38-4e4f-9e12-e74ae37181b1,,0,281,28,109,44,17,0,0&cs:wt=card-navigationModelInventoryedc96749-3eaf472d-1b1f-43b4-b0e9-8686ee626a58_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,17,0,0&cs:wt=card-Service%20%26%20Parts-37257a37-8405-4b61-bf30-d03230827362,,0,390,28,136,44,17,0,0&cs:wt=card-Bronco-31047d95-5511-4d29-a782-dd983ddcc10f,,0,526,28,80,44,17,0,0&cs:wt=card-Commercial-05c76ea6-008d-45da-9553-2bf90310b296,,0,606,28,115,44,18,0,0&cs:wt=card-Performance-7555cda4-a7db-4bcc-b404-e20b8a92ec67,,0,721,28,121,44,18,0,0&cs:wt=card-Credit%20Pre-Approval-73759adc-607d-4c48-bb13-bc85cb5408ac,,0,842,28,167,44,17,0,0&cs:wt=card-aboutMessageCard-97292fec-8aa4-4ac5-8210-91b41c5abc57,,0,0,235.796875,1600,807,17,0,0&cs:wt=card-footer-cf0cb407-9196-4db5-9df8-d7e4fc8602d4,,0,0,1042.796875,1600,610,12,0,0&cs:wt=card-footerDealerInformation-add908ef-492f-4226-aac0-b624a5a41b72,,0,0,1108.796875,1600,52,17,0,0&cs:wt=card-footerMedia-e6b2d6bb-bea7-45d1-9063-4378bc787fd3,,0,0,1160.59375,1600,62,18,0,0&cs:wt=card-genericCard-b3aa7ad2-ce0d-424e-899d-0aeece40b2f6,,0,0,0,100,0,13,0,0&cs:w=1600,1200,28&cs:vs=&cs:checksum=1 HTTP 301
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=https%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3d299f60183dad10068ef0080020f0176c113661995815%26cs%3apg%3dApplyForCredit_D%26cs%3aplb%3dApplyForCredit_D%26cs%3aply%3dApplyForCredit_responsive%26cs%3as%3dford-shults-south%26cs%3asi%3dee0f6c00ec3f10058a68080020f0176c%26cs%3assi%3dB8C547FA7B0F62BA1EEA7327C60AE488%26cs%3avi%3dB8C547FA7B0F62BA1EEA7327C60AE488%26cs%3atheme%3ddcw-design-ford-distinctly%26cs%3awt%3dcard-header-a72a7c31-c7d0-4858-8b51-5e26e6861e32%2c%2c0%2c0%2c0%2c1600%2c162%2c15%2c0%2c0%26cs%3awt%3dcard-Home-5a7bdff0-7cfc-486f-b86a-fff6c846fa74%2c%2c0%2c20%2c28%2c72%2c44%2c18%2c0%2c0%26cs%3awt%3dcard-Custom%2520Order-fd9e395e-bfdb-4af8-9b25-8fe3ffbdabe9%2c%2c0%2c92%2c28%2c128%2c44%2c18%2c0%2c0%26cs%3awt%3dcard-New-da3e4924-075f-44bf-bd42-97eda15118e7%2c%2c0%2c220%2c28%2c61%2c44%2c18%2c0%2c0%26cs%3awt%3dcard-navigationModelInventoryb69184fc-fac69c56-0a3f-427a-b14f-90aa1737a651_0dc8c01d-96cc-42c8-8922-06fdbe435bd6%2c%2c0%2c0%2c0%2c100%2c100%2c18%2c0%2c0%26cs%3awt%3dcard-Pre-Owned-017d83ad-bd38-4e4f-9e12-e74ae37181b1%2c%2c0%2c281%2c28%2c109%2c44%2c17%2c0%2c0%26cs%3awt%3dcard-navigationModelInventoryedc96749-3eaf472d-1b1f-43b4-b0e9-8686ee626a58_0dc8c01d-96cc-42c8-8922-06fdbe435bd6%2c%2c0%2c0%2c0%2c100%2c100%2c17%2c0%2c0%26cs%3awt%3dcard-Service%2520%2526%2520Parts-37257a37-8405-4b61-bf30-d03230827362%2c%2c0%2c390%2c28%2c136%2c44%2c17%2c0%2c0%26cs%3awt%3dcard-Bronco-31047d95-5511-4d29-a782-dd983ddcc10f%2c%2c0%2c526%2c28%2c80%2c44%2c17%2c0%2c0%26cs%3awt%3dcard-Commercial-05c76ea6-008d-45da-9553-2bf90310b296%2c%2c0%2c606%2c28%2c115%2c44%2c18%2c0%2c0%26cs%3awt%3dcard-Performance-7555cda4-a7db-4bcc-b404-e20b8a92ec67%2c%2c0%2c721%2c28%2c121%2c44%2c18%2c0%2c0%26cs%3awt%3dcard-Credit%2520Pre-Approval-73759adc-607d-4c48-bb13-bc85cb5408ac%2c%2c0%2c842%2c28%2c167%2c44%2c17%2c0%2c0%26cs%3awt%3dcard-aboutMessageCard-97292fec-8aa4-4ac5-8210-91b41c5abc57%2c%2c0%2c0%2c235.796875%2c1600%2c807%2c17%2c0%2c0%26cs%3awt%3dcard-footer-cf0cb407-9196-4db5-9df8-d7e4fc8602d4%2c%2c0%2c0%2c1042.796875%2c1600%2c610%2c12%2c0%2c0%26cs%3awt%3dcard-footerDealerInformation-add908ef-492f-4226-aac0-b624a5a41b72%2c%2c0%2c0%2c1108.796875%2c1600%2c52%2c17%2c0%2c0%26cs%3awt%3dcard-footerMedia-e6b2d6bb-bea7-45d1-9063-4378bc787fd3%2c%2c0%2c0%2c1160.59375%2c1600%2c62%2c18%2c0%2c0%26cs%3awt%3dcard-genericCard-b3aa7ad2-ce0d-424e-899d-0aeece40b2f6%2c%2c0%2c0%2c0%2c100%2c0%2c13%2c0%2c0%26cs%3aw%3d1600%2c1200%2c28%26cs%3avs%3d%26cs%3achecksum%3d1&uid=B8C547FA7B0F62BA1EEA7327C60AE488&uidindex=ws HTTP 302
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1656036632565727396&cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_responsive&cs:s=ford-shults-south&cs:si=ee0f6c00ec3f10058a68080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:vi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:theme=dcw-design-ford-distinctly&cs:wt=card-header-a72a7c31-c7d0-4858-8b51-5e26e6861e32,,0,0,0,1600,162,15,0,0&cs:wt=card-Home-5a7bdff0-7cfc-486f-b86a-fff6c846fa74,,0,20,28,72,44,18,0,0&cs:wt=card-Custom%20Order-fd9e395e-bfdb-4af8-9b25-8fe3ffbdabe9,,0,92,28,128,44,18,0,0&cs:wt=card-New-da3e4924-075f-44bf-bd42-97eda15118e7,,0,220,28,61,44,18,0,0&cs:wt=card-navigationModelInventoryb69184fc-fac69c56-0a3f-427a-b14f-90aa1737a651_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,18,0,0&cs:wt=card-Pre-Owned-017d83ad-bd38-4e4f-9e12-e74ae37181b1,,0,281,28,109,44,17,0,0&cs:wt=card-navigationModelInventoryedc96749-3eaf472d-1b1f-43b4-b0e9-8686ee626a58_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,17,0,0&cs:wt=card-Service%20&%20Parts-37257a37-8405-4b61-bf30-d03230827362,,0,390,28,136,44,17,0,0&cs:wt=card-Bronco-31047d95-5511-4d29-a782-dd983ddcc10f,,0,526,28,80,44,17,0,0&cs:wt=card-Commercial-05c76ea6-008d-45da-9553-2bf90310b296,,0,606,28,115,44,18,0,0&cs:wt=card-Performance-7555cda4-a7db-4bcc-b404-e20b8a92ec67,,0,721,28,121,44,18,0,0&cs:wt=card-Credit%20Pre-Approval-73759adc-607d-4c48-bb13-bc85cb5408ac,,0,842,28,167,44,17,0,0&cs:wt=card-aboutMessageCard-97292fec-8aa4-4ac5-8210-91b41c5abc57,,0,0,235.796875,1600,807,17,0,0&cs:wt=card-footer-cf0cb407-9196-4db5-9df8-d7e4fc8602d4,,0,0,1042.796875,1600,610,12,0,0&cs:wt=card-footerDealerInformation-add908ef-492f-4226-aac0-b624a5a41b72,,0,0,1108.796875,1600,52,17,0,0&cs:wt=card-footerMedia-e6b2d6bb-bea7-45d1-9063-4378bc787fd3,,0,0,1160.59375,1600,62,18,0,0&cs:wt=card-genericCard-b3aa7ad2-ce0d-424e-899d-0aeece40b2f6,,0,0,0,100,0,13,0,0&cs:w=1600,1200,28&cs:vs=&cs:checksum=1

Request Chain 113

https://www.google.com/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632

Request Chain 186

https://690327.fls.doubleclick.net/activityi;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit HTTP 302
https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit

Request Chain 190

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1656036632565727396&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_UUID%7D HTTP 302
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=13431030720185795992166787692316254299

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTY1NjAzNjYzMjU2NTcyNzM5Ng HTTP 302
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

Request Chain 223

https://690333.fls.doubleclick.net/activityi;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501 HTTP 302
https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501

Request Chain 233

https://aalnk.com/pfzurl.ashx?webkey=&id=f22b59b2-1066-464d-8d73-df584c6fc7b3&mf_uuid=577537ef-f849-473d-9b49-0efc7de700e3&rdts=1656036634 HTTP 302
https://idsync.rlcdn.com/456519.gif?partner_uid=f4e14fd6-c188-4a7b-8e6e-9cc669397a1a

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=marchex_dmp&google_cm HTTP 302
https://px.marchex.io/msid.gif?google_gid=CAESENCuscHdKdwosEwH_mfe-zk&google_cver=1

239 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ApplyForCredit Show response
www.shultsfordsouth.com/
Redirect Chain

https://westmifflincredit.com/
https://www.westmifflincredit.com/
https://www.shultsfordsouth.com/ApplyForCredit

248 KB
46 KB

853ms
615ms

Document
text/html

143.204.89.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-6.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a4a1c64e09257bee28c09fa5aedd504c9182130a6a28d25a5444155eff83513

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public,max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 02:10:29 GMT
etag: W/"3e103-3059168753"
logging-correlationid: MQvb20p6Tb1ue3Kepctuhpvaf3xCzTB-aZ9ZFSY6mzXhGmXU-RNlmA==
nitra-side: a
request-timing-enabled: false
server: nginx
strict-transport-security: max-age=7776000
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-id: MQvb20p6Tb1ue3Kepctuhpvaf3xCzTB-aZ9ZFSY6mzXhGmXU-RNlmA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-design-agent: dcw-designs-deployable@1.0.15107/dcw-design-ford-distinctly
x-frame-options: sameorigin
x-origin-id: cdk-pdx
x-pass1-uuid: d72fccda-124a-4dba-bc54-1da16a7f9047
x-request-handler: consumer
x-server-response-time: 445
x-server-start-time: 1656036628954
x-sf-cache: Miss from sitefront

Redirect headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-length: 0
content-type: application/octet-stream
date: Fri, 24 Jun 2022 02:10:28 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.shultsfordsouth.com/ApplyForCredit
logging-correlationid: OijcvNdNEhL2POegcxK6RnxUrT8CfXtqKfIXM4IcdiOIBSoJLhYUJg==
nitra-side: a
pragma: no-cache
server: CDK-Websites
strict-transport-security: max-age=7776000
vary: *
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-id: OijcvNdNEhL2POegcxK6RnxUrT8CfXtqKfIXM4IcdiOIBSoJLhYUJg==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: sameorigin
x-origin-id: cdk-pdx
x-server-response-time: 4
x-server-start-time: 1656036628549

GET
H2 200 Preload.min.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/base/sitefront/ 6 KB
3 KB 46ms
9ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/base/sitefront/Preload.min.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 2a510608bea5a262a86f8fa0ed974324267763020fc1ace6d2e0930c7adbeeff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 21:05:51 GMT
content-encoding: gzip
x-original-content-length: 6383
age: 104678
x-cache: Hit from cloudfront
x-server-start-time: 1655931951327
logging-correlationid: DahiQoEmta8VMujJnKl9yuu8FL3PvGg3eoXXS3-FeXB8xxpFCy5tqQ==
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 20:30:44 GMT
server: nginx
x-server-response-time: 20
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zq-Amk9fVdJehgf7MhrWR0HcZ8MUyJ9L33TH_ZUrONLwYxT-OMGTGg==
expires: Thu, 22 Jun 2023 21:05:51 GMT

GET
H2 200 bundle.css
media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/ 2 MB
213 KB 63ms
27ms Stylesheet
text/css 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 9d16b952176c29bb311afe9e9d98dc81f23ae7373a2af685f4e20206987e67d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 21:40:58 GMT
content-encoding: gzip
x-original-content-length: 2535832
age: 102571
x-cache: Hit from cloudfront
x-server-start-time: 1655934058570
logging-correlationid: STc1Mpuad7WBvI06Wk8U-Kh9ujAvUDCk38ig3EaL4b5bzx0xPtMYgg==
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 20:49:42 GMT
server: nginx
x-server-response-time: 119
vary: accept-encoding
content-type: text/css
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nXQcAX6BFL-JNtaCzfMkZ8u0bMQ5Ck9aQIHVbUcn23pdjKb5MStd-g==
expires: Thu, 22 Jun 2023 21:40:58 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-8359/qdx/e7js8i1vjpi+eaqkyca==/ 80 KB
17 KB 46ms
9ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-8359/qdx/e7js8i1vjpi+eaqkyca==/bundle.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 23 Jun 2022 10:02:06 GMT
content-encoding: gzip
x-original-content-length: 81875
age: 58103
x-cache: Hit from cloudfront
x-server-start-time: 1655978526285
logging-correlationid: ysxnVZJAW2q-9YmDIqOo_8L2JRkx-R-WeiMLdWi6XkDBkfS_yp4MHw==
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 06:13:26 GMT
server: nginx
x-server-response-time: 24
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -5aDAxkmfeEFTIq7thoBDfELArhY5gsYtEaVyGRf9us2j4PmU0UR7w==
expires: Fri, 23 Jun 2023 10:02:06 GMT

GET
H2 200 Ford.webp
media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/client/assets/logos/webp/ 3 KB
3 KB 9ms
9ms Image
image/webp 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/client/assets/logos/webp/Ford.webp
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 473142ce29b72063c2e28861942733b692e92e2ca0f57ba48bd5e5ebb23cb6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 21:05:51 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-original-content-length: 2574
age: 104678
x-cache: Hit from cloudfront
x-server-start-time: 1655931951731
logging-correlationid: DkL71e4m-ksk8oQIbH6n_B3e27vsyuuxfhJu4CbOox6oTtnIu35GlA==
last-modified: Wed, 22 Jun 2022 20:30:44 GMT
server: nginx
x-server-response-time: 30
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 2574
x-amz-cf-id: dTvimR8NiZ25S9K_8kH4XWi_EwgPWUvv6jFWjEE31ZQN2i8xNKfh6w==
expires: Thu, 22 Jun 2023 21:05:51 GMT

GET
H2 200 f79f62d1c7154a49b0a9a5d322a69b73_100x49.png
media.assets.sincrod.com/websites/content/ford-shults-south/file/v/3/43a1ba36-973e-4199-9a69-885e5ea5173b/ 9 KB
10 KB 12ms
12ms Image
image/png 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/ford-shults-south/file/v/3/43a1ba36-973e-4199-9a69-885e5ea5173b/f79f62d1c7154a49b0a9a5d322a69b73_100x49.png
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 90887fcf873aaee7e6f32972752bee5f40049984b2f3a0aafd0c92b0bb12454c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 04:05:08 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-original-content-length: 9702
age: 165921
x-cache: Hit from cloudfront
x-server-start-time: 1655870708779
logging-correlationid: HP3GlUhK1vbCC1qEpkakxVJjUtOhfrh3WM2wP4uUtNl2d0jYO7ahAw==
last-modified: Wed, 16 Mar 2022 18:30:45 GMT
server: nginx
x-server-response-time: 49
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 9605
x-amz-cf-id: uPG8XGnOAFq3uFnSUV5mdWvcTicWPxTHRmoSJjr8p7QDHM8BP0kimg==
expires: Thu, 22 Jun 2023 04:05:08 GMT

GET
H2 200 a9c31586e447442db3b6bdbb4719547e_77x15.png
media.assets.sincrod.com/websites/content/cblt-ms-ford/file/v/1/5f792735-4a79-4b7a-8ba3-7c5f079e9706/ 720 B
1 KB 9ms
9ms Image
image/png 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-ford/file/v/1/5f792735-4a79-4b7a-8ba3-7c5f079e9706/a9c31586e447442db3b6bdbb4719547e_77x15.png
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: fcc17f84f5d11e969d50f9c477e28a350be200f23211f9f02b041ade37b047b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 10 Jun 2022 17:21:13 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-original-content-length: 2219
age: 1154956
x-cache: Hit from cloudfront
x-server-start-time: 1654881673524
logging-correlationid: dbBDNCQBr7lX9CZ-_XT8CiuEEz4rjTgTUor28HDY_QIdSG9mnXO9ww==
last-modified: Wed, 01 Jun 2022 10:13:54 GMT
server: nginx
x-server-response-time: 17
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 720
x-amz-cf-id: GnHzfUjsBCc90OasaqOHx4DhhK2rAyiWzy0ftEL6fr5eKJr0YKNbrQ==
expires: Sat, 10 Jun 2023 17:21:13 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/b31f56cad1c0c849b64c1a60f45a6380/ 167 KB
54 KB 10ms
10ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/b31f56cad1c0c849b64c1a60f45a6380/bundle.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 66ed181d53b2a47e9d374451907ff8468486ed602b763e13a0d48d91c3c8c4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 21:40:59 GMT
content-encoding: gzip
x-original-content-length: 171384
age: 102570
x-cache: Hit from cloudfront
x-server-start-time: 1655934059031
logging-correlationid: D8jphTSkhmN_JTdWeumGinKJ_XAdBSlVT8_Xzdxy3yo7FoWS_ZaXxQ==
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 21:05:28 GMT
server: nginx
x-server-response-time: 74
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6XoEuD0Bqskt4nqt2SZU8C5s_D7hP9Mu1LId_sPVaobioRco702ILg==
expires: Thu, 22 Jun 2023 21:40:59 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/websites/generated/bundles/5.0-8359/ffy/droze69zs6vthvlam7q==/ 25 KB
7 KB 9ms
9ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/generated/bundles/5.0-8359/ffy/droze69zs6vthvlam7q==/bundle.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 1aa0ff68eecd16675308a4ad1c8bd54aaddcc613bd04f67e59a5cb2a65d25efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Thu, 23 Jun 2022 10:03:57 GMT
content-encoding: gzip
x-original-content-length: 26091
age: 57992
x-cache: Hit from cloudfront
x-server-start-time: 1655978637051
logging-correlationid: pFV-vu-1fwByj0YbALevZD6d3FgOj6fde9tnhu-CKBeiysR3aRNWsg==
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 06:52:26 GMT
server: nginx
x-server-response-time: 19
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xP_ohFKNpdQjGpY8jJOdPa-Q05_0wuAO-VYESAFeHJDVEHwGHqrpNg==
expires: Fri, 23 Jun 2023 10:03:57 GMT

GET
H2 200 pixeltag.js Show response
wsassets.sincrod.com/websites/dynamic/bundles/5.0-8359/prt/tqwiyi50vvuu4uvcpwq==/ 10 KB
4 KB 515ms
461ms Script
application/javascript 143.204.89.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsassets.sincrod.com/websites/dynamic/bundles/5.0-8359/prt/tqwiyi50vvuu4uvcpwq==/pixeltag.js?webId=ford-shults-south&locale=en_US&originalDomain=http%3A%2F%2Fwww.shultsfordsouth.com%2F
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-7.fra50.r.cloudfront.net
Software: CDK-Websites /
Resource Hash: 95b36f0b598064dccd79918084e3dbe82f68d5f35a1e22f9299559753021c290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
nitra-side: a
x-server-start-time: 1656036630059
logging-correlationid: ZSYbvgwsWlqeqcjfntnoj5ueZbgM4DoLxubcj14o8dXgTPKZZQMUuw==
server: CDK-Websites
etag: prttqwiyi50vvuu4uvcpwq==
x-server-response-time: 7
content-type: application/javascript;charset=ISO-8859-1
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
content-length: 3317
x-amz-cf-id: ZSYbvgwsWlqeqcjfntnoj5ueZbgM4DoLxubcj14o8dXgTPKZZQMUuw==
expires: Sat, 24 Jun 2023 02:10:30 GMT

GET
H2 200 ApplyForCredit Show response
www.shultsfordsouth.com/ 18 KB
7 KB 1021ms
1020ms XHR
text/html 143.204.89.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shultsfordsouth.com/ApplyForCredit?format=pagediff&siteFrontPass=2&hashTreeUUID=d72fccda-124a-4dba-bc54-1da16a7f9047&use.hydra.siteFront.defer.directives=true&use.hydra.win.js.minification.during.build=true

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/base/sitefront/Preload.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-6.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9dbb5756dcbba9910bbf701834ba74d3d8887c40d817ba623b3f19738905359f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

x-page-referer
Referer: https://www.shultsfordsouth.com/ApplyForCredit
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-design-agent: dcw-designs-deployable@1.0.15107/dcw-design-ford-distinctly
x-cache: Miss from cloudfront
nitra-side: a
vary: Accept-Encoding, *
x-server-start-time: 1656036630039
logging-correlationid: 2_PAToozZOpCO0QdYRv_bqgNgu-uxCXBitXu9bDtQPrZDjYBbz9VKg==
pragma: no-cache
server: nginx
x-request-handler: consumer
request-timing-enabled: false
x-frame-options: sameorigin
etag: W/"49e7-215564042"
x-server-response-time: 435
strict-transport-security: max-age=7776000
content-type: text/html; charset=utf-8
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: 2_PAToozZOpCO0QdYRv_bqgNgu-uxCXBitXu9bDtQPrZDjYBbz9VKg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 launch-4d1cc8f12ddd.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/ 413 KB
86 KB 56ms
20ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eaeca7b0c68cac8c8ca0eb34272d4f17e0a16889fdf8311c8cdb7f0e28a4a083

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 24 Jun 2022 02:10:29 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:07 GMT
server: AkamaiNetStorage
etag: "1af226ff28f96dffa482e92436a12901:1655400787.484704"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 03:10:29 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742
https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742

1016 B
1 KB

167ms
167ms

XHR
application/json

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8bd7ce0acd853855da97f9bae5d6fdd95318323f1b74b6eaab907f49647d46eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-069d20b77.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: soe5LMFOTLs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 595
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v034-00782690b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
X-TID: lVM+aGl1S/s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&d_nsid=0&ts=1656036629742
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXdc82d83480104da1a4049c462b1f28fa-libraryCode_source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 63 KB
22 KB 14ms
14ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/EXdc82d83480104da1a4049c462b1f28fa-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ef16ffcc792b5fa8cf62b5c53b5cc32b6258e51b72751c47e9ea2c0f519ce0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:29 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 22476
expires: Fri, 24 Jun 2022 03:10:29 GMT

GET
H2 200 USA Show response
www.ford.com/fps/script/Ford/ 249 KB
61 KB 708ms
628ms Script
application/javascript 2a02:26f0:ef:290::1075
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ford.com/fps/script/Ford/USA?xdc=true
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:290::1075 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fc075a4be18e3c91b81bca52672787aadeb81ab87b2abb4596f64c20e3a3ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=479, origin; dur=83
content-length: 62417
expires: Fri, 24 Jun 2022 02:10:30 GMT

GET
H2 200 Antenna-Regular.woff2
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 24 KB
25 KB 28ms
13ms Font
application/font-woff2 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Antenna-Regular.woff2
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a9153e7f3571474652e0f7c590fa3f3ff5215659961a2183772864ce0e82e9a7

Request headers

Referer: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Origin: https://www.shultsfordsouth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 04:05:09 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-original-content-length: 24688
age: 165920
x-cache: Hit from cloudfront
x-server-start-time: 1655870708996
logging-correlationid: CpuaqEuGpTZyf2uHcHoQuLgB-73rp1pYfEmCrCqBGbSK0Izp_frpsg==
last-modified: Thu, 01 Apr 2021 22:07:58 GMT
server: nginx
x-server-response-time: 26
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 24688
x-amz-cf-id: WmGUjj9zWBjV95ZT1Uzz9faPZeU46ergy3MY87JhUeatVXQahod16w==
expires: Thu, 22 Jun 2023 04:05:09 GMT

GET
H2 200 Antenna-Bold.woff
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 52 KB
53 KB 28ms
13ms Font
application/font-woff 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/Antenna-Bold.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e86989fc556d8439a1fa1f697da4cc0d31001db2042b7ea179526235f81daba9

Request headers

Referer: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Origin: https://www.shultsfordsouth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 04:05:09 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-original-content-length: 53713
age: 165920
x-cache: Hit from cloudfront
x-server-start-time: 1655870708999
logging-correlationid: z0gRg2IdyRUQEtEipv3BmgCBTZqfFx1y15RjcSyDexrkqgCj_CO_pA==
last-modified: Thu, 01 Apr 2021 22:07:19 GMT
server: nginx
x-server-response-time: 56
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 53713
x-amz-cf-id: Q-qTGawCq7yqCV62ftwH6Sg_lQ8Ah8Iu8_tAVEV8slo1HiZb41AX4Q==
expires: Thu, 22 Jun 2023 04:05:09 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc7ce7c1e58db91a91547ae74717eb26d3ed7797d09e70fef9a15b0124635da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 573 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66dd7e53411bd89384765197f1fd986c9549aa6218de4bdd1eb5a21607b2aec7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 902 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3490aaa63d40dca0841016447d9b156eb3791814bbbccc7319760e8b646cd6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 391 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7aa1692b259e875fca3732a0c7fd02ed83802dc341e3ce4318dae28b3748a87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ionicons-subset.woff
media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.15107/package/designs/dcw-design-base/fonts/ion-icons/ 10 KB
10 KB 12ms
12ms Font
application/font-woff 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/design-deployer/dcw-designs-deployable/1.0.15107/package/designs/dcw-design-base/fonts/ion-icons/ionicons-subset.woff
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91

Request headers

Referer: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Origin: https://www.shultsfordsouth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 04:05:09 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-original-content-length: 9996
age: 165920
x-cache: Hit from cloudfront
x-server-start-time: 1655870709002
logging-correlationid: L7S1mfADCKqETBm_Mw215sD0rT9mX1bu-JpWKLH9RtCOSCEQKgp-Bw==
last-modified: Fri, 17 Jun 2022 21:31:12 GMT
server: nginx
x-server-response-time: 14
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 9996
x-amz-cf-id: Ylp14sCN12gWJyW0K6Wk7go_nBCUS0_kYlFWNaJ1JHjv-3pmi8tjxQ==
expires: Thu, 22 Jun 2023 04:05:09 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c9f4a7c2726c231c4a10e106d29002219a9dbf9ce2c0aaa19626c8db5f268d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 FordAntenna-Medium.woff2
media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/ 40 KB
40 KB 15ms
15ms Font
application/font-woff2 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/agency-web-fonts/fonts/FordAntenna-Medium.woff2
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: db710b2b228ec2aa2a046f17f4af881df8824694b676dbfe4394407e2fdaefd7

Request headers

Referer: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/06bb388d663e3b765549129984a87cb2/bundle.css
Origin: https://www.shultsfordsouth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 04:05:09 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-original-content-length: 40568
age: 165920
x-cache: Hit from cloudfront
x-server-start-time: 1655870709471
logging-correlationid: PRLQaIZ2M1QziQHIfUrapjDtzSYA8jTADBwJhwPuuBouvg7ty-CBTA==
last-modified: Thu, 16 Dec 2021 17:09:35 GMT
server: nginx
x-server-response-time: 36
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 40568
x-amz-cf-id: 8HJoB2qYBxpVQLYm3dZbpe8ihj07M_McaG34GjaETCObDXarb2BwwQ==
expires: Thu, 22 Jun 2023 04:05:09 GMT

GET
H2 200 bundle.js Show response
media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/dcef0f00fac4ef6254bea39b39b4b518/ 400 KB
108 KB 9ms
9ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/dcef0f00fac4ef6254bea39b39b4b518/bundle.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/vendor/hydra-base/base/sitefront/Preload.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 8ee31a8ec197b5bcccb6391b0ebe3cbb22237d183311f82a81f8dda422ab125a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Wed, 22 Jun 2022 21:10:27 GMT
content-encoding: gzip
x-original-content-length: 410084
age: 104402
x-cache: Hit from cloudfront
x-server-start-time: 1655932227956
logging-correlationid: 9mZ8gRvk39n0I6xUsLbumGbHnhzEY-JtnEsnl8bb6_o_0wUX6WHI8w==
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 21:05:30 GMT
server: nginx
x-server-response-time: 37
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MT4jqfsLDynguOjRXU6tST5poEsl1HBIKOkSD4eJByJMcuF9PHy7mQ==
expires: Thu, 22 Jun 2023 21:10:27 GMT

GET
H2 200 ghostery-tag-manager.js Show response
c.evidon.com/sitenotice/tagmanager/ 3 KB
2 KB 35ms
10ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/tagmanager/ghostery-tag-manager.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd84e3f5931e69b7c4c1e7c26dfbeb2233ef101c52a10f3de91f309afc55276c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2017 21:01:51 GMT
server: AkamaiNetStorage
etag: "ade0f6c10b0f3df1eb58f009ad9fec00:1497992511"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1234
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 69 KB
18 KB 32ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85880bb9bbebc0ac7cdc407ec80a75093a4d405c0cfa8dd7a35a05f990bcf9fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 19:11:27 GMT
server: AkamaiNetStorage
etag: "cf9a0cfb54c583b5ae5e017a8c5834c1:1653505887.378092"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18261
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 35ms
11ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/4259/ 32 KB
3 KB 36ms
12ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/4259/snthemes.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7aff8498ce062d76a9b0c237c1a7439b5cc8fb39fffb014606a0fbed49860ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 15:09:45 GMT
server: AkamaiNetStorage
etag: "5f5599710fd7cef395043652635788e5:1618931385.220847"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2369
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/4259/shultsfordsouth/ 3 KB
1 KB 39ms
14ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/4259/shultsfordsouth/settings.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62cfa3bbb307dca38eefe78f5152f29723d5ed151e9c5b8e598271bea113d205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 14:22:32 GMT
server: AkamaiNetStorage
etag: "06a8e95a0d65c10eba5ee9a130437df2:1654006952.191451"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1111
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H2

200

app.js Show response
acsbapp.com/apps/app/dist/js/
Redirect Chain

https://acsbapp.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/dist/js/app.js

426 KB
139 KB

179ms
179ms

Script
application/x-javascript

138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: fd2be0cad1ca33cef25e60297959b1ffacee8433e8a03a82b5bd81c1dfa938a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: br
last-modified: Thu, 23 Jun 2022 18:31:45 GMT
etag: "6a7da-62b4b191-af3ebb833015feec;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 141718
expires: Sat, 25 Jun 2022 02:10:30 GMT

Redirect headers

location: https://acsbapp.com/apps/app/dist/js/app.js
date: Fri, 24 Jun 2022 02:10:30 GMT
content-length: 707
content-type: text/html

GET
H2 200 index.js Show response
media.assets.sincrod.com/agency/release/iz/framework/js/ 27 KB
6 KB 9ms
9ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0496a6fa327949dfdb1fe639f9e59dea04fe367657ee1dd5dbe633e91adf36b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 01:44:09 GMT
content-encoding: gzip
x-original-content-length: 27210
age: 1668
x-cache: Hit from cloudfront
x-server-start-time: 1655925051955
logging-correlationid: 70LlZFr7RU9J6ElKF1nIFrD9NH9WVwriBQzKmXCV9d0oY6fdNIFLgw==
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 18:54:12 GMT
server: nginx
x-server-response-time: 15
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: m83wE3vpl-03PvJhP_WEHacQtEK-6lOjog3l-8-qBK3Jj7nqzfX36g==
expires: Fri, 24 Jun 2022 01:42:26 GMT

GET
H2 200 USA Show response
www.ford.com/fps/script/Ford/ 249 KB
61 KB 221ms
221ms Script
application/javascript 2a02:26f0:ef:290::1075
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ford.com/fps/script/Ford/USA?xdc=true
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:290::1075 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fc075a4be18e3c91b81bca52672787aadeb81ab87b2abb4596f64c20e3a3ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=134, origin; dur=72
expires: Fri, 24 Jun 2022 02:10:30 GMT

GET
H2 200 e39f15e0949c100588110050568b5709.js Show response
media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/ 27 KB
7 KB 12ms
12ms Script
text/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-original-content-length: 27687
age: 52
x-cache: Hit from cloudfront
x-server-start-time: 1655779499502
logging-correlationid: MasPAHndcv1xGTc1XrulFHvvOP9ghJNFh4yZjUZTzIjEjNhbRC8aCA==
access-control-allow-origin: *
last-modified: Thu, 30 Aug 2018 08:35:42 GMT
server: nginx
x-server-response-time: 19
vary: accept-encoding
content-type: text/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tLdANd7-OkYoz0uwaptSWClRkvXG0fzktojcEQ-l9RO6PBiQ-8rFqg==
expires: Tue, 21 Jun 2022 02:49:59 GMT

GET
H2 200 nextGen.js Show response
fo-static.assets-cdk.com/app/connectedstore/web/integration/ 299 B
726 B 870ms
632ms Script
application/javascript 2600:9000:2156:d800:a:7593:bf40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGen.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d800:a:7593:bf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 349735b8cb9eb961d7008ea2026ca9d8eac90ee373b7001dfdb875627da53fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: SiwgEIUDtO1GfYv3jEN_90RVktcNNXrh
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 13:28:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "d85e1f0b4887faead691f47545400cb3"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
date: Fri, 24 Jun 2022 02:10:32 GMT
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 299
x-amz-cf-id: lCi5oBrCoge9Yoz9RzJnWZ8tgGVzbEZ8VV-bJLZDC73N7RFfZizw8w==

GET
H2 200 basel.js Show response
media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/ 292 KB
47 KB 9ms
8ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/basel.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/dcef0f00fac4ef6254bea39b39b4b518/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 9ae7386ad1b3c7a29b73aae154d24082d2b10c5141d7cdca6761a7fc554795f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 17 Jun 2022 18:44:29 GMT
content-encoding: gzip
x-original-content-length: 298687
age: 545161
x-cache: Hit from cloudfront
x-server-start-time: 1655491469615
logging-correlationid: DexNPYRF8Ye1u2-mGv3LVVjvMZuJas8Br94Ez_piqNEk2ZMgq6AUeQ==
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 18:44:21 GMT
server: nginx
x-server-response-time: 17
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tcI6floWZWCfIUx2JC8u1gaDOqHdzqtAub2tyuFmSKys1XzoYAA2mA==
expires: Sat, 17 Jun 2023 18:44:29 GMT

GET
H/1.1 200
OK dest5.html Show response
ford.demdex.net/ Frame AA55 7 KB
3 KB 475ms
115ms Document
text/html 3.248.150.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ford.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.150.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-150-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v034-08c9224b5.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7pmus3JLTWA=
content-encoding: gzip
date: Fri, 24 Jun 2022 02:10:31 GMT
last-modified: Wed, 8 Jun 2022 12:46:11 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.ford.com/ 48 B
513 B 585ms
102ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.ford.com/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&mid=13676539679161643792182190576309257679&ts=1656036630643

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

600cb9a4546d3e74f247708765d7218fa32bc68258f35ad404e4da2a1b0c1656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-565ccfcb4f-nb7xp
vary: Origin
x-c: main-1656.I07031f.M0-582
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 json Show response
ford.tt.omtrdc.net/m2/ford/mbox/ 464 B
1 KB 139ms
49ms XHR
application/json 54.77.179.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ford.tt.omtrdc.net/m2/ford/mbox/json?mbox=target-global-mbox&mboxSession=aa296c0072fa40ed9399de35c5bd64ce&mboxPC=&mboxPage=401a99e56422482daa37629e5a5a6a2c&mboxRid=436af72ec3ce4a68ad81df1470286266&mboxVersion=1.8.0&mboxCount=1&mboxTime=1656036629755&mboxHost=www.shultsfordsouth.com&mboxURL=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&brand=ford&platform=cdk&at_property=32f697be-55ae-e749-b09f-d7c0e987482e&profile.fv_v16=&profile.fv_v54=&profile.fv_entpg=&profile.voi_year=&profile.fps_gtUid=&profile.fv_refdom=&profile.fv_v1_v10=&profile.voi_model=&profile.akamai_zip=&profile.fv_v11_v20=&profile.fv_v21_v30=&profile.fv_v31_v40=&profile.fv_v41_v50=&profile.fv_v51_v60=%25fv_v51_v60%25&profile.fv_v61_v70=&profile.fv_ev1_ev10=&profile.fv_voi_year=&profile.fv_ev11_ev20=&profile.fv_voi_model=&profile.voi_modelYear=%3A&profile.fv_voi_modelYear=%3A&mboxMCSDID=0E4C6F45D15BE8AC-48DD3435D0854D86&vst.trk=metrics.ford.com&vst.trks=smetrics.ford.com&mboxMCGVID=13676539679161643792182190576309257679&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6&fv_dcx_experience_name=null
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.179.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-179-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c73cbd2c72159d2cdeddaaa2e80ce5b1a397ce5b6d2270c44f7e89cb711bd290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:30 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 464
x-request-id: 436af72ec3ce4a68ad81df1470286266

GET
H2 200 annyang.min.js Show response
cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/ 4 KB
2 KB 61ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/annyang/2.6.0/annyang.min.js

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/dcef0f00fac4ef6254bea39b39b4b518/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18930387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1753
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-1167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7BLXCzWHXNW%2B922IVkC1OC0Y9Na06MqdNCNH9%2BCZCFiVkbvqKKVbesWcnUQZ7p%2F%2BzIwscB0cGg8%2F%2BEZHf4IeAexh50%2FL0I1wq7YnjiOe2y6l%2F58zpE8c4WdOh6W%2BNOlKr42tefhtUQeODc94xNcKd4o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7201ed6e5d3723c7-ZRH
expires: Wed, 14 Jun 2023 02:10:30 GMT

GET
H2 200 checkXDC Show response
www.ford.com/fps/fps/api/personalization_1_8/ 0
577 B 253ms
253ms Script
text/plain 2a02:26f0:ef:290::1075
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ford.com/fps/fps/api/personalization_1_8/checkXDC?regFPSID=62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a&brand=Ford

Requested by

Host: www.ford.com
URL: https://www.ford.com/fps/script/Ford/USA?xdc=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef:290::1075 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: System.Net.Http.StringContent
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=127, origin; dur=109
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Fri, 24 Jun 2022 02:10:30 GMT

POST
H2 200 day Show response
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/insights/count/bytime/tnnewfpsid/ 16 B
397 B 344ms
138ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/insights/count/bytime/tnnewfpsid/day

Requested by

Host: www.ford.com
URL: https://www.ford.com/fps/script/Ford/USA?xdc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-azure-ref: 0Fh21YgAAAACMYjDh219eQJnBBqHJ8w58QlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=
content-length: 135

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/tagmanager/GHOSTTM-4259-0001/04880-F/ 253 B
533 B 9ms
9ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/tagmanager/GHOSTTM-4259-0001/04880-F/settings.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/tagmanager/ghostery-tag-manager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4d1c60a4ae5578bacb41b21b868a9b6a19f540ef1add76a78866b1c634368f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 22:57:21 GMT
server: AkamaiNetStorage
etag: "079f9c465e354cb16bb69481a6998dd5:1529449041"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 195
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H/1.1 200
OK script.js Show response
checkout.autofi.com/ 683 KB
172 KB 365ms
104ms Script
application/javascript 18.234.8.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.autofi.com/script.js

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.234.8.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-8-45.compute-1.amazonaws.com

Software

Resource Hash

30a29dc07665479d26fa72f2e93f700ffa0acf4523ae1a4a146dedd01210d12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 02:10:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Protected-By: Sqreen
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 23 May 2022 16:44:19 GMT
X-Frame-Options: SAMEORIGIN
Etag: W/"aaa30-180f1ce1eb8"
X-Download-Options: noopen
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 spaces-router (af36242f44a2)
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: 180

GET
H2 200 StratosLoader.min.js Show response
exos.azureedge.net/Scripts/V2/ 4 KB
2 KB 90ms
15ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://exos.azureedge.net/Scripts/V2/StratosLoader.min.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B18) / ASP.NET
Resource Hash: 823ca20d14628c0765376b35ae70aee1bc9782da72ef22e580969f6e2bc6dcee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
etag: "032eeb847fd81:0+gzip"
last-modified: Tue, 14 Jun 2022 00:16:52 GMT
server: ECAcc (ama/8B18)
age: 15348
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 1548

GET
H2 200 iz-miss.png
tag.digops.sincro.io/ 68 B
700 B 520ms
465ms Image
image/png 2600:9000:2156:ca00:1d:cf92:a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.digops.sincro.io/iz-miss.png?t=AGMSQ-13045&w=ford-shults-south&p=ApplyForCredit_D
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ca00:1d:cf92:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 21:03:35 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA50-C1
etag: "618d8527-44"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: IHMiKYBSUOSMM6V12x-SLgYdrClipgWCCl9F78dB0dOebb5VXZFgGg==

GET
H2 200 DOACT-143.css
media.assets.sincrod.com/agency/release/iz/solutions/DOACT-143/ 58 B
603 B 11ms
10ms Stylesheet
text/css 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/solutions/DOACT-143/DOACT-143.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 670ee6c1ca74619214047ff4135fa53e8ad6ec8b5121c202012d145e174bde77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:00:16 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-original-content-length: 58
age: 1514
x-cache: Hit from cloudfront
x-server-start-time: 1655785974228
logging-correlationid: 9Jr5Xy5W_SyspyMSRnjhaG5sSKbUsFyCl3cC3B1mocrF-3uWwJjL9A==
last-modified: Fri, 22 Oct 2021 22:49:52 GMT
server: nginx
x-server-response-time: 18
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-pop: FRA50-C1
content-length: 58
x-amz-cf-id: SMx5IdPr8cUTpzijFcKYIUBFGcfZbHgVOxrrvtr0wUeB5EfnKOKg0g==
expires: Tue, 21 Jun 2022 05:02:54 GMT

GET
H2 200 iz-load.png
tag.digops.sincro.io/ 68 B
700 B 503ms
449ms Image
image/png 2600:9000:2156:ca00:1d:cf92:a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.digops.sincro.io/iz-load.png?t=DOACT-143&w=ford-shults-south&p=ApplyForCredit_D
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ca00:1d:cf92:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 21:03:35 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA50-C1
etag: "618d8527-44"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: hGt5FRcXiiiw__lOivv6BQsAY0W_eX7MRnVG2pfXRs2VA6W2iDBXmQ==

GET
H2 200 DOACT-205.css
media.assets.sincrod.com/agency/release/iz/solutions/DOACT-205/ 112 B
659 B 12ms
11ms Stylesheet
text/css 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/agency/release/iz/solutions/DOACT-205/DOACT-205.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/agency/release/iz/framework/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f00ff34cfd56e6e58ed561a74d7f9a5807c18e6a6b2adbab054b6f03f13505e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 01:49:14 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-original-content-length: 112
age: 1276
x-cache: Hit from cloudfront
x-server-start-time: 1653183980320
logging-correlationid: mmaW6Vp3ZKnwArF3I3yCzRBXHaOAAH3fVbnt0zVe6s86AGMN2b74XQ==
last-modified: Tue, 21 Dec 2021 22:16:27 GMT
server: nginx
x-server-response-time: 19
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=1800
x-amz-cf-pop: FRA50-C1
content-length: 112
x-amz-cf-id: BJjxyU6RbXp9Bqbykm3pLNtaUEQExHlRTrbWSt6kiFkIuSaBbZ0dPw==
expires: Tue, 21 Jun 2022 02:31:28 GMT

GET
H2 200 iz-load.png
tag.digops.sincro.io/ 68 B
693 B 521ms
467ms Image
image/png 2600:9000:2156:ca00:1d:cf92:a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.digops.sincro.io/iz-load.png?t=DOACT-205&w=ford-shults-south&p=ApplyForCredit_D
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ca00:1d:cf92:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 21:03:35 GMT
server: nginx/1.19.10
x-amz-cf-pop: FRA50-C1
etag: "618d8527-44"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: LIYGf5-VKeRzTc3cap_D2L1rLfz5FLrljglosFjMD1vPDPl1e4cw8Q==

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/4259/translations/ 34 KB
6 KB 10ms
10ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/4259/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c5332b1532ddec4a3f40d56c47e41b8cd23ded059a8e31128b53be75f75b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 15:10:58 GMT
server: AkamaiNetStorage
etag: "d7cb37fe0e2549152205c9c492844a30:1618931458.435907"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5541
expires: Sun, 26 Jun 2022 02:10:30 GMT

GET
H2 204 1
l.evidon.com/site/v3/4259/36786/1/1/1/ 0
121 B 300ms
99ms Image
text/plain 54.164.211.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/4259/36786/1/1/1/1?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.211.210 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-211-210.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/basel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 02:10:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 02:10:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 02:10:30 GMT

GET
H2 200 master.css
media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/ 5 KB
2 KB 8ms
8ms Stylesheet
text/css 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/master.css
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/basel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 17 Jun 2022 18:44:30 GMT
content-encoding: gzip
x-original-content-length: 4720
age: 545160
x-cache: Hit from cloudfront
x-server-start-time: 1655491470302
logging-correlationid: kC_ivsl5rK3d1zMubs0NaX-NSOgcNXu4liG20sIkmFFaKCdJoc8Ykg==
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 18:44:20 GMT
server: nginx
x-server-response-time: 16
vary: Accept-Encoding
content-type: text/css
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HywKzgdZeR9rbsMtgqVQMYrjLPrphlUls6xc2yNlxb8qtSFKvpIjyQ==
expires: Sat, 17 Jun 2023 18:44:30 GMT

GET
BLOB 200
OK 696ac274-ffcc-4ff8-ad74-613ca17ce86e
https://www.shultsfordsouth.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.shultsfordsouth.com/696ac274-ffcc-4ff8-ad74-613ca17ce86e
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 2fc5447a-dfb1-4b34-a239-04729d9a31c7
https://www.shultsfordsouth.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.shultsfordsouth.com/2fc5447a-dfb1-4b34-a239-04729d9a31c7
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 9141

GET
BLOB 200
OK 210c85a4-39c4-4273-b5e3-284f789173ee
https://www.shultsfordsouth.com/ 9 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.shultsfordsouth.com/210c85a4-39c4-4273-b5e3-284f789173ee
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 9141

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/ 25 KB
9 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP5e9ec493dfa0465eaa797b523b09d3f7/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 19742d915958a7525879a20699efdda3cb8214cf7eaf07c18a0fffaf12c71b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 18:34:43 GMT
server: AkamaiNetStorage
etag: "46e2aa1bef425becb0cb4651c23fff38:1573670083.753497"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8769
expires: Fri, 24 Jun 2022 03:10:30 GMT

GET
H2 200 tag.js Show response
c.evidon.com//pub/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com//pub/tag.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/tagmanager/ghostery-tag-manager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 16:47:06 GMT
server: AkamaiNetStorage
etag: "a9fd30e65e1837e0ec743c20de372581:1571935627"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1250

GET
H2 200 icong1.png
c.evidon.com/pub/ 600 B
907 B 7ms
7ms Image
image/png 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icong1.png
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 16:14:21 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1558455261"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2 204 79764
l.evidon.com/site/v3/4259/36786/1/2/1/1/ 0
120 B 204ms
99ms Image
text/plain 54.164.211.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/4259/36786/1/2/1/1/79764?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.211.210 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-211-210.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 79764
l.evidon.com/site/v3/4259/36786/1/1/1/1/ 0
120 B 204ms
99ms Image
text/plain 54.164.211.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/4259/36786/1/1/1/1/79764?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.211.210 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-211-210.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 USA Show response
www.ford.com/fps/script/Ford/ 249 KB
61 KB 244ms
244ms Script
application/javascript 2a02:26f0:ef:290::1075
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ford.com/fps/script/Ford/USA?xdc=true&_=1656036629865
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/b31f56cad1c0c849b64c1a60f45a6380/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:290::1075 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fc075a4be18e3c91b81bca52672787aadeb81ab87b2abb4596f64c20e3a3ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=122, origin; dur=106
content-length: 62436
expires: Fri, 24 Jun 2022 02:10:31 GMT

GET
H2

200

loader_118852_1.js Show response
cdn.gubagoo.io/toolbars/118852/
Redirect Chain

https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js
https://cdn.gubagoo.io/toolbars/118852/loader_118852_1.js

22 KB
8 KB

512ms
445ms

Script
text/javascript

2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gubagoo.io/toolbars/118852/loader_118852_1.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5d4617f53ffd37e919cdaa79fc7658f67f1a4bd1ee45a6735af66f8bec9d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 22:10:33 GMT
server: AmazonS3
etag: W/"33d2a28dd89e6c96408ec5026204710f"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: U1IECAuHGBstwT7t1jDPWjr1BjqhQDBO
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control: max-age=300
content-type: text/javascript
x-amz-cf-id: kyLkd2cB-8Hd5FYc-n_Va7ABthbtYtSuzTE3rgB4Ui-7cS6w_VZOgA==
expires: Wed, 22 Jun 2022 22:14:58 GMT

Redirect headers

date: Fri, 24 Jun 2022 02:10:31 GMT
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
location: https://cdn.gubagoo.io/toolbars/118852/loader_118852_1.js
x-content-type-options: nosniff
content-length: 162
x-xss-protection: 1; mode=block

GET
H2 200 v2.js Show response
integrator.swipetospin.com/ 58 KB
21 KB 434ms
404ms Script
application/javascript 2600:9000:2156:1a00:6:5a0f:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integrator.swipetospin.com/v2.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/partner-packages/partner-packages-1.0.3148/baselDeploy/basel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:6:5a0f:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a471bb4843f880bee61423eab960bd4cd83525b949232d255e1aed6352511351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 19:44:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "8efdf1ffa5541b918c7184112bc1320a"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=120
accept-ranges: bytes
content-length: 21486
x-amz-cf-id: IoJeZ3M9nwfO4RmE1WLc8N_lR5GDmjez3g025cLxltuXQixCuZxXkQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 27ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 906roJGDOmWdGBolZMSoYx0VP0KPCbly5HMr6FTbELzL9+gGv3wFGn2F18pPtzKxrIWCRhJdWtq1AkTFkcp1RA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:10:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 649823825873326 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 108ms
108ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649823825873326?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f095a1aaaa4f5292c2b8e3fa0e751073453738b3dc91dfb3d5e415db23399b32

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: VgrMDLlLKmbEtIJNdIShGYhG4t3dBw5mynCeuQFg9LlTVqwOdTmKhTiiaEFkqQnD6BnjEyhlNOq88UNJqRNPTQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:10:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656036631216
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEKPOBMtpKaReUwYkhlRZ194&google_cver=1
dpm.demdex.net/ Frame AA55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTM0MzEwMzA3MjAxODU3OTU5OTIxNjY3ODc2OTIzMTYyNTQyOTk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTM0MzEwMzA3MjAxODU3OTU5OTIxNjY3ODc2OTIzMTYyNTQyOTk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKPOBMtpKaReUwYkhlRZ194&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

155ms
155ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKPOBMtpKaReUwYkhlRZ194&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ford.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-075ec15ab.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9tJbESLmSzs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKPOBMtpKaReUwYkhlRZ194&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649823825873326&ev=PageView&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&rl=&if=false&ts=1656036631241&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656036631240.1201365554&it=1656036631110&coo=false&exp=p1&rqm=GET

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 02:10:31 GMT

GET
H2 200 v2
odr.mookie1.com/t/ Frame AA55 43 B
356 B 50ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=13431030720185795992166787692316254299&gdpr=0&gdpr_consent=
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ford.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:31 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 get Show response
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/ 284 B
372 B 178ms
178ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/get?uid=62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a

Requested by

Host: www.ford.com
URL: https://www.ford.com/fps/script/Ford/USA?xdc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

4fef7c361e1c8a91e632b5c7f0c13e1ba9b8a9b6fa06183e1ad0641b953122f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-azure-ref: 0Fx21YgAAAAAxTH8vjF6jTLzfXEENa4PIQlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=

OPTIONS
H2 200 get
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/ Frame 0
0 124ms
124ms Preflight 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/get?uid=62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Fri, 24 Jun 2022 02:10:30 GMT
x-azure-ref: 0Fx21YgAAAAAv5lEoBiSASaX02kdBfuYYQlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/shultsfordsouth.com/ 159 B
346 B 305ms
95ms Fetch
application/json 147.185.239.105
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/shultsfordsouth.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.185.239.105 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 1b1d4a929c9a6841bf5384b40f6a652de583c0ac0cb147b14f0524261e9ec2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
last-modified: Fri, 24 Jun 2022 02:09:12 GMT
etag: "9f-62b51cc8-57bb075e9b8d8df4;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 159
expires: Sat, 25 Jun 2022 02:10:31 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame AA55
Redirect Chain

https://tags.bluekai.com/site/43981?id=13431030720185795992166787692316254299&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
963 B

164ms
164ms

Image
image/gif

34.248.142.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

HTTP/1.1

Server

34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-142-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ford.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-043e1d4d2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: D+MZXWSFTN0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Date: Fri, 24 Jun 2022 02:10:31 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 v3 Show response
js.stripe.com/ 313 KB
74 KB 192ms
6ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: checkout.autofi.com
URL: https://checkout.autofi.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e7d7e86ab5d9ff97059d7cc843978fdb3c41b22ab9692bbc5840cc8f51a73ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 7
x-cache: HIT
content-length: 75451
etag: "c854ac30802949088dec03f39b16205d"
x-request-id: 31551351-3d7d-4d48-b892-403cd596a76f
x-served-by: cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 22:44:57 GMT
server: Fastly
date: Fri, 24 Jun 2022 02:10:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H/1.1 403
Forbidden autofiData Show response
lender.autofi.com/api/v1/ 116 B
1 KB 870ms
626ms XHR
application/json 54.84.84.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://lender.autofi.com/api/v1/autofiData?currentUrl=https:%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit

Requested by

Host: checkout.autofi.com
URL: https://checkout.autofi.com/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.84.84.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-84-22.compute-1.amazonaws.com

Software

Resource Hash

34924bf674641aad200185693a615a4532d10e2ca8e1462761d246c1a8c90589

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 02:10:32 GMT
Via: 1.1 spaces-router (af36242f44a2)
X-Content-Type-Options: nosniff
Surrogate-Control: no-store
X-Dns-Prefetch-Control: off
X-Protected-By: Sqreen
Vary: Origin, Accept-Encoding
Content-Length: 116
X-Xss-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Etag: W/"74-a2BFNPkScYGhzG874hHiMbwakiM"
X-Download-Options: noopen
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA55
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=3J4zbHxPQAm6u_9sANM6zQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13431030720185795992166787692316254299

43 B
556 B

103ms
103ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13431030720185795992166787692316254299

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ford.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jun 2022 02:10:32 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H9923F124A0QB2VD98JD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v034-0f760b308.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ERwm6ayLSVM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=13431030720185795992166787692316254299
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 nextGenFrameLoader.js Show response
fo-static.assets-cdk.com/app/connectedstore/web/integration/ 13 KB
3 KB 626ms
625ms Script
application/javascript 2600:9000:2156:d800:a:7593:bf40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGenFrameLoader.js?_=1656036631499
Requested by: Host: fo-static.assets-cdk.com
URL: https://fo-static.assets-cdk.com/app/connectedstore/web/integration/nextGen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d800:a:7593:bf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83cfd99bb43cb269d6e8b9720814ae6a858e8b3bfb3275e10833a3840116c16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 02:10:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 13:28:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"8b9744e22e3fa06f2062ab4529bc1531"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 8XzVGIaRNecZo6cAyvZbuy82JEFwZzey
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-replication-status: FAILED
content-type: application/javascript
x-amz-cf-id: FFIhCfT51u-c_0dKQpnNc0gdsFgqCY5saL6wIsSMC3QPnw_OF-e8kQ==

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 35ms
19ms XHR
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: integrator.swipetospin.com
URL: https://integrator.swipetospin.com/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4241461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26909
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1AtCyT4oPP4UK7KzDt4rABo8I7OvIIJr6s3hL6b47Ial7uQVf9eVG4tUlrjOYLrV9RhlvMW6WwByc%2B8aQNgp7Ba64R7wDKnCS%2BI%2F6kIYbihVTdSTKad%2FR1uMh%2BOaCryguH5HxvegOmuqBmzg1mIIwZC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7201ed7318342397-ZRH
expires: Wed, 14 Jun 2023 02:10:31 GMT

POST
H2 200 day Show response
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/insights/count/bytime/tierdrop%7Ctn/ 16 B
290 B 131ms
131ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/insights/count/bytime/tierdrop%7Ctn/day

Requested by

Host: www.ford.com
URL: https://www.ford.com/fps/script/Ford/USA?xdc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:30 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-azure-ref: 0Fx21YgAAAAAkNZ4L4gy8QKCuV0NhGsDgQlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=

GET
H2 200 walkaround.scss
cdn.spincar.com/spincar-static/20190909/i18n/ 43 KB
9 KB 40ms
6ms Stylesheet
text/css 2600:9000:2057:6400:19:2275:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spincar.com/spincar-static/20190909/i18n/walkaround.scss?_=3349ca898c3ce4
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:19:2275:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf5dbf4281457879edd5128c7de20106871b03f94896e0143601a236d01ccc2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 19 Jun 2022 23:46:46 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 19:44:39 GMT
server: AmazonS3
age: 354226
etag: "d23202b9b0e5405ac5dc22cdea9208bd"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 8717
x-amz-cf-id: w57haZ7fnOd9dFwhl8lKrnV61oQTphOmjvbliNngk1A2MrbXFSOBvQ==

GET
H2 200 static_content_deployment.js Show response
cdn.spincar.com/spincar-static/ 61 B
485 B 39ms
7ms Script
application/javascript 2600:9000:2057:6400:19:2275:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spincar.com/spincar-static/static_content_deployment.js?_=27600610
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:19:2275:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3a9213e34c0f222c1ac8bbd393572837c0fd576a0a5db132c44c54103992d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 02:09:48 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 16:48:39 GMT
server: AmazonS3
age: 44
etag: "28c297a4212c5191c5d327ebfd4ee079"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=60, s-maxage=60
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 79
x-amz-cf-id: J_TFVB3IGvYCzP9iwav9PaWMJbmYZLp64r4I22CSVBKfr90Q_2ZyfQ==

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 235 KB
25 KB 183ms
183ms Fetch
application/json 147.185.239.105
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.185.239.105 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 513f4e6cef6e711dd78bc89a856ba58f3c9213137ff6fef8be183639750f7b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: br
last-modified: Thu, 23 Jun 2022 18:03:03 GMT
etag: "3ac79-62b4aad7-44195b3f16d845ee;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25603
expires: Sat, 25 Jun 2022 02:10:31 GMT

GET
H2 403 shultsfordsouth.com.js
cdn.spincar.com/spincar-static/integrate/ 0
0 425ms
425ms Script
application/xml 2600:9000:2057:6400:19:2275:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spincar.com/spincar-static/integrate/shultsfordsouth.com.js?_=e714465c
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:19:2275:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 client_id.html Show response
cdn.spincar.com/spincar-static/ana2/ Frame A8EA 915 B
958 B 6ms
6ms Document
text/html 2600:9000:2057:6400:19:2275:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spincar.com/spincar-static/ana2/client_id.html?_=3349ca898c3ce4
Requested by: Host: integrator.swipetospin.com
URL: https://integrator.swipetospin.com/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:19:2275:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 344e0507e8bd6b3d60c138e91aff3cc177e6ad97c55a54ba4380ad215d7a003a

Request headers

Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 195814
cache-control: max-age=604800, public
content-encoding: gzip
content-length: 568
content-type: text/html
date: Tue, 21 Jun 2022 19:46:57 GMT
etag: "2c8484326fdeb1306e912f6e32bffb7e"
last-modified: Tue, 14 Jun 2022 19:44:52 GMT
server: AmazonS3
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: khFBfqK8DDnYBK1VjTzMdF9xEtuN2VD_JRXISPCHtfrW1zh0fD5QFg==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 client_id.html Show response
cdn.spincar.com/spincar-static/ana2/ Frame A8EA 915 B
957 B 6ms
6ms XHR
text/html 2600:9000:2057:6400:19:2275:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.spincar.com/spincar-static/ana2/client_id.html?_=3349ca898c3ce4
Requested by: Host: cdn.spincar.com
URL: https://cdn.spincar.com/spincar-static/ana2/client_id.html?_=3349ca898c3ce4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6400:19:2275:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 344e0507e8bd6b3d60c138e91aff3cc177e6ad97c55a54ba4380ad215d7a003a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.spincar.com/spincar-static/ana2/client_id.html?_=3349ca898c3ce4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 21 Jun 2022 19:46:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 19:44:52 GMT
server: AmazonS3
age: 195814
etag: "2c8484326fdeb1306e912f6e32bffb7e"
x-cache: Hit from cloudfront
content-type: text/html
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 568
x-amz-cf-id: 3OlMKDXXKCNms-syyhimrD2Ley8r8lb1G3PddxbnliycKrnBpMVGZw==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2A1F 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.shultsfordsouth.com
Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.shultsfordsouth.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:31 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
gubagoo.io/c/118852/ 1 KB
1 KB 497ms
173ms XHR
application/json 34.225.134.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gubagoo.io/c/118852/?ver=3.0&__ggtruid=1656036631905.331a79a8-fa42-c04f-0dc9-0b9d90e66b74&&href=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&res=1600_1200&ta=1&toolbar_id=1&pl=w10&br=ch&lang=en&__ggtrns=1&page_title=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsbu&t=1656036631908&tas%5BFBP%5D=fb.1.1656036631240.1201365554&data_type=json&&&

Requested by

Host: gubagootracking.com
URL: https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.225.134.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-134-186.compute-1.amazonaws.com

Software

Resource Hash

7074184c483a6bfebf5fae6a183f1fa922e5760dc1ba726f3be1802af4088db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
date: Fri, 24 Jun 2022 02:10:32 GMT
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Emulated-Get,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Api-Token,Authorization
x-xss-protection: 1; mode=block
access-control-request-headers: origin, content-type, accept, Api-Token

GET
H2 200 loader.js Show response
cbo-loader.gubagoo.io/ 0
14 KB 401ms
97ms Fetch
application/javascript 35.170.158.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cbo-loader.gubagoo.io/loader.js?t=1655935798&t=1655935798

Requested by

Host: gubagootracking.com
URL: https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.170.158.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-158-2.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: onesignal.com cdn.onesignal.com gubagoo.io .gubagoo.io .resq.rocks https://cdnjs.cloudflare.com cdn.ravenjs.com https://.gstatic.com https://.googleapis.com 'unsafe-inline'; img-src data: ; connect-src ws: wss: gubagoo.io .gubagoo.io .gubagoo.com .resq.rocks sentry.io .googleapis.com onesignal.com .mixpanel.com; child-src .gubagoo.io .tradepending.com www.700dealer.com www.700creditsolution.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Jun 2022 13:48:56 GMT
x-xss-protection: 1; mode=block
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=31536000
content-security-policy: default-src 'self' data: onesignal.com cdn.onesignal.com gubagoo.io *.gubagoo.io *.resq.rocks https://cdnjs.cloudflare.com cdn.ravenjs.com https://*.gstatic.com https://*.googleapis.com 'unsafe-inline'; img-src data: *; connect-src ws: wss: gubagoo.io *.gubagoo.io *.gubagoo.com *.resq.rocks sentry.io *.googleapis.com onesignal.com *.mixpanel.com; child-src *.gubagoo.io *.tradepending.com www.700dealer.com www.700creditsolution.com;
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Sat, 24 Jun 2023 02:10:32 GMT

GET
H2 200 toolbar_118852_1.js Show response
cdn.gubagoo.io/toolbars/118852/ 0
303 KB 490ms
468ms Fetch
text/javascript 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gubagoo.io/toolbars/118852/toolbar_118852_1.js?t=1655935798
Requested by: Host: gubagootracking.com
URL: https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 14:28:32 GMT
server: AmazonS3
etag: W/"3082e7ac55f4bcd3a893ee4e9efa7632"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: Gd7ZMFimzMi6t1sz3MfZuHEwcZAQQPno
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cache-control: max-age=300
content-type: text/javascript
x-amz-cf-id: dY4XO3PwFFqQeXXOQTdIyTo07T9gQ1z4sMEP6fNo37aGVTFsXoibEw==
expires: Thu, 23 Jun 2022 14:33:12 GMT

POST
H2 200 set Show response
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/ 133 B
355 B 159ms
158ms XHR
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/set

Requested by

Host: www.ford.com
URL: https://www.ford.com/fps/script/Ford/USA?xdc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

cf3e49414eeb6f0bd9dd120aa721e720a49c1f3870b4e472b0671894e4b0297f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 02:10:31 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-azure-ref: 0GB21YgAAAACtwA9QKWcKTq3Tf3pdEEIVQlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=

OPTIONS
H2 200 set
fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/ Frame 0
0 125ms
124ms Preflight 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fps-prod-na-frontdoor.z01.azurefd.net/fps/api/personalization_1_8/set
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Fri, 24 Jun 2022 02:10:31 GMT
x-azure-ref: 0GB21YgAAAADO0hZrxOiCTaFZqbLm3Pv8QlJVMzBFREdFMDQxMAA3OWNkMGYxYi1iYzgzLTQ0OTctOTEyYy02NGYyMWZhMmFkMzM=
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

GET
H2 200 999cc6f7c943440d806d536e488970b5.js Show response
media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/ 13 KB
5 KB 8ms
8ms Script
application/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/websites/content/cblt-ms-product/file/90b0284b-b946-4630-8dd7-0c8d904557b3/999cc6f7c943440d806d536e488970b5.js
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/b31f56cad1c0c849b64c1a60f45a6380/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 01:50:28 GMT
content-encoding: gzip
x-original-content-length: 13304
age: 1296
x-cache: Hit from cloudfront
x-server-start-time: 1655778718189
logging-correlationid: RJKJksqKF8QSw2FfcofRcokZH9alN5_PC3f5cLrYzPgrbOCietUJiw==
access-control-allow-origin: *
last-modified: Mon, 05 Apr 2021 15:46:14 GMT
server: nginx
x-server-response-time: 17
vary: accept-encoding
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Q3KbcYR8Uxw7MPlhg_XhNLwL-ZQ49SytF9u-UTBeIXiRacWwizCaXQ==
expires: Tue, 21 Jun 2022 03:31:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
80 KB 50ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Requested by

Host: wsassets.sincrod.com
URL: https://wsassets.sincrod.com/websites/dynamic/bundles/5.0-8359/prt/tqwiyi50vvuu4uvcpwq==/pixeltag.js?webId=ford-shults-south&locale=en_US&originalDomain=http%3A%2F%2Fwww.shultsfordsouth.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79905fa9c1fa5308b609e8fea47193df27f5911e653c68baac03d2e2c6b215f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81657
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
79 KB 39ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVRF2Q2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

755810d829a0945af916da87adf5af1b2577df753af6ee725228ba5c627c4b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80599
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 signals.js Show response
fzlnk.com/ 44 KB
8 KB 311ms
98ms Script
application/javascript 52.201.41.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fzlnk.com/signals.js

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/e39/f15e0949c100588110050568b5709/e39f15e0949c100588110050568b5709.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.41.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-41-73.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b7d436259d9e51363161e007905ef250116c889ec097096b5097d7aebe9e317b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.autoalert.com service.force.com ec.walkme.com cdn.walkme.com
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 17:16:38 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.autoalert.com service.force.com ec.walkme.com cdn.walkme.com
strict-transport-security: max-age=63072000; includeSubdomains
accept-ranges: bytes
content-length: 8048
etag: "09fcfa4d48ed71:0"

GET
H2 200 dt.js Show response
dt.cobaltgroup.com/ 20 KB
8 KB 518ms
171ms Script
text/javascript 13.57.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=B8C547FA7B0F62BA1EEA7327C60AE488&webid=ford-shults-south&sitetype=dealer&eventId=299f60183dad10068ef0080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&_=1656036629866
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/b31f56cad1c0c849b64c1a60f45a6380/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.57.85.43 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-57-85-43.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: cad00e97b1de2c9c8b041aac59c7d56fa8395adcebbf59507050c77cf4a29d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:32 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: text/javascript
content-length: 6651
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2

200

websites.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/websites.gif?header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&header_page_layout=ApplyForCredi...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=https%253a%252f%252ftraffic.prod.cobaltgroup.com%252fwebsites.gif%253fcs%253agvid%253d%255bdtuid%255d%2526header_request_domain%253dwww.shults...
https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1656036632565727396&header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&head...

43 B
997 B

448ms
447ms

Image
image/gif

143.204.89.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1656036632565727396&header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&header_page_layout=ApplyForCredit_D|standard&header_request_uri=%2FApplyForCredit&header_visitor_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_event_id=299f60183dad10068ef0080020f0176c113661995815&header_session_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_site_id=ee0f6c00ec3f10058a68080020f0176c&cs:plt=4810&cs:svrt=395&cs:ttfb=2285&cs:loc=en_US&cs:theme=dcw-design-ford-distinctly&cs:zip=15236-1447&cs:s=ford-shults-south&cs:userState=loggedOut&cs:checksum=1
Protocol: H2
Server: 143.204.89.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-20.fra50.r.cloudfront.net
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 13:32:55 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: HAGdhFRcjpRPyivHE7d43nW-UPU_Rq-86X2blDKtIewBJmAl9uL4cQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 24 Jun 2022 02:10:32 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:32 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/websites.gif?cs:gvid=1656036632565727396&header_request_domain=www.shultsfordsouth.com&header_page_name=ApplyForCredit_D&header_page_label=ApplyForCredit_D&header_page_layout=ApplyForCredit_D|standard&header_request_uri=%2FApplyForCredit&header_visitor_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_event_id=299f60183dad10068ef0080020f0176c113661995815&header_session_id=B8C547FA7B0F62BA1EEA7327C60AE488&header_site_id=ee0f6c00ec3f10058a68080020f0176c&cs:plt=4810&cs:svrt=395&cs:ttfb=2285&cs:loc=en_US&cs:theme=dcw-design-ford-distinctly&cs:zip=15236-1447&cs:s=ford-shults-south&cs:userState=loggedOut&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 484b66807998100580ab20145efa6b30.js Show response
media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/ 24 KB
6 KB 11ms
10ms Script
text/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/484/b66807998100580ab20145efa6b30/484b66807998100580ab20145efa6b30.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:10:23 GMT
content-encoding: gzip
x-original-content-length: 24575
age: 65
x-cache: Hit from cloudfront
x-server-start-time: 1655777486462
logging-correlationid: lEHhYhtFMiJHUDPvmbxCI1q_1_-zAH2r9njfy7yibdI_NvOgaSF5sg==
access-control-allow-origin: *
last-modified: Mon, 26 Nov 2018 19:55:56 GMT
server: nginx
x-server-response-time: 17
vary: accept-encoding
content-type: text/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -4fE1wPdKg9UvxZ0QzK58AyGPf6F3i6wlDJ4PSENrVpMO5WdYZxktg==
expires: Tue, 21 Jun 2022 02:16:26 GMT

GET
H2 200 7cdce3907c97100587d020145edef087.js Show response
media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/ 51 KB
11 KB 9ms
9ms Script
text/javascript 143.204.89.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-85.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-id: cdk-pdx
date: Fri, 24 Jun 2022 02:05:34 GMT
content-encoding: gzip
x-original-content-length: 52178
age: 297
x-cache: Hit from cloudfront
x-server-start-time: 1655438086767
logging-correlationid: tEMx1CaJc6_gttI4K3pmxFs7967X_KBZIzP0bUNSp-_coqaxcQwdlQ==
access-control-allow-origin: *
last-modified: Fri, 14 Jun 2019 22:09:57 GMT
server: nginx
x-server-response-time: 17
vary: accept-encoding
content-type: text/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
access-control-expose-headers: X-Original-Content-Length
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: u4xzVC8ys6JBFNYazLOds9M4G8Hp0XviQ-bGG3sac7TNKmJ25N1dFg==
expires: Tue, 21 Jun 2022 03:57:10 GMT

GET
H/1.1 403
Forbidden xrdStart.do Show response
www.routeone.net/XRD/ Frame 8CC3 489 B
643 B 2304ms
168ms Document
text/html 141.193.251.239
SECURE-24-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.routeone.net/XRD/xrdStart.do?dealerId=IR4EQ
Requested by: Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/hydra-graph/hydra-graph-docker-1.0.25201/dcef0f00fac4ef6254bea39b39b4b518/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.193.251.239 , United States, ASN46746 (SECURE-24-AS, US),
Reverse DNS
Software: /
Resource Hash: 989a307c1e8c954c403599c03dd9884039cd52228a09da9d592cad78a38d73b7

Request headers

Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Length: 489
Content-Type: text/html; charset=iso-8859-1
Pragma: no-cache

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 2CD7 240 B
572 B 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1149883
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 02:10:32 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 380604
x-content-type-options: nosniff
x-request-id: 21308dd7-de72-4582-8951-fe85390ce272
x-served-by: cache-hhn4063-HHN

GET
H2 200 8649.js Show response
script.crazyegg.com/pages/scripts/0025/ 5 KB
2 KB 70ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0025/8649.js?460010
Requested by: Host: wsassets.sincrod.com
URL: https://wsassets.sincrod.com/websites/dynamic/bundles/5.0-8359/prt/tqwiyi50vvuu4uvcpwq==/pixeltag.js?webId=ford-shults-south&locale=en_US&originalDomain=http%3A%2F%2Fwww.shultsfordsouth.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f68ec748e6ca1cda1be48a6b9f45f0772a3b71e143354e8fa4922a7d016c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33398
cf-polished: origSize=5359
cf-ray: 7201ed774f250208-ZRH
ce-version: 11.1.454
last-modified: Thu, 23 Jun 2022 16:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H2 200 csp-report
q.stripe.com/ Frame 2CD7 0
571 B 497ms
159ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
45 KB 39ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TNHPV5T

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f7b48af9d7364b9cae5a0a44035509dace8df76e12239abfd21c9fa1c55a793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46522
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45062039-5

Requested by

Host: media.assets.sincrod.com
URL: https://media.assets.sincrod.com/teams/repository/export/7cdce3907c97100587d020145edef087/7cdce3907c97100587d020145edef087.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e96d3915b55b9dc79d9ee8ac6d07f2537d75a1af56bdf11a645f9b1ebace18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39857
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2CD7 1 KB
798 B 6ms
6ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 83d5e542-7c17-403b-a9fd-2b9d461a8e03
x-served-by: cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Fastly
date: Fri, 24 Jun 2022 02:10:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2

200

w.gif
traffic.prod.cobaltgroup.com/
Redirect Chain

https://traffic.prod.cobaltgroup.com/w.gif?cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_responsive&cs:s=ford-shults-south&...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?url=https%3a%2f%2ftraffic.prod.cobaltgroup.com%2fw.gif%3fcs%3agvid%3d%5bdtuid%5d%26cs%3aev%3d299f60183dad10068ef0080020f0176c113661995815%26cs%3ap...
https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1656036632565727396&cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_respon...

43 B
994 B

580ms
579ms

Image
image/gif

143.204.89.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1656036632565727396&cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_responsive&cs:s=ford-shults-south&cs:si=ee0f6c00ec3f10058a68080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:vi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:theme=dcw-design-ford-distinctly&cs:wt=card-header-a72a7c31-c7d0-4858-8b51-5e26e6861e32,,0,0,0,1600,162,15,0,0&cs:wt=card-Home-5a7bdff0-7cfc-486f-b86a-fff6c846fa74,,0,20,28,72,44,18,0,0&cs:wt=card-Custom%20Order-fd9e395e-bfdb-4af8-9b25-8fe3ffbdabe9,,0,92,28,128,44,18,0,0&cs:wt=card-New-da3e4924-075f-44bf-bd42-97eda15118e7,,0,220,28,61,44,18,0,0&cs:wt=card-navigationModelInventoryb69184fc-fac69c56-0a3f-427a-b14f-90aa1737a651_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,18,0,0&cs:wt=card-Pre-Owned-017d83ad-bd38-4e4f-9e12-e74ae37181b1,,0,281,28,109,44,17,0,0&cs:wt=card-navigationModelInventoryedc96749-3eaf472d-1b1f-43b4-b0e9-8686ee626a58_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,17,0,0&cs:wt=card-Service%20&%20Parts-37257a37-8405-4b61-bf30-d03230827362,,0,390,28,136,44,17,0,0&cs:wt=card-Bronco-31047d95-5511-4d29-a782-dd983ddcc10f,,0,526,28,80,44,17,0,0&cs:wt=card-Commercial-05c76ea6-008d-45da-9553-2bf90310b296,,0,606,28,115,44,18,0,0&cs:wt=card-Performance-7555cda4-a7db-4bcc-b404-e20b8a92ec67,,0,721,28,121,44,18,0,0&cs:wt=card-Credit%20Pre-Approval-73759adc-607d-4c48-bb13-bc85cb5408ac,,0,842,28,167,44,17,0,0&cs:wt=card-aboutMessageCard-97292fec-8aa4-4ac5-8210-91b41c5abc57,,0,0,235.796875,1600,807,17,0,0&cs:wt=card-footer-cf0cb407-9196-4db5-9df8-d7e4fc8602d4,,0,0,1042.796875,1600,610,12,0,0&cs:wt=card-footerDealerInformation-add908ef-492f-4226-aac0-b624a5a41b72,,0,0,1108.796875,1600,52,17,0,0&cs:wt=card-footerMedia-e6b2d6bb-bea7-45d1-9063-4378bc787fd3,,0,0,1160.59375,1600,62,18,0,0&cs:wt=card-genericCard-b3aa7ad2-ce0d-424e-899d-0aeece40b2f6,,0,0,0,100,0,13,0,0&cs:w=1600,1200,28&cs:vs=&cs:checksum=1
Protocol: H2
Server: 143.204.89.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-20.fra50.r.cloudfront.net
Software: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 13:32:55 GMT
server: Apache/2.2.15 (CentOS) mod_perl/2.0.4 Perl/v5.10.1
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 43
x-amz-cf-id: ecX9eI1fKiWUGzdj2xmxfwmysb8lRtWclWX6h-rkJ5SCBauXM0fT8w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 24 Jun 2022 02:10:32 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:32 GMT
server: CJ Service 2.0
location: https://traffic.prod.cobaltgroup.com/w.gif?cs:gvid=1656036632565727396&cs:ev=299f60183dad10068ef0080020f0176c113661995815&cs:pg=ApplyForCredit_D&cs:plb=ApplyForCredit_D&cs:ply=ApplyForCredit_responsive&cs:s=ford-shults-south&cs:si=ee0f6c00ec3f10058a68080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:vi=B8C547FA7B0F62BA1EEA7327C60AE488&cs:theme=dcw-design-ford-distinctly&cs:wt=card-header-a72a7c31-c7d0-4858-8b51-5e26e6861e32,,0,0,0,1600,162,15,0,0&cs:wt=card-Home-5a7bdff0-7cfc-486f-b86a-fff6c846fa74,,0,20,28,72,44,18,0,0&cs:wt=card-Custom Order-fd9e395e-bfdb-4af8-9b25-8fe3ffbdabe9,,0,92,28,128,44,18,0,0&cs:wt=card-New-da3e4924-075f-44bf-bd42-97eda15118e7,,0,220,28,61,44,18,0,0&cs:wt=card-navigationModelInventoryb69184fc-fac69c56-0a3f-427a-b14f-90aa1737a651_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,18,0,0&cs:wt=card-Pre-Owned-017d83ad-bd38-4e4f-9e12-e74ae37181b1,,0,281,28,109,44,17,0,0&cs:wt=card-navigationModelInventoryedc96749-3eaf472d-1b1f-43b4-b0e9-8686ee626a58_0dc8c01d-96cc-42c8-8922-06fdbe435bd6,,0,0,0,100,100,17,0,0&cs:wt=card-Service & Parts-37257a37-8405-4b61-bf30-d03230827362,,0,390,28,136,44,17,0,0&cs:wt=card-Bronco-31047d95-5511-4d29-a782-dd983ddcc10f,,0,526,28,80,44,17,0,0&cs:wt=card-Commercial-05c76ea6-008d-45da-9553-2bf90310b296,,0,606,28,115,44,18,0,0&cs:wt=card-Performance-7555cda4-a7db-4bcc-b404-e20b8a92ec67,,0,721,28,121,44,18,0,0&cs:wt=card-Credit Pre-Approval-73759adc-607d-4c48-bb13-bc85cb5408ac,,0,842,28,167,44,17,0,0&cs:wt=card-aboutMessageCard-97292fec-8aa4-4ac5-8210-91b41c5abc57,,0,0,235.796875,1600,807,17,0,0&cs:wt=card-footer-cf0cb407-9196-4db5-9df8-d7e4fc8602d4,,0,0,1042.796875,1600,610,12,0,0&cs:wt=card-footerDealerInformation-add908ef-492f-4226-aac0-b624a5a41b72,,0,0,1108.796875,1600,52,17,0,0&cs:wt=card-footerMedia-e6b2d6bb-bea7-45d1-9063-4378bc787fd3,,0,0,1160.59375,1600,62,18,0,0&cs:wt=card-genericCard-b3aa7ad2-ce0d-424e-899d-0aeece40b2f6,,0,0,0,100,0,13,0,0&cs:w=1600,1200,28&cs:vs=&cs:checksum=1
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: application/json
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5019 930 B
2 KB 35ms
11ms Document
text/html 2600:9000:2156:7600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 272
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 02:06:19 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id: Wefr06II2TRt1TTEvBvXHQKt5UbJqU8WW1d4-tvRRaU_hCpm0KFSeQ==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
40 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GN3BVQ

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30e1ef7593b929ad135e7cdcd98a42c4e1132511ae6cc9ff995e98ac185ccfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41073
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
34 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3DB5M4

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8356b1753a93f779331e8417546cc2857110bc74b77c201ae1c2210f33c8247a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34292
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3943
date: Fri, 24 Jun 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 03:04:49 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5019 0
344 B 437ms
163ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632

42 B
587 B

36ms
14ms

Ping
image/gif

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&rnd=1812923324.1656036632&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&gtm=2wg6m0NBTHFZD&auid=2115498116.1656036632
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 54ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 56ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBTHFZD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 092988108B1D44CA9354CF7DFEE0431F Ref B: FRAEDGE1221 Ref C: 2022-06-24T02:10:32Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 24 Jun 2022 02:10:32 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 8649.json Show response
script.crazyegg.com/pages/data-scripts/0025/ 189 KB
6 KB 44ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0025/8649.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/8649.js?460010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159ef4d9ddb4210a1c80efcc985301e806d434d350ca6626eb5a1fba7e4bb710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33396
ce-version: 11.1.454
content-length: 6163
timing-allow-origin: *
last-modified: Thu, 23 Jun 2022 16:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7201ed77edbd0200-ZRH

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 5019 86 KB
14 KB 9ms
9ms Script
text/javascript 2600:9000:2156:7600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 155
date: Fri, 24 Jun 2022 02:08:03 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: apFof_tDH5U81kuLTLkrPFocxuZUc6Arko09grYuxoqoi1TkRZ3ElA==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 16ms
15ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtm.init_consent&eid=0&u=AAAAAAI&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 23ms
21ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtm.init&eid=1&u=AAAAAAI&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 32ms
30ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtm.js&eid=2&u=AAAAAAI&tc=1&tr=1rep&ti=1rep&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 32ms
30ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtm.dom&eid=5&u=AAAAAAI&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 32ms
30ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtm.load&eid=6&u=AAAAAAI&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QWNJS2B4B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNHPV5T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d04d8cf413dd55fef13403f8e5e68f54bd36de1ab4e567973b7d14cce3d95def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70128
x-xss-protection: 0
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 986593931687424 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 121ms
120ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/986593931687424?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11635292c73784293659a8367851c8772c34406ecaf1f19a4c9c27c1cf4c68df

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: H1LoQ+qzpL63cjSmHXGrkBngIp3cEAKHo1cDttAhQpi+zGqfIRCsOTxeFR4tNvTx3LU6IiMC0HONpL/Uc5ofrw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656036632413
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC7e51dd585e024d1dabf60c42380ecf4a-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 506 B
579 B 18ms
17ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC7e51dd585e024d1dabf60c42380ecf4a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2e85eefcb1e07382613b4c1bc4947863bc077989a14979d2b18a2a7206056d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RCebda7ddd79824ee281add1925def233f-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 7 KB
3 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RCebda7ddd79824ee281add1925def233f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 51810e54fbe5651dfa644edf7903aab75804fbb1b2545259c8a1902a97637dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2543
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RCed591b3c636b4e17a5b4fbe198de1b80-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 2 KB
1 KB 17ms
17ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RCed591b3c636b4e17a5b4fbe198de1b80-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 917375849ec4330488a733867ecda4e9ba60618ce62aabfb8eacf4e2a1277ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1258
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RC072474df86b349eebcb3cb6c6da65f30-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 298 B
452 B 242ms
241ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC072474df86b349eebcb3cb6c6da65f30-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 48ba994a639e2f32fed95f9b703dbc36c14af9f662e078866d4c094f2899d7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 182
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RC7801841467a140b493511bae0ab6eb75-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 3 KB
1 KB 137ms
137ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC7801841467a140b493511bae0ab6eb75-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 65378f092b110d28b911e5f5e20d83bd8763d4e6efb44d0709721ef784ab99e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1216
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RC0dbe8ac3717042eebec857e3b06f7805-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 1 KB
842 B 20ms
20ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC0dbe8ac3717042eebec857e3b06f7805-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 16b523dcd6a155504995b813342a824660adb81f2fdd7259ba87a285dadff4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 571
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RCdb046b43eb1040f8b6a0c56486bec6b7-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 1 KB
790 B 26ms
25ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RCdb046b43eb1040f8b6a0c56486bec6b7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 526ed6796fd66af711c6e5900fc940e1e0f1b3112fcbc0e4a5e9258f20a80aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 519
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RC61045c3ae3dd42f69bc7f514b69a76d4-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 1 KB
740 B 23ms
23ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC61045c3ae3dd42f69bc7f514b69a76d4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6e1b79ec68183959e8ea8d86db9b1a84b76c03b60d74ea4851598aa626a162b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 469
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RC7ef6cdbc46ec48a58561d2d0af622819-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 2 KB
954 B 24ms
24ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RC7ef6cdbc46ec48a58561d2d0af622819-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f6d9fc8462ef09acf5d1987b19a3e04c15c921699fc82679c7e94311fd454d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 683
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H2 200 RCc2277bd5fe44480cad798f45275872d8-source.min.js Show response
assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/ 3 KB
1 KB 27ms
27ms Script
application/x-javascript 2a02:26f0:ef:280::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/RCc2277bd5fe44480cad798f45275872d8-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:280::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7bb0b42de5898d2705e191543dfc4034a84c69381e21a58cb04ac0202caf308f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 17:33:08 GMT
server: AkamaiNetStorage
etag: "2e6e17d503ba6086d56e732a933c871c:1655400788.406902"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1247
expires: Fri, 24 Jun 2022 03:10:32 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
47 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-B3SV2BB

Requested by

Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e4dc1213dc5cde2b73637adac1a663a2f9c2656ed656f57c17eb8bdb63896c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47611
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 s67678660203449 Show response
smetrics.ford.com/b/ss/fmcdealerconnection,fmcfordt123all/10/JS-2.5.0-LCS4/ 971 B
1 KB 110ms
109ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.ford.com/b/ss/fmcdealerconnection,fmcfordt123all/10/JS-2.5.0-LCS4/s67678660203449?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=24%2F5%2F2022%202%3A10%3A32%205%200&d.&nsid=0&jsonv=1&.d&sdid=0E4C6F45D15BE8AC-48DD3435D0854D86&mid=13676539679161643792182190576309257679&aamlh=6&ce=UTF-8&pageName=dc%3Afinance%3Acredit%20app&g=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&cc=USD&ch=financing&events=event17%2Cevent52&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=04682&h1=financing&c2=D%3Dv2&v2=Pittsburgh&c3=D%3Dv3&v3=44D&c4=D%3Dv4&v4=eng&c8=typed-bookmarked&v8=typed-bookmarked&c11=D%3Dv11&v11=dc%3Afinance%3Acredit%20app&c14=D%3Dv14&v14=ford&c15=D%3Dv15&v15=dc%3Acdk%3Aus&c19=dc%3Afinance%3Acredit%20app&c35=dc%3Afinance%3Acredit%20app&c37=210204&v38=D%3Dv8&c39=dc%3Afinance%3Acredit%20app&v39=v39%20no%20document.referrer%20found&v40=D%3Dv8&c48=D%3Dv8&c49=D%3Dv8&c52=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&v52=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&c54=D%3Dv54&v54=ui%3Arad%3Apc&v59=no%20voi&c71=mcidTO%3Asuccess%20%7C%20midType%3Aserver%20side%20mid&c72=VisitorAPI%20Present&v74=13676539679161643792182190576309257679&v75=no%20valid%20fid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=EFD95E09512D2A8E0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/68828d4aa871/EXdc82d83480104da1a4049c462b1f28fa-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

db81c73926eb48eede13e07dbb9db9ff718327a2b393956344e07a626ac7666d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-aam-tid: GQ2grkYiRuE=
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
x-c: main-1656.I07031f.M0-582
p3p: CP="This is not a P3P policy"
vary: *
content-length: 971
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v034-029061cb5.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Sat, 25 Jun 2022 02:10:32 GMT
server: jag
xserver: anedge-565ccfcb4f-dnqjn
etag: 3556311588371234816-4619837640384763933
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 23 Jun 2022 02:10:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2048197022&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&ul=en-us&de=UTF-8&dt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=995375965&gjid=859486949&cid=1449576099.1656036632&tid=UA-180968671-8&_gid=1674039227.1656036632&_r=1&_slc=1&cd3=applyforcredit&cd4=applyforcredit&cd1=shults%20ford%20south&cd39=04682&cd23=en_us&cd22=cblt-ms-ford&cd24=ford-shults-south&cd25=ee0f6c00ec3f10058a68080020f0176c&cd36=ford&cd29=sincro&cd27=3&cd21=prod&cd28=platform%3A%20sincro-nextgen-websites%2F5.0-8359%3B%20csi%20tagging%3A%202.2.3_scaleup&cd33=b8c547fa7b0f62ba1eea7327c60ae488&cd31=b8c547fa7b0f62ba1eea7327c60ae488&cd34=unauthenticated&z=1502678165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2048197022&t=event&_s=2&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&ul=en-us&de=UTF-8&dt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20interaction&ea=site_search_initialization&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1449576099.1656036632&tid=UA-180968671-8&_gid=1674039227.1656036632&z=1513746795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 13:09:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2048197022&t=event&_s=3&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&ul=en-us&de=UTF-8&dt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=percent_viewed&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1449576099.1656036632&tid=UA-180968671-8&_gid=1674039227.1656036632&cd55=50&z=1121343088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 13:09:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.454.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 18ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.454.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/8649.js?460010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0864517d69eb24ee1a69e04d937d426762588db7cbfd1b4e4a99e86244857113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 13:38:59 GMT
server: cloudflare
age: 35251
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 7201ed784fb20208-ZRH
content-length: 28087

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-111031593-1&cid=1449576099.1656036632&jid=1671475607&gjid=730521783&_gid=1674039227.1656036632&_u=YEDAAEABAAAAAC~&z=1265784326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 02:10:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45062039-5&cid=1449576099.1656036632&jid=1306024229&gjid=348835482&_gid=1674039227.1656036632&_u=YEDAAUABAAAAAC~&z=624915960

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 02:10:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/ 2 KB
1 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1042608535/?random=1656036632464&cv=9&fst=1656036632464&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&tiba=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd32dd1e09c094cc8e3ad7770a3c8b9cc11664f83ca739afc0f1f091a413758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 5019 156 B
522 B 480ms
164ms XHR
application/json 34.217.199.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.217.199.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-199-81.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9c30905ffd81a07f5d1c38082c1c6d95f3842445b28612cf8f1b11cb291fb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 204 0
bat.bing.com/action/ 0
174 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=&tm=gtm002&Ver=2&mid=06ed31d8-032f-4de7-ae0f-51bc74d8dfba&sid=d3a4a850f36211ec819bafcf6e1ca89b&vid=d3a4cdb0f36211ecb3d127a179414e8d&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&p=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&r=&lt=4823&evt=pageLoad&msclkid=N&sv=1&rn=315115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53D9F299E7664320AC1182D3D4E6D461 Ref B: FRAEDGE1221 Ref C: 2022-06-24T02:10:32Z
date: Fri, 24 Jun 2022 02:10:32 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t3WebsiteCookie.js Show response
creativesham.blob.core.windows.net/t3websitecookie-sc/ 35 KB
36 KB 439ms
96ms Script
text/javascript 52.240.48.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.240.48.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2794fd465664c81203539df50cb7bb8e343dbcb59598845c4c5169f7f01e92ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 24 Jun 2022 02:10:32 GMT
Last-Modified: Wed, 22 Jun 2022 14:03:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: gfsFn+BqvZIDfcrtPgjZHw==
ETag: 0x8DA545808D3F52D
Content-Type: text/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 1f758a64-c01e-00ce-616f-87c762000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 36197

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20%27+%27%20+%20floodId

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

036936a1ce14c6dc76151dbde8685c35030517bb7e7a5d22c9410b06fa99019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33730
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
353 B 43ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QWNJS2B4B8&gtm=2oe6m0&_p=2048197022&_z=ccd.v9B&_gaz=1&gcs=G111&cid=1449576099.1656036632&ul=en-us&sr=1600x1200&_s=1&sid=1656036632&sct=1&seg=0&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&dt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWNJS2B4B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QWNJS2B4B8&cid=1449576099.1656036632&gtm=2oe6m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWNJS2B4B8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shultsfordsouth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 49ms
18ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QWNJS2B4B8&cid=1449576099.1656036632&gtm=2oe6m0&aip=1&z=964455935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SyncCookie.ashx Show response
aalnk.com/ 376 B
681 B 315ms
97ms Script
text/javascript 35.173.71.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aalnk.com/SyncCookie.ashx?cachebuster=1656036633
Requested by: Host: fzlnk.com
URL: https://fzlnk.com/signals.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.71.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-71-4.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c7bf18d3d3298059c4e097b0a7267c594098f3119d208b516a5d15a9c1f9b1e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 371

GET
H2 200 SignalConfig.ashx Show response
aalnk.com/ 4 KB
1 KB 317ms
102ms Script
text/javascript 35.173.71.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aalnk.com/SignalConfig.ashx?s_wsID=&s_isMobile=false&cachebuster=1656036633
Requested by: Host: fzlnk.com
URL: https://fzlnk.com/signals.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.71.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-71-4.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4359202b149eb07e3ddea304f3a45c678975575759768cb663cb453e606d33f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
etag: 6/23/2022
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 984
expires: Sat, 25 Jun 2022 02:10:32 GMT

GET
H3 200 207816243310971 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 140ms
139ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/207816243310971?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1072d86cf488809be6dc47305bec0fb7288996943b2ac19cd1b5a2e32c60e159

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PO4C1f1LZNw7qHLmsQ97wReXDyJ6YqU4y7ltxEsX72fzrXpLtNtIEFkvqxFTHLZ07nq4jN6XUSeFOAzuRO6ZjA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656036632664
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=986593931687424&ev=PageView&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&rl=&if=false&ts=1656036632526&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656036631240.1201365554&it=1656036631110&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111031593-1&cid=1449576099.1656036632&jid=1671475607&_u=YEDAAEABAAAAAC~&z=338803945

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 25ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111031593-1&cid=1449576099.1656036632&jid=1671475607&_u=YEDAAEABAAAAAC~&z=338803945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 40ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45062039-5&cid=1449576099.1656036632&jid=1306024229&_u=YEDAAUABAAAAAC~&z=735772724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
26ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-45062039-5&cid=1449576099.1656036632&jid=1306024229&_u=YEDAAUABAAAAAC~&z=735772724

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8649.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0025/ 16 KB
3 KB 18ms
18ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0025/8649.json?t=460010
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d52866df91df2537088ccbfcb07889278f6f2cd27edc56bbe0263968d91623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33395
ce-version: 11.1.454
content-length: 2905
timing-allow-origin: *
last-modified: Thu, 23 Jun 2022 16:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7201ed797e7b0200-ZRH

GET
H3 200 /
www.google.com/pagead/1p-user-list/1042608535/ 42 B
64 B 32ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1042608535/?random=1656036632464&cv=9&fst=1656036000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&tiba=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&async=1&fmt=3&is_vtc=1&random=2528629088&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1042608535/ 42 B
154 B 20ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1042608535/?random=1656036632464&cv=9&fst=1656036000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&tiba=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&async=1&fmt=3&is_vtc=1&random=2528629088&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20%27+%27%20+%20analyticsid

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb3c99d25a213a4b8e262d2dd9cb4e02f741934d320d1648dc87080bfa66f503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33749
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
420 B 34ms
7ms XHR
binary/octet-stream 143.204.89.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-64.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 6537552
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: F-Tc8edLhzDlkgRmRa6dHtF-N3aGk-zfIE0Iefv7biVjk_8Uwmm5xw==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
420 B 58ms
6ms XHR
binary/octet-stream 143.204.89.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-113.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 15943565
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: uMUPgwHIEVl7_DgouQr2Clep8cpM-J-Hn5UzUoMI0MVQYwmFBzWeYQ==

GET
BLOB 200
OK 4d2b0573-1c47-43cc-aa35-c83d34ece7ea
https://www.shultsfordsouth.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.shultsfordsouth.com/4d2b0573-1c47-43cc-aa35-c83d34ece7ea
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 ckCookies.js Show response
dt.cobaltgroup.com/dt/ 17 B
170 B 163ms
162ms Script
text/javascript 13.57.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.cobaltgroup.com/dt/ckCookies.js?dtuid=1656036632565727396
Requested by: Host: dt.cobaltgroup.com
URL: https://dt.cobaltgroup.com/dt.js?uidindex=ws&uid=B8C547FA7B0F62BA1EEA7327C60AE488&webid=ford-shults-south&sitetype=dealer&eventId=299f60183dad10068ef0080020f0176c&cs:ssi=B8C547FA7B0F62BA1EEA7327C60AE488&_=1656036629866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.57.85.43 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-57-85-43.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: 46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
x-autoscale-group: dt-prod-ca-asg
server: Display Tracker 2.0
content-length: 37
content-type: text/javascript

GET
H/1.1 200
OK iu3
s.amazon-adsystem.com/ 0
0 108ms
107ms Image
text/html 209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?d=3pecm&ad=1509026001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 g.pixel
aa.agkn.com/adscores/ 43 B
500 B 112ms
29ms Image
image/gif 34.250.36.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212297528&puid=1656036632565727396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.36.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 200 msid.gif
px.marchex.io/ 43 B
381 B 314ms
98ms Image
image/gif 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/msid.gif?spid=cdk&uid=1656036632565727396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac87f37"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 451 398676.gif
idsync.rlcdn.com/ 0
98 B 37ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1656036632565727396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET a.gif
s.ixiaa.com/ 0
0

GET
H2 200 L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
d.turn.com/r/dd/id/ 43 B
398 B 66ms
32ms Image
image/gif 2001:678:cb4:bbbb::13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTkwODExL3QvMi9jYXQvMzE2MTg0MTQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2048197022&t=event&_s=4&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&ul=en-us&de=UTF-8&dt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20interaction&ea=site_search_visible&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1449576099.1656036632&tid=UA-180968671-8&_gid=1674039227.1656036632&z=1690639354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 13:09:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46840
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20%27+%27%20+%20adwordsid

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4062a23a607f79ca256db8184d9dba90e8dfecae479b6ef79cc640c64f096ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33713
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 156268828382942 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 95ms
95ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/156268828382942?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e4b26f2afe288e78b3fa5c75033e2204077c27d61f1ebb5e031282c422786f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: NuWzb/jwK8kpR2d7x2V/yGYO6whKAtb4DXOJD9vUN7LJfCkSYSNKC4hq+5tDJ5zxTLtUzfCh6lmiMzzifi6w0w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 02:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656036632843
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=207816243310971&ev=PageView&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&rl=&if=false&ts=1656036632750&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656036631240.1201365554&it=1656036631110&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20%27+%27%20+%20diNoPageViewUa

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

864502a3b06254f0a797eae674df73bc4013331ba363cf23bb6f42c25b2a1d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33738
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 121ms
40ms XHR
text/plain 52.48.114.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1656036632797
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.454.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.114.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: dc318a1facaf2dff8f9e2d372a54b974fbf16b6c610b74301c34f698e40d0390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 24 Jun 2022 02:10:32 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=%20%27+%27%20+%20fordflood

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52571863a599363e5a336d3cb2fc98fc98075c90982cc4ff2e1efcfdba7d6d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33731
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-690327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45062039-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bd0fdee931d7bb7024a1322d0f81fe0a1204549f6c99e87eaed47b33af4169f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39483
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-undef&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45062039-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e68b7a0207c24c76c8cfd874fb1dd0e7b4bd89ee80540c5c18bf9471003029f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39473
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156268828382942&ev=PageView&dl=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&rl=&if=false&ts=1656036632880&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656036631240.1201365554&it=1656036631110&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 02:10:32 GMT

GET
H2 200 jquery-3.2.1-permission-fix.min.js Show response
exos.azureedge.net/Scripts/V2/ 86 KB
31 KB 15ms
15ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://exos.azureedge.net/Scripts/V2/jquery-3.2.1-permission-fix.min.js
Requested by: Host: exos.azureedge.net
URL: https://exos.azureedge.net/Scripts/V2/StratosLoader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AC0) / ASP.NET
Resource Hash: d19ea24eb16259a32a4dd8da233a0ad363db963c37aadcbf91280b197fd7668c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
etag: "0ab5a8847fd81:0+gzip"
last-modified: Tue, 14 Jun 2022 00:16:46 GMT
server: ECAcc (ama/8AC0)
age: 15345
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 31148

GET
H3

200

activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=u... Show response
690327.fls.doubleclick.net/ Frame 8976
Redirect Chain

https://690327.fls.doubleclick.net/activityi;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=...
https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na...

3 KB
1 KB

42ms
27ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-690327&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

298bcfaef1099bfe478aade287a8a93afe9aaa55d15197aa5951380686499e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1245
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
expires: Fri, 24 Jun 2022 02:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
gubagoo.io/c/118852/ 1 KB
558 B 117ms
115ms XHR
application/json 34.225.134.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gubagoo.io/c/118852/?ver=3.0&__ggtruid=1656036631905.331a79a8-fa42-c04f-0dc9-0b9d90e66b74&ref=&href=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&res=1600_1200&t=1656036631906&ta=analytics_tag&ta_name=GA&ta_value=GA1.1.1449576099.1656036632&data_type=json

Requested by

Host: gubagootracking.com
URL: https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.225.134.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-134-186.compute-1.amazonaws.com

Software

Resource Hash

4f2831cc0da68d61caca4ddb350b8d4b5b176f480d138ad4c8dd976219a17fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Emulated-Get,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Api-Token,Authorization
x-xss-protection: 1; mode=block
access-control-request-headers: origin, content-type, accept, Api-Token

GET
H/1.1 200
OK fwABAVsFi_sefAAN Show response
rw.marchex.io/2/ 54 KB
13 KB 297ms
105ms Script
text/javascript 174.137.122.131
MARCHEX-EAST

General

Check archive.org

Show headers Download Go to

Full URL: https://rw.marchex.io/2/fwABAVsFi_sefAAN
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.137.122.131 , United States, ASN54668 (MARCHEX-EAST, US),
Reverse DNS
Software: /
Resource Hash: 7cde8955dd1cc410770b15985c2b9804d95ca739d6f4b7874d9698427e317c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Response-Time: 0ms
Date: Fri, 24 Jun 2022 02:10:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=3600,s-maxage=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 dt.gif
dt.admission.net/ 43 B
455 B 166ms
163ms Image
image/gif 13.57.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/dt.gif?sync=1&dtuid=1656036632565727396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.57.85.43 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-57-85-43.us-west-1.compute.amazonaws.com
Software: Display Tracker 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
x-autoscale-group: dt-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:33 GMT
server: Display Tracker 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

GET
H2

200

correlate
dt.cobaltgroup.com/cookiejar/1.0/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=313172&dpuuid=1656036632565727396&redir=https%3A%2F%2Fdt.cobaltgroup.com%2Fcookiejar%2F1.0%2Fcorrelate%3Fformat%3Dgif%26logonly%3D1%26uidindex%3Daam%26uid%3D$%7BDD_U...
https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=13431030720185795992166787692316254299

43 B
557 B

164ms
164ms

Image
image/gif

13.57.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=13431030720185795992166787692316254299
Protocol: H2
Server: 13.57.85.43 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-57-85-43.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:33 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v034-03d9ef5d9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EPYyOfHtRjY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dt.cobaltgroup.com/cookiejar/1.0/correlate?format=gif&logonly=1&uidindex=aam&uid=13431030720185795992166787692316254299
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 59ms
7ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=580120&nid=5494&put=1656036632565727396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2 200 sd
us-u.openx.net/w/1.0/ 43 B
275 B 60ms
22ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540213371&val=1656036632565727396
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

correlate
dt.admission.net/cookiejar/1.0/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cobalt_group_adp&google_hm=MTY1NjAzNjYzMjU2NTcyNzM5Ng
https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=

43 B
451 B

164ms
164ms

Image
image/gif

13.57.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
Protocol: H2
Server: 13.57.85.43 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-57-85-43.us-west-1.compute.amazonaws.com
Software: CJ Service 2.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
x-autoscale-group: x-prod-ca-asg
last-modified: Fri, 24 Jun 2022 02:10:33 GMT
server: CJ Service 2.0
p3p: CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Tue, 19 Apr 1994 04:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dt.admission.net/cookiejar/1.0/correlate?format=gif&uidindex=goo&uid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ 170 B
188 B 25ms
24ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admission&google_hm=MTY1NjAzNjYzMjU2NTcyNzM5Ng

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 StratosDealerEngine.min.js Show response
exos.azureedge.net/Scripts/V2/ 71 KB
17 KB 16ms
15ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://exos.azureedge.net/Scripts/V2/StratosDealerEngine.min.js?_=1656036632949
Requested by: Host: exos.azureedge.net
URL: https://exos.azureedge.net/Scripts/V2/jquery-3.2.1-permission-fix.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B29) / ASP.NET
Resource Hash: 716b7808bef24df83c18c185043e8789401f6f5aa8c6e1eb25f3b808059c1b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:32 GMT
content-encoding: gzip
etag: "032eeb847fd81:0+gzip"
last-modified: Tue, 14 Jun 2022 00:16:52 GMT
server: ECAcc (ama/8B29)
age: 15342
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 17827

GET
H2 200 instagram.php Show response
gubagoo.io/v3/ 0
54 B 106ms
106ms XHR
text/html 34.225.134.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gubagoo.io/v3/instagram.php?account_id=118852&data_type=json

Requested by

Host: gubagootracking.com
URL: https://gubagootracking.com/toolbars/toolbar_118852/loader_118852_1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.225.134.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-134-186.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Emulated-Get,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Api-Token,Authorization
x-xss-protection: 1; mode=block
access-control-request-headers: origin, content-type, accept, Api-Token

GET
H2 200 youtube.svg
cdn.gubagoo.io/v4/media/icons/ 844 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gubagoo.io/v4/media/icons/youtube.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41ca903c1473f86aba2e91b4d06f9a89a363e9f2e5a3efdfd0cc675a9aafc75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:19:43 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
age: 6651
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 844
last-modified: Tue, 08 Jun 2021 15:05:28 GMT
server: AmazonS3
etag: "aba497b75b8fef920d3d5c0b66e0c9fa"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: Hlz2WYCk1UOBraakI6pVvkWvh3R8SfFH
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: EJoC55CubWymlIEImu_y93lCMoRuGQ3Muyhrml3lr38vlMmukILIfQ==
expires: Wed, 08 Jun 2022 15:05:02 GMT

GET
H2 200 fb.svg
cdn.gubagoo.io/v4/media/icons/ 322 B
859 B 11ms
11ms Image
image/svg+xml 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gubagoo.io/v4/media/icons/fb.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c70e7ebd9c8d28034c7e5e52d736447c8882955922ea8974067661b37308bd55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:19:43 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
age: 6651
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 322
last-modified: Tue, 08 Jun 2021 15:05:28 GMT
server: AmazonS3
etag: "2d2538198ba61cb7b3f18b64555d4212"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: m1W5KyXohAonAqx1FDEIMDoeR7Ppju0X
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: yLT8HzUrFp-K-TrWeAYVr0Fw3VC_uIex9ZhV2qASXzPgzVvJCz_Y8g==
expires: Wed, 08 Jun 2022 15:05:02 GMT

GET
H2 200 instagram.svg
cdn.gubagoo.io/v4/media/icons/ 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gubagoo.io/v4/media/icons/instagram.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89b0d23f41a8bf618920bdf77b95de6139bbb808e5b528b4369385aaee92195d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:52:38 GMT
content-encoding: br
vary: Accept-Encoding
age: 109076
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 15:05:29 GMT
server: AmazonS3
etag: W/"10f9bf99d1349c44cc267f8b387b7efd"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: H_29w9FyXvXlRT4c0X5SplHgXkOpVK9T
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: JutOI8hxedJZQXVnpcYUb5N9GQxIMT_ocGF8boqIPpKQfZJKT8K_wA==
expires: Wed, 08 Jun 2022 15:05:02 GMT

GET
H2 200 contact.svg
cdn.gubagoo.io/v4/media/icons/ 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gubagoo.io/v4/media/icons/contact.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63f66e890c656dc5f3f039ab5dc54c24c5ceb1bde7a8c1a6cf6d8c6c5e9d8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:19:45 GMT
content-encoding: br
vary: Accept-Encoding
age: 6649
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 15:05:28 GMT
server: AmazonS3
etag: W/"a2a4257443061a6ad7db1c4f97294727"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: e..C15IdPxC45TxJHWWvW0PA00XGUu59
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-type: image/svg+xml
x-amz-cf-id: cPs0BV8vsxhxnuLFrBw0jRoNXr8aZKXvAJOfMMk8uYv_ci8IVv8ApA==
expires: Wed, 08 Jun 2022 15:05:02 GMT

GET
H2 200 fordDirect.b9dbcb99c55e13334397.js Show response
cdn.gubagoo.io/v4/ 1 KB
1 KB 16ms
16ms Script
application/x-javascript 2600:9000:224a:6400:12:e632:2080:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gubagoo.io/v4/fordDirect.b9dbcb99c55e13334397.js
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6400:12:e632:2080:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9808a32c39d567a100f8fba11f542b35c43e5a92fb7642cf77d521459fd6a390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:13:25 GMT
content-encoding: br
vary: Accept-Encoding
age: 43029
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 23 Jun 2022 13:45:13 GMT
server: AmazonS3
etag: W/"02e6c7f26a974712bc86b48cf5b93a3c"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, GET, HEAD
x-amz-version-id: fTENQnpP3qHLfwyAC_omsxuwReIMQ1WB
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/x-javascript
x-amz-cf-id: 4UVeiKFsUJm2m_DVCzjg5FPldR-DkixRPsSScHfPhw7RlvzAuKk49A==

GET
H2 204 /
gubagoo.io/c/118852/ 0
562 B 439ms
124ms Image
text/plain 34.225.134.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gubagoo.io/c/118852/?ver=3.0&__ggtruid=1656036631905.331a79a8-fa42-c04f-0dc9-0b9d90e66b74&&href=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&res=1600_1200&ta=chat_interactive&toolbar_id=1&page_title=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsbu&t=1656036633116&tas%5BFBP%5D=fb.1.1656036631240.1201365554&tas%5BGA%5D=GA1.1.1449576099.1656036632

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.225.134.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-134-186.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=600, report-uri="https://gubagoo.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Emulated-Get,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Api-Token,Authorization
x-xss-protection: 1; mode=block
access-control-request-headers: origin, content-type, accept, Api-Token

OPTIONS
H/1.1 200
OK t3WebsiteCookie
creativesham.table.core.windows.net/ Frame 0
0 541ms
91ms Preflight 52.240.48.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://creativesham.table.core.windows.net/t3WebsiteCookie?sv=2019-10-10&ss=qt&srt=sco&sp=rwlacup&se=2040-06-08T23:54:28Z&st=2020-06-08T15:54:28Z&spr=https&sig=Qtp%2BAKMZtQi3cnVHjTYg7TW%2Ba11Nj8CWxbd%2F64M5qjE%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.240.48.26 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
Access-Control-Max-Age: 0
Content-Length: 0
Date: Fri, 24 Jun 2022 02:10:33 GMT
Server: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b28eaa53-3002-00d0-206f-871d8f000000
x-ms-version: 2015-02-21

OPTIONS
H/1.1 200
OK CampaignHttpTrigger
mtafunctionapp.azurewebsites.net/api/ Frame 0
0 466ms
97ms Preflight 20.49.97.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtafunctionapp.azurewebsites.net/api/CampaignHttpTrigger?code=AWtoyXmHGE3h1GDXNWkBCZ4E3MsEpZ2i0eBTeRLH1tDyu2OxCKQJWA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.97.1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,content-type,x-requested-with
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Fri, 24 Jun 2022 02:10:33 GMT

OPTIONS
H/1.1 200
OK t3WebsiteCookieUserActivity
creativesham.table.core.windows.net/ Frame 0
0 549ms
91ms Preflight 52.240.48.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://creativesham.table.core.windows.net/t3WebsiteCookieUserActivity?sv=2019-10-10&ss=qt&srt=sco&sp=rwlacup&se=2040-06-08T23:54:28Z&st=2020-06-08T15:54:28Z&spr=https&sig=Qtp%2BAKMZtQi3cnVHjTYg7TW%2Ba11Nj8CWxbd%2F64M5qjE%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.240.48.26 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
Access-Control-Max-Age: 0
Content-Length: 0
Date: Fri, 24 Jun 2022 02:10:33 GMT
Server: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a1fe399b-e002-00f0-746f-877143000000
x-ms-version: 2015-02-21

OPTIONS
H/1.1 200
OK WebsiteActivityHttpTrigger
mtafunctionapp.azurewebsites.net/api/ Frame 0
0 466ms
98ms Preflight 20.49.97.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtafunctionapp.azurewebsites.net/api/WebsiteActivityHttpTrigger?code=4FZV5CKxQpwrZukCnKWW5g54bKe8spWYCoazUbKZFShg7E9tFTjvxA==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.97.1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,content-type
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Fri, 24 Jun 2022 02:10:33 GMT

OPTIONS
H/1.1 200
OK messages
creativesham.queue.core.windows.net/mtaqueue/ Frame 0
0 591ms
91ms Preflight 52.240.48.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://creativesham.queue.core.windows.net/mtaqueue/messages?sv=2019-02-02&ss=q&srt=sco&sp=rwlacup&se=2040-04-21T22:28:32Z&st=2020-04-21T14:28:32Z&spr=https&sig=%2B%2BusHggb6P1VT%2F5E7oCQtjEzppplcyBpcY%2FqOJd9gis%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.240.48.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Queue/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.shultsfordsouth.com
Access-Control-Max-Age: 600
Content-Length: 0
Date: Fri, 24 Jun 2022 02:10:32 GMT
Server: Windows-Azure-Queue/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fb191a85-1003-0029-336f-87d76f000000
x-ms-version: 2015-02-21

POST
H/1.1 201
Created t3WebsiteCookie Show response
creativesham.table.core.windows.net/ 2 KB
3 KB 120ms
120ms XHR
text/plain 52.240.48.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creativesham.table.core.windows.net/t3WebsiteCookie?sv=2019-10-10&ss=qt&srt=sco&sp=rwlacup&se=2040-06-08T23:54:28Z&st=2020-06-08T15:54:28Z&spr=https&sig=Qtp%2BAKMZtQi3cnVHjTYg7TW%2Ba11Nj8CWxbd%2F64M5qjE%3D

Requested by

Host: creativesham.blob.core.windows.net
URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.240.48.26 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

942fd9e3e334b0c031210e540a1de0d4125ebdfe3a61f30a4967f7b4bf5aa4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 24 Jun 2022 02:10:33 GMT
X-Content-Type-Options: nosniff
Server: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0
Location: https://creativesham.table.core.windows.net/t3WebsiteCookie(PartitionKey='t3Website',RowKey='SH-088c3fdf-d97b-b0aa-2bd6-e70582ec8f78')
ETag: W/"datetime'2022-06-24T02%3A10%3A33.7160951Z'"
Transfer-Encoding: chunked
Content-Type: application/atom+xml;type=entry;charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: b28eaa68-3002-00d0-346f-871d8f000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,X-Content-Type-Options,Cache-Control,Location,ETag,Content-Type,Content-Length,Date,Transfer-Encoding
Cache-Control: no-cache
x-ms-version: 2019-10-10

POST
H/1.1 204
No Content CampaignHttpTrigger Show response
mtafunctionapp.azurewebsites.net/api/ 0
164 B 129ms
128ms XHR
text/plain 20.49.97.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtafunctionapp.azurewebsites.net/api/CampaignHttpTrigger?code=AWtoyXmHGE3h1GDXNWkBCZ4E3MsEpZ2i0eBTeRLH1tDyu2OxCKQJWA==
Requested by: Host: creativesham.blob.core.windows.net
URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.97.1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.shultsfordsouth.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Jun 2022 02:10:32 GMT
Request-Context: appId=cid-v1:c53dd883-7f22-47f8-839f-478db7c300e0

POST
H/1.1 201
Created t3WebsiteCookieUserActivity Show response
creativesham.table.core.windows.net/ 2 KB
2 KB 154ms
154ms XHR
text/plain 52.240.48.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://creativesham.table.core.windows.net/t3WebsiteCookieUserActivity?sv=2019-10-10&ss=qt&srt=sco&sp=rwlacup&se=2040-06-08T23:54:28Z&st=2020-06-08T15:54:28Z&spr=https&sig=Qtp%2BAKMZtQi3cnVHjTYg7TW%2Ba11Nj8CWxbd%2F64M5qjE%3D

Requested by

Host: creativesham.blob.core.windows.net
URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.240.48.26 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

cb53007010874b9ce94082a4128fb859cd316d45c5761ef0396b605b5d0edfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shultsfordsouth.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 24 Jun 2022 02:10:33 GMT
X-Content-Type-Options: nosniff
Server: Windows-Azure-Table/1.0 Microsoft-HTTPAPI/2.0
Location: https://creativesham.table.core.windows.net/t3WebsiteCookieUserActivity(PartitionKey='SH-088c3fdf-d97b-b0aa-2bd6-e70582ec8f78',RowKey='2022-06-24T02%3A10%3A33.126Z')
ETag: W/"datetime'2022-06-24T02%3A10%3A33.7238035Z'"
Transfer-Encoding: chunked
Content-Type: application/atom+xml;type=entry;charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: a1fe39b2-e002-00f0-056f-877143000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,X-Content-Type-Options,Cache-Control,Location,ETag,Content-Type,Content-Length,Date,Transfer-Encoding
Cache-Control: no-cache
x-ms-version: 2019-10-10

POST
H/1.1 204
No Content WebsiteActivityHttpTrigger Show response
mtafunctionapp.azurewebsites.net/api/ 0
164 B 137ms
137ms XHR
text/plain 20.49.97.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mtafunctionapp.azurewebsites.net/api/WebsiteActivityHttpTrigger?code=4FZV5CKxQpwrZukCnKWW5g54bKe8spWYCoazUbKZFShg7E9tFTjvxA==
Requested by: Host: creativesham.blob.core.windows.net
URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.49.97.1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Jun 2022 02:10:33 GMT
Request-Context: appId=cid-v1:c53dd883-7f22-47f8-839f-478db7c300e0

POST
H/1.1 201
Created messages Show response
creativesham.queue.core.windows.net/mtaqueue/ 407 B
826 B 98ms
98ms XHR
application/xml 52.240.48.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://creativesham.queue.core.windows.net/mtaqueue/messages?sv=2019-02-02&ss=q&srt=sco&sp=rwlacup&se=2040-04-21T22:28:32Z&st=2020-04-21T14:28:32Z&spr=https&sig=%2B%2BusHggb6P1VT%2F5E7oCQtjEzppplcyBpcY%2FqOJd9gis%3D
Requested by: Host: creativesham.blob.core.windows.net
URL: https://creativesham.blob.core.windows.net/t3websitecookie-sc/t3WebsiteCookie.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.240.48.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Queue/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 060882b6a6592e961a6df5bb48a44a480d088b4a41fbdd216eb649d7374fd475

Request headers

Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/xml

Response headers

Date: Fri, 24 Jun 2022 02:10:32 GMT
Server: Windows-Azure-Queue/1.0 Microsoft-HTTPAPI/2.0
Transfer-Encoding: chunked
Content-Type: application/xml
Access-Control-Allow-Origin: *
x-ms-request-id: fb191a8c-1003-0029-3a6f-87d76f000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2019-02-02

GET
H2 200 oct.js Show response
static.ads-twitter.com/ Frame 8976 55 KB
15 KB 172ms
11ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: 690327.fls.doubleclick.net
URL: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:36 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kcgs7200136-IAD, cache-muc13960-MUC

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 8976 70 B
261 B 109ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=r7ubw3p&ct=0:chg212y&fmt=3&v=0&td1=ft3_fdvisits&td2=na&td3=dc%3Acdk%3Aus;&td5=dc%3Afinance%3Acredit%20app&td6=na&td4=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;&orderid=2701501
Requested by: Host: 690327.fls.doubleclick.net
URL: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK 2519
pixel.everesttech.net/px2/ Frame 8976 128 B
695 B 157ms
30ms Image
image/png 108.128.215.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/px2/2519?px_evt=t&ev_ford_fdvisits_un_ft3=1&ev_transid=1
Requested by: Host: 690327.fls.doubleclick.net
URL: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.215.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 02:10:33 GMT
Cache-Control: no-cache, no-cache
Server: Apache
Connection: keep-alive
Content-Type: image/png
Content-Length: 128
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ Frame 8976 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270149406666413&ev=AddPaymentInfo&dl=https://www.buyfordnow.com&dpo=LDU&dpoco=0&dpost=0&cd[nameplate]=na&cd[Adobe_s_vi]=na&cd[Adobe_visitor_id]=na&cd[tbd4]=&cd[pp]=0&cd[sweeps]=na&cd[tbd7]=&cd[tbd8]=na&cd[my_nameplate]=na&cd[tbd10]=na&cd[tbd11]=na&cd[cksid]=na&cd[tbd13]=na&cd[fdafcode]=44D&cd[language_rad]=ui%3Arad%3Apc&cd[tbd16]=&cd[tbd17]=dc%3Acdk%3Aus&cd[tbd18]=na&cd[page]=dc%3Afinance%3Acredit%20app&cd[url]=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit&cd[cat]=ft3&cd[type]=fdvisits

Requested by

Host: 690327.fls.doubleclick.net
URL: https://690327.fls.doubleclick.net/activityi;dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=2115498116.1656036632;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 02:10:33 GMT

GET
H2 200 dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=*;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus...
adservice.google.com/ddm/fls/z/ Frame 8976 42 B
494 B 66ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOz-ZmBxfgCFTVIHQkdSkgLfA;src=690327;type=fdvisits;cat=ft3;ord=1;num=1183992407074;gtm=2od6m0;gcs=G111;auiddc=*;u1=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u2=na;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;u3=na;u5=;u6=na;u7=;u8=na;u9=na;~oref=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 72E5 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.shultsfordsouth.com
Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.shultsfordsouth.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 MetaData_9f3059d2-d2df-4399-afaa-2e26425a77e5.min.js Show response
exos.azureedge.net/MetaData/V2/ 17 KB
17 KB 382ms
381ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://exos.azureedge.net/MetaData/V2/MetaData_9f3059d2-d2df-4399-afaa-2e26425a77e5.min.js?_=1656036632950
Requested by: Host: exos.azureedge.net
URL: https://exos.azureedge.net/Scripts/V2/jquery-3.2.1-permission-fix.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 76ac86b1ca005f11bc783424dbfd3a12c143429c2fe9240a45ffae13560dc0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:26 GMT
last-modified: Tue, 23 Nov 2021 16:19:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "795abea85e0d71:0"
content-type: application/javascript
accept-ranges: bytes
content-length: 17572

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BAE9 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.shultsfordsouth.com
Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.shultsfordsouth.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 adsct
t.co/i/ Frame 8976 43 B
338 B 139ms
119ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=a614f6e2-a469-40e3-b6f8-42f659911af3&p_id=Twitter&p_user_id=0&pl_id=a400852b-5ad7-4f53-b698-3f33464839ef&tw_document_href=https%3A%2F%2F690327.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIOz-ZmBxfgCFTVIHQkdSkgLfA%3Bsrc%3D690327%3Btype%3Dfdvisits%3Bcat%3Dft3%3Bord%3D1%3Bnum%3D1183992407074%3Bgtm%3D2od6m0%3Bgcs%3DG111%3Bauiddc%3D2115498116.1656036632%3Bu1%3Dna%3Bu10%3Dna%3Bu11%3Dna%3Bu12%3Dna%3Bu13%3Dna%3Bu14%3D44D%3Bu15%3Dui%253Arad%253Apc%3Bu17%3Ddc%253Acdk%253Aus%3Bu18%3Dna%3Bu19%3Ddc%253Afinance%253Acredit%2520app%3Bu2%3Dna%3Bu20%3Dhttps%25253A%25252F%25252Fwww.shultsfordsouth.com%25252FApplyForCredit%3Bu3%3Dna%3Bu5%3D%3Bu6%3Dna%3Bu7%3D%3Bu8%3Dna%3Bu9%3Dna%3B~oref%3Dhttps%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit%3F&tw_document_referrer=https%3A%2F%2Fwww.shultsfordsouth.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o90wj&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Fri, 24 Jun 2022 02:10:32 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e3a7da3c5a8f0690fc15d33428dc222952b55304d6e9cdb37dd72a8f5428f2d6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 8976 43 B
355 B 143ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=a614f6e2-a469-40e3-b6f8-42f659911af3&p_id=Twitter&p_user_id=0&pl_id=a400852b-5ad7-4f53-b698-3f33464839ef&tw_document_href=https%3A%2F%2F690327.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIOz-ZmBxfgCFTVIHQkdSkgLfA%3Bsrc%3D690327%3Btype%3Dfdvisits%3Bcat%3Dft3%3Bord%3D1%3Bnum%3D1183992407074%3Bgtm%3D2od6m0%3Bgcs%3DG111%3Bauiddc%3D2115498116.1656036632%3Bu1%3Dna%3Bu10%3Dna%3Bu11%3Dna%3Bu12%3Dna%3Bu13%3Dna%3Bu14%3D44D%3Bu15%3Dui%253Arad%253Apc%3Bu17%3Ddc%253Acdk%253Aus%3Bu18%3Dna%3Bu19%3Ddc%253Afinance%253Acredit%2520app%3Bu2%3Dna%3Bu20%3Dhttps%25253A%25252F%25252Fwww.shultsfordsouth.com%25252FApplyForCredit%3Bu3%3Dna%3Bu5%3D%3Bu6%3Dna%3Bu7%3D%3Bu8%3Dna%3Bu9%3Dna%3B~oref%3Dhttps%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit%3F&tw_document_referrer=https%3A%2F%2Fwww.shultsfordsouth.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o90wj&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690327.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 24 Jun 2022 02:10:32 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: eb0a8a528e79c56511c9f2e5fa918985e13bddd492aca848b507771cfc0fae4e
content-length: 43

GET
H3

200

activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Ac... Show response
690333.fls.doubleclick.net/ Frame BD7F
Redirect Chain

https://690333.fls.doubleclick.net/activityi;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3A...
https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44...

616 B
468 B

22ms
22ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

c9e4d5523deb4a3d8c47da92ba6eb439ee2958979d30351b591ba123b086a863

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://690327.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
expires: Fri, 24 Jun 2022 02:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.html Show response
snc.marchex.io/ Frame 55EA 150 B
412 B 117ms
107ms Document
text/html 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snc.marchex.io/sync.html?ruleSetId=fwABAVsFi_sefAAN
Requested by: Host: rw.marchex.io
URL: https://rw.marchex.io/2/fwABAVsFi_sefAAN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 25f5e78664ffc9a8c7c4b87c22e7c41f9a3aa85c76c0ee8bc304e1b7d9a0f330

Request headers

Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 130
content-type: text/html
date: Fri, 24 Jun 2022 02:10:33 GMT
etag: "96-5c610ae4c5792-gzip"
last-modified: Thu, 01 Jul 2021 14:30:29 GMT
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
server: Apache
vary: Accept-Encoding

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 98ms
98ms Image
image/gif 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 04682 Show response
www.fdcampaignstudio.com/api/udldelta/dealers/fbpixel/ 926 B
1 KB 150ms
149ms Fetch
application/json 52.162.204.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fdcampaignstudio.com/api/udldelta/dealers/fbpixel/04682
Requested by: Host: www.shultsfordsouth.com
URL: https://www.shultsfordsouth.com/ApplyForCredit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.204.184 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) / Express
Resource Hash: 54a537f6f66441dc68a25558e658756b7c3e7e33b94986a93f4d2e280ab1b68c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.shultsfordsouth.com/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJEZWx0YUNvbnN1bWVyIjp7Il9pZCI6IjVjNDFmOWM3YWU1NTNhYjVhNmM1ZWIxYSIsImVtYWlsIjoiQmlub3kuS2FsYXRoaXBhcmFtYmlsQGl0Y2luZm90ZWNoLmNvbSIsInJvbGUiOiJ1c2VyIiwiYWRkZWRvbiI6IjIwMTktMDEtMThUMTY6MDc6MzUuMDAwWiIsImFkZGVkYnkiOiJyZGl4aXQzIiwidXBkYXRlZG9uIjoiMjAxOS0wMS0xOFQxNjowNzozNS4wMDBaIiwidXBkYXRlZGJ5IjoiIiwiYWN0aXZlIjp0cnVlLCJfX3YiOjB9LCJpYXQiOjE1NDc4Mjc2NTV9.xQoGTRKqy0XEImWboRiODSKTircL2GDud5dmMsnSDU8
content-type: application/json

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
etag: W/"39e-2DfDg2MUKVvGOthHEwq75JbNjEo"
server: Apache/2.4.29 (Ubuntu)
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 926

OPTIONS
H2 200 04682
www.fdcampaignstudio.com/api/udldelta/dealers/fbpixel/ Frame 0
0 415ms
119ms Preflight
text/html 52.162.204.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fdcampaignstudio.com/api/udldelta/dealers/fbpixel/04682
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.204.184 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.shultsfordsouth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: PUT, POST, PATCH, DELETE, GET
access-control-allow-origin: *
allow: GET,HEAD
content-length: 8
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 02:10:33 GMT
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
server: Apache/2.4.29 (Ubuntu)
x-powered-by: Express

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=*&eid=25&u=CAAAAAIAAAAgAE&tc=1&epr=1UA.1DC&cl=g.203.8,dc.40.1,dc.50.2&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u1...
adservice.google.com/ddm/fls/z/ Frame BD7F 42 B
63 B 70ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501

Requested by

Host: 690333.fls.doubleclick.net
URL: https://690333.fls.doubleclick.net/activityi;dc_pre=CPS1jpqBxfgCFRavGwoda3ACgQ;src=690333;type=fdvisits;cat=ft3;u1=u1=na;u2=na;u3=na;u4=;u5=;u6=na;u7=;u8=na;u9=na;u10=na;u11=na;u12=na;u13=na;u14=44D;u15=ui%3Arad%3Apc;u16=;u17=dc%3Acdk%3Aus;u18=na;u19=dc%3Afinance%3Acredit%20app;u20=https%253A%252F%252Fwww.shultsfordsouth.com%252FApplyForCredit;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;;ord=1;num=2701501?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://690333.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 951A 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.shultsfordsouth.com
Referer: https://www.shultsfordsouth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.shultsfordsouth.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 02:10:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sync.js Show response
snc.marchex.io/ Frame 55EA 12 KB
12 KB 101ms
98ms Script
text/javascript 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snc.marchex.io/sync.js
Requested by: Host: snc.marchex.io
URL: https://snc.marchex.io/sync.html?ruleSetId=fwABAVsFi_sefAAN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 52d64052b6cd1452faa90da5a63b61ac876bc0dc31a4e9caae8976a3f478fcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snc.marchex.io/sync.html?ruleSetId=fwABAVsFi_sefAAN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Thu, 01 Jul 2021 14:30:29 GMT
server: Apache
etag: "2ecd-5c610ae4c6732"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: text/javascript
content-length: 11981

GET
H2 200 HandleSignal.ashx
aalnk.com/ 43 B
301 B 109ms
108ms Image
image/gif 35.173.71.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aalnk.com/HandleSignal.ashx?s_type=trackPageview&s_wsID=&mf_uuid=577537ef-f849-473d-9b49-0efc7de700e3&s_pg=https%3A//www.shultsfordsouth.com/ApplyForCredit&s_ref=&s_pt=Shults%20Ford%20South%20is%20a%20Pittsburgh%20Ford%20dealer%20and%20a%20new%20car%20and%20used%20car%20Pittsburgh%20PA%20Ford%20dealership.&smc=.1656036633523.4830&mmc=f22b59b2-1066-464d-8d73-df584c6fc7b3&s_gaUmtc=&s_gaUmtz=&s_gUser=undefined&s_gpUser=undefined&s_tUser=undefined&s_fUser=undefined&cachebuster=1656036634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.71.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-71-4.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 902d323be237aab49171c7c57c503d3aab2368736d357d39291cfed319fffce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: private
content-length: 43

GET
H3

451

456519.gif
idsync.rlcdn.com/
Redirect Chain

https://aalnk.com/pfzurl.ashx?webkey=&id=f22b59b2-1066-464d-8d73-df584c6fc7b3&mf_uuid=577537ef-f849-473d-9b49-0efc7de700e3&rdts=1656036634
https://idsync.rlcdn.com/456519.gif?partner_uid=f4e14fd6-c188-4a7b-8e6e-9cc669397a1a

0
9 B

30ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/456519.gif?partner_uid=f4e14fd6-c188-4a7b-8e6e-9cc669397a1a
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 24 Jun 2022 02:10:33 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
location: https://idsync.rlcdn.com/456519.gif?partner_uid=f4e14fd6-c188-4a7b-8e6e-9cc669397a1a
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 201

GET
H/1.1 200
OK %7B%224%22%3A%224122065136%22%2C%226%22%3A%224122035718%22%2C%228%22%3A%224122038802%22%7D Show response
rw.marchex.io/phone/fwABAVsFi_sefAAN/ 0
234 B 102ms
102ms Script
text/javascript 174.137.122.131
MARCHEX-EAST

General

Check archive.org

Show headers Download Go to

Full URL: https://rw.marchex.io/phone/fwABAVsFi_sefAAN/%7B%224%22%3A%224122065136%22%2C%226%22%3A%224122035718%22%2C%228%22%3A%224122038802%22%7D?url=https%3A%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit&arg=campaignId%3D%26keywordId%3D%26siteId%3D%26placementId%3D%26creativeId%3D%26adId%3D%26adobeId%3D13676539679161643792182190576309257679%26paCode%3D04682%26brand%3Dford%26cookieguid%3Dcookeguid_undefined%26fps_id%3D62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a%26mchx_cookie%3Dfalse
Requested by: Host: rw.marchex.io
URL: https://rw.marchex.io/2/fwABAVsFi_sefAAN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.137.122.131 , United States, ASN54668 (MARCHEX-EAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Response-Time: 0ms
Date: Fri, 24 Jun 2022 02:10:33 GMT
Cache-Control: no-store,no-cache,max-age=0
Connection: keep-alive
Content-Length: 0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
H2 200 pixel.gif
px.marchex.io/ 43 B
285 B 143ms
142ms Image
image/gif 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/pixel.gif?p=SYTvJN,GoSvJN,wzZvJN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac86f97"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
H2 200 map.json Show response
snc.marchex.io/snc/fwABAVsFi_sefAAN/ Frame 55EA 124 B
355 B 98ms
98ms XHR
application/json 3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snc.marchex.io/snc/fwABAVsFi_sefAAN/map.json
Requested by: Host: snc.marchex.io
URL: https://snc.marchex.io/sync.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d787751900b095fb05c5e9680aaecfbcf455b6834cedeb40c1ac16cdeac1e836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snc.marchex.io/sync.html?ruleSetId=fwABAVsFi_sefAAN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Thu, 01 Jul 2021 14:30:42 GMT
server: Apache
content-type: application/json
etag: "7c-5c610af15a2a5"
content-length: 124
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"

GET
H2 200 ajax-loader.gif
exos.azureedge.net/Content/images/ 104 KB
104 KB 15ms
15ms Image
image/gif 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exos.azureedge.net/Content/images/ajax-loader.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B2D) / ASP.NET
Resource Hash: fd17341b646d26459fa7e9477c674880dc40a8cad06ca6f4978d8516535236a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
etag: "0ab5a8847fd81:0"
last-modified: Tue, 14 Jun 2022 00:16:46 GMT
server: ECAcc (ama/8B2D)
age: 13854
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 106483

GET
H2

200

msid.gif
px.marchex.io/ Frame 55EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marchex_dmp&google_cm
https://px.marchex.io/msid.gif?google_gid=CAESENCuscHdKdwosEwH_mfe-zk&google_cver=1

43 B
285 B

98ms
98ms

Image
image/gif

3.213.19.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.marchex.io/msid.gif?google_gid=CAESENCuscHdKdwosEwH_mfe-zk&google_cver=1
Protocol: H2
Server: 3.213.19.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-19-182.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snc.marchex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
last-modified: Thu, 01 Jul 2021 14:25:02 GMT
server: Apache
etag: "2b-5c6109ac87f37"
p3p: policyref="px.marchex.io/w3c/p3p.xml", CP="NOI DSP COR CUR ADM DEV PSA PSD TAI IVA IVD HIS OUR UNI IND COM"
accept-ranges: bytes
content-type: image/gif
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://px.marchex.io/msid.gif?google_gid=CAESENCuscHdKdwosEwH_mfe-zk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-undefined&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45062039-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf450887b0645d334ba1fb77ed67efe0057de3e63e5421681683229d1be0478e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:10:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39495
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 02:10:33 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&e=*&eid=25&u=CAAAAAIAAAAgAE&tc=1&epr=2DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 20ms
20ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&e=gtag.config&eid=27&u=CAAAAAIAAAAgAE&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 37ms
37ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&es=1&u=CAAAAAIAAAAgAE&tc=1&cl=dc.32.2&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-45062039-5&cv=1&v=3&t=t&pid=651709969&rv=6m0&e=gtag.config&eid=27&u=CAAAAAIAAAAgAE&tc=1&epr=1DC.3DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shultsfordsouth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 02:10:34 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.ixiaa.com
URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=ford-shults-south

Verdicts & Comments Add Verdict or Comment

315 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
westmifflincredit.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 896776E4181E61F8E3406F4AFA9A44E9
www.westmifflincredit.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4E8BA36F52A5C7F47F4D1BBBB0B80727
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: check Value: true
.demdex.net/	1970-01-20 08:19:48	Name: demdex Value: 13431030720185795992166787692316254299
www.shultsfordsouth.com/	1969-12-31 23:59:59	Name: x-hydra-version Value: UNSPECIFIED
www.shultsfordsouth.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: B8C547FA7B0F62BA1EEA7327C60AE488
www.shultsfordsouth.com/	1970-01-20 21:31:48	Name: visitorId Value: B8C547FA7B0F62BA1EEA7327C60AE488
www.shultsfordsouth.com/	1970-01-20 04:00:38	Name: sId Value: B8C547FA7B0F62BA1EEA7327C60AE488
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: AMCVS_EFD95E09512D2A8E0A490D4D%40AdobeOrg Value: 1
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: gt_uid Value: 62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a
.ford.tt.omtrdc.net/	1970-01-20 04:00:38	Name: ford!mboxSession Value: aa296c0072fa40ed9399de35c5bd64ce
.ford.tt.omtrdc.net/	1970-01-20 21:34:41	Name: ford!mboxPC Value: aa296c0072fa40ed9399de35c5bd64ce.37_0
.shultsfordsouth.com/	1970-01-20 21:34:41	Name: mbox Value: session#aa296c0072fa40ed9399de35c5bd64ce#1656038491\|PC#aa296c0072fa40ed9399de35c5bd64ce.37_0#1719281431
.ford.com/	1970-01-20 06:10:12	Name: gt_uid Value: 62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a
.doubleclick.net/	1970-01-20 13:22:12	Name: IDE Value: AHWqTUmK0G8nScWtannCpzlS0md4_a0bEIRWRtSiuxYb-fRzhV7DrufeGOq9lx4PhZA
.shultsfordsouth.com/	1970-01-20 21:33:15	Name: AMCV_EFD95E09512D2A8E0A490D4D%40AdobeOrg Value: -432600572%7CMCIDTS%7C19168%7CMCMID%7C13676539679161643792182190576309257679%7CMCAAMLH-1656641430%7C6%7CMCAAMB-1656641430%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1656043831s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.5.2
.shultsfordsouth.com/	1970-01-20 06:10:12	Name: _fbp Value: fb.1.1656036631240.1201365554
.facebook.com/	1970-01-20 06:10:12	Name: fr Value: 0UvXf9NhrTlZfc8B2..BitR0X...1.0.BitR0X.
tag.digops.sincro.io/	1970-01-20 04:10:41	Name: AWSALBCORS Value: u1awexsmtEi1DvYAX7AN4r72zityV2NtPdNKf8cHmlJdKtIY4GOCkQJhgmigEPH7Ac58OInfky9bkQ7jb0nd2SphkHXbDQ1Gru+n5isvNyFrtaakG97kEChAG1Q/
.dpm.demdex.net/	1970-01-20 08:19:48	Name: dpm Value: 13431030720185795992166787692316254299
.demdex.net/	1970-01-20 08:19:48	Name: dextp Value: 771-1-1656036631135\|30862-1-1656036631245\|134096-1-1656036631345\|139200-1-1656036631466
.shultsfordsouth.com/	1970-01-20 21:31:48	Name: __ggtruid Value: 1656036631905.331a79a8-fa42-c04f-0dc9-0b9d90e66b74
.shultsfordsouth.com/	1970-01-20 04:00:38	Name: __ggtrses Value: 1
.amazon-adsystem.com/	1970-01-20 08:35:39	Name: ad-id Value: A9gNLoKEg0GdvqMZWHwXMt0
.amazon-adsystem.com/	1970-01-22 00:00:07	Name: ad-privacy Value: 0
.shultsfordsouth.com/	1970-01-20 06:10:12	Name: _gcl_au Value: 1.1.2115498116.1656036632
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: s_p_s_prop8 Value: typed-bookmarked
.shultsfordsouth.com/	1970-01-20 04:00:38	Name: v_starting Value: nfp
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: fv_v54 Value: v54\|ui:rad:pc
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: fv_v1_v10 Value: v1\|04682,v3\|44D,v8\|typed-bookmarked
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: fv_v31_v40 Value: v40\|D=v8
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: fv_entpg Value: entpg\|dc:finance:credit app
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.bing.com/	1970-01-20 13:22:12	Name: MUID Value: 1AB37D74E59068AB00446CB9E44269A2
.shultsfordsouth.com/	1970-01-20 04:02:03	Name: _gid Value: GA1.2.1674039227.1656036632
.shultsfordsouth.com/	1970-01-20 04:00:36	Name: _gat_csi_bi_tracker Value: 1
.shultsfordsouth.com/	1970-01-20 04:00:36	Name: _gat_UA-111031593-1 Value: 1
.shultsfordsouth.com/	1970-01-20 04:00:36	Name: _gat_gtag_UA_45062039_5 Value: 1
.shultsfordsouth.com/	1970-01-20 04:02:03	Name: _uetsid Value: d3a4a850f36211ec819bafcf6e1ca89b
.shultsfordsouth.com/	1970-01-20 13:22:12	Name: _uetvid Value: d3a4cdb0f36211ecb3d127a179414e8d
.shultsfordsouth.com/	1970-01-20 21:31:48	Name: _ga_QWNJS2B4B8 Value: GS1.1.1656036632.1.0.1656036632.60
.shultsfordsouth.com/	1970-01-20 21:31:48	Name: _ga Value: GA1.1.1449576099.1656036632
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.shultsfordsouth.com/	1970-01-20 12:46:12	Name: _ce.s Value: v~abe38a68842d699e677d9c6c6e39098a8993aa91~vpv~0
.cobaltgroup.com/	1970-01-20 21:31:48	Name: dtuid Value: 1656036632565727396
.cobaltgroup.com/	1970-01-20 21:31:48	Name: click_tracker Value: 1656036632565727396
.cobaltgroup.com/	1970-01-20 04:43:48	Name: usrmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: neustarmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: marchex Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: acxmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: eqxmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: rubmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: opxmpr2 Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: goompr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: adxmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:43:48	Name: expmpr Value: 1
.cobaltgroup.com/	1970-01-20 04:02:03	Name: admset Value: 1
.turn.com/	1970-01-20 08:19:48	Name: uid Value: 4449816744413500896
www.shultsfordsouth.com/	1970-01-20 12:46:12	Name: mf_uuid Value: 577537ef-f849-473d-9b49-0efc7de700e3
aalnk.com/	1970-01-20 12:46:12	Name: uuid Value: f4e14fd6-c188-4a7b-8e6e-9cc669397a1a
.agkn.com/	1970-01-20 12:46:12	Name: ab Value: 0001%3AD6Ck8dz2Yn%2BpfEzVE0gFnWbo3vlwZd8e
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aavdpnew Value: VehicleDetails/new-
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aavdpused Value: VehicleDetails/certified-
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aass Value: cmV0dXJuIE1vdG9GdXplLlNpZ25hbHMuZ2V0RWxlbWVudFZhbHVlKGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoInN1YkluZm8iKVswXS5jaGlsZE5vZGVzWzNdKS5yZXBsYWNlKCJTVE9DSzoiLCAiIikudHJpbSgp
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aavs Value: cmV0dXJuIE1vdG9GdXplLlNpZ25hbHMuZ2V0RWxlbWVudFZhbHVlKGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoInN1YkluZm8iKVswXS5jaGlsZE5vZGVzWzFdKS5yZXBsYWNlKCJWSU46IiwgIiIpLnRyaW0oKQ==
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aasrpnew Value: vehiclesearchresults
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aasrpused Value: vehiclesearchresults
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aasrpss Value: cmV0dXJuIE1vdG9GdXplLlNpZ25hbHMuZmluZEJ5RWxlbWVudEF0dHJpYnV0ZVZhbHVlKGNvbGxlY3Rpb25JdGVtLCAiaXRlbXByb3AiLCAic2t1Iik=
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aasrpvs Value: cmV0dXJuIE1vdG9GdXplLlNpZ25hbHMuZmluZEJ5RWxlbWVudEF0dHJpYnV0ZVZhbHVlKGNvbGxlY3Rpb25JdGVtLCAiaXRlbXByb3AiLCAidmVoaWNsZUlkZW50aWZpY2F0aW9uTnVtYmVyIik=
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: aasrpvc Value: vehicle-listing
.shultsfordsouth.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
m.stripe.com/	1970-01-20 21:31:48	Name: m Value: 2f35e37d-ae03-454a-9a03-e3bd0d20e60e94e904
.www.shultsfordsouth.com/	1970-01-20 12:46:12	Name: __stripe_mid Value: 7797c802-c233-491c-8d3f-a683a2277cb2c89de5
.www.shultsfordsouth.com/	1970-01-20 04:00:38	Name: __stripe_sid Value: acc1fee6-8dd2-4cc2-9501-5603fff5bdc8584219
.marchex.io/	1970-01-20 12:46:12	Name: uid Value: 927b90d1.5e228133e9d90
www.shultsfordsouth.com/	1970-01-21 06:17:24	Name: t3website Value: %3Ccampaigndetail%3E%3Cpacode%3E04682%3C%2Fpacode%3E%3Ccookieguid%3ESH-088c3fdf-d97b-b0aa-2bd6-e70582ec8f78%3C%2Fcookieguid%3E%3Cfdguid%3E%3C%2Ffdguid%3E%3Cmcmid%3E%3C%2Fmcmid%3E%3Ccampaignid%3E%3C%2Fcampaignid%3E%3Cchannel%3E%3C%2Fchannel%3E%3Csiteid%3E%3C%2Fsiteid%3E%3Cplacementid%3E%3C%2Fplacementid%3E%3Ccreativeid%3E%3C%2Fcreativeid%3E%3Cadid%3E%3C%2Fadid%3E%3Ckeywordid%3E%3C%2Fkeywordid%3E%3Cemailid%3E%3C%2Femailid%3E%3Cgclid%3E%3C%2Fgclid%3E%3Cdstargetid%3E%3C%2Fdstargetid%3E%3Cs_vi%3Eundefined%3C%2Fs_vi%3E%3Cadobeid%3E13676539679161643792182190576309257679%3C%2Fadobeid%3E%3Cfps_id%3E62e7d9a6-3a8b-4db4-be9d-9bbfc719ce6a%3C%2Ffps_id%3E%3Cutm_source%3E%3C%2Futm_source%3E%3Cutm_medium%3E%3C%2Futm_medium%3E%3Cintcmp%3E%3C%2Fintcmp%3E%3Ctimestamp%3E2022-06-24T02%3A10%3A33.125Z%3C%2Ftimestamp%3E%3Ccampaignclassification%3E%3C%2Fcampaignclassification%3E%3C%2Fcampaigndetail%3E
www.shultsfordsouth.com/	1970-01-20 04:00:40	Name: winsight Value: true
.admission.net/	1970-01-20 12:46:12	Name: dtuid Value: 1656036633179701936
.everesttech.net/	1970-01-20 12:46:12	Name: everest_g_v2 Value: g_surferid~YrUdGQAAAfj6w3g4
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YrUdGQAAAfj6w3g4
.t.co/	1970-01-20 21:31:48	Name: muc_ads Value: 47bc7a34-73ba-41d9-91c7-2d63d3bfe536
.twitter.com/	1970-01-20 21:31:48	Name: personalization_id Value: "v1_EjSoHiAyfOjICfgV8XM/Ew=="
traffic.prod.cobaltgroup.com/	1970-01-20 04:10:41	Name: AWSALBCORS Value: 1L0AGRCjlh2RlBWx/qOFDu5xcQP4HikEl/RptQAahEuy3FgRmR9lAeiTEzGyKoAKXygptBKPZ2NFteH4HNIKM6Glc8bF4pf/7OWoqmGFyg8qQ2oLAtwZP34Sncxm
www.shultsfordsouth.com/	1969-12-31 23:59:59	Name: smc Value: .1656036633523.4830
www.shultsfordsouth.com/	1970-01-20 12:46:12	Name: mmc Value: f22b59b2-1066-464d-8d73-df584c6fc7b3
.marchex.io/	1970-01-20 12:46:12	Name: tracker Value: IGRvdWJsZWNsaWNrPVN1biwgMjQgSnVsIDIwMjIgMDI6MTA6MzMgR01U
www.shultsfordsouth.com/	1970-01-20 08:19:48	Name: FDPixelCookie01 Value: fbpixelidffloodundefinedeof

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.shultsfordsouth.com/ApplyForCredit(Line 199) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.shultsfordsouth.com/ApplyForCredit(Line 199) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://assets.adobedtm.com/248d63c2ff6b/b5846c9c43d5/launch-4d1cc8f12ddd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
worker	info	URL: blob:https://www.shultsfordsouth.com/210c85a4-39c4-4273-b5e3-284f789173ee(Line 32) Message: pfs 200
worker	info	URL: blob:https://www.shultsfordsouth.com/2fc5447a-dfb1-4b34-a239-04729d9a31c7(Line 32) Message: pfs 200
worker	info	URL: blob:https://www.shultsfordsouth.com/696ac274-ffcc-4ff8-ad74-613ca17ce86e(Line 32) Message: pfs 200
network	error	URL: https://cdn.spincar.com/spincar-static/integrate/shultsfordsouth.com.js?_=e714465c Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lender.autofi.com/api/v1/autofiData?currentUrl=https:%2F%2Fwww.shultsfordsouth.com%2FApplyForCredit Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s.ixiaa.com/a.gif?partner=1183949&client=1183949&campaign=1183989&source=ford-shults-south Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/398676.gif?partner_uid=1656036632565727396 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/456519.gif?partner_uid=f4e14fd6-c188-4a7b-8e6e-9cc669397a1a Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.routeone.net/XRD/xrdStart.do?dealerId=IR4EQ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

690327.fls.doubleclick.net
690333.fls.doubleclick.net
aa.agkn.com
aalnk.com
acsbapp.com
adservice.google.com
analytics.twitter.com
assets-tracking.crazyegg.com
assets.adobedtm.com
bat.bing.com
c.evidon.com
cbo-loader.gubagoo.io
cdn.acsbapp.com
cdn.gubagoo.io
cdn.spincar.com
cdnjs.cloudflare.com
checkout.autofi.com
cm.g.doubleclick.net
connect.facebook.net
creativesham.blob.core.windows.net
creativesham.queue.core.windows.net
creativesham.table.core.windows.net
d.turn.com
dpm.demdex.net
dt.admission.net
dt.cobaltgroup.com
exos.azureedge.net
fo-static.assets-cdk.com
fonts.googleapis.com
ford.demdex.net
ford.tt.omtrdc.net
fps-prod-na-frontdoor.z01.azurefd.net
fzlnk.com
googleads.g.doubleclick.net
gubagoo.io
gubagootracking.com
idsync.rlcdn.com
insight.adsrvr.org
integrator.swipetospin.com
js.stripe.com
l.evidon.com
lender.autofi.com
m.stripe.com
m.stripe.network
media.assets.sincrod.com
mtafunctionapp.azurewebsites.net
odr.mookie1.com
pagestates-tracking.crazyegg.com
pixel.everesttech.net
pixel.rubiconproject.com
px.marchex.io
q.stripe.com
region1.analytics.google.com
rw.marchex.io
s.amazon-adsystem.com
s.ixiaa.com
script.crazyegg.com
smetrics.ford.com
snc.marchex.io
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.digops.sincro.io
tags.bluekai.com
tracking.crazyegg.com
traffic.prod.cobaltgroup.com
us-u.openx.net
westmifflincredit.com
wsassets.sincrod.com
www.facebook.com
www.fdcampaignstudio.com
www.ford.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.routeone.net
www.shultsfordsouth.com
www.westmifflincredit.com
s.ixiaa.com
104.244.42.5
104.244.42.67
104.92.81.61
108.128.215.255
13.57.85.43
138.128.247.123
141.193.251.239
142.250.185.226
142.250.186.134
142.250.186.34
143.204.89.113
143.204.89.20
143.204.89.6
143.204.89.64
143.204.89.7
143.204.89.85
143.204.89.97
147.185.239.105
15.197.193.217
15.236.176.210
151.101.64.176
174.137.122.131
18.234.8.45
199.232.188.157
20.49.97.1
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
209.54.176.128
2600:9000:2057:6400:19:2275:c3c0:93a1
2600:9000:2156:1a00:6:5a0f:e940:93a1
2600:9000:2156:7600:19:7d10:bd80:93a1
2600:9000:2156:ca00:1d:cf92:a80:93a1
2600:9000:2156:d800:a:7593:bf40:93a1
2600:9000:224a:6400:12:e632:2080:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:180e
2606:4700::6813:9308
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9b
2a02:26f0:ef:280::1e80
2a02:26f0:ef:290::1075
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.213.19.182
3.248.150.209
34.217.199.81
34.225.134.186
34.248.142.13
34.250.36.127
34.98.64.218
34.98.67.61
35.170.158.2
35.173.71.4
35.244.174.68
52.162.204.184
52.201.41.73
52.240.48.25
52.240.48.26
52.240.48.36
52.48.114.92
54.164.211.210
54.187.119.242
54.77.179.162
54.84.84.22
54.85.235.187
69.173.144.138
69.192.160.219
036936a1ce14c6dc76151dbde8685c35030517bb7e7a5d22c9410b06fa99019f
0385ee74ecfb95851591d855ebe9ce33585c9e2521b333105b1177813700c300
0496a6fa327949dfdb1fe639f9e59dea04fe367657ee1dd5dbe633e91adf36b5
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
060882b6a6592e961a6df5bb48a44a480d088b4a41fbdd216eb649d7374fd475
06d52866df91df2537088ccbfcb07889278f6f2cd27edc56bbe0263968d91623
0864517d69eb24ee1a69e04d937d426762588db7cbfd1b4e4a99e86244857113
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd0fdee931d7bb7024a1322d0f81fe0a1204549f6c99e87eaed47b33af4169f
0fc7ce7c1e58db91a91547ae74717eb26d3ed7797d09e70fef9a15b0124635da
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
1072d86cf488809be6dc47305bec0fb7288996943b2ac19cd1b5a2e32c60e159
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11635292c73784293659a8367851c8772c34406ecaf1f19a4c9c27c1cf4c68df
159ef4d9ddb4210a1c80efcc985301e806d434d350ca6626eb5a1fba7e4bb710
16b523dcd6a155504995b813342a824660adb81f2fdd7259ba87a285dadff4cb
19742d915958a7525879a20699efdda3cb8214cf7eaf07c18a0fffaf12c71b63
1aa0ff68eecd16675308a4ad1c8bd54aaddcc613bd04f67e59a5cb2a65d25efd
1b1d4a929c9a6841bf5384b40f6a652de583c0ac0cb147b14f0524261e9ec2bf
1f7b48af9d7364b9cae5a0a44035509dace8df76e12239abfd21c9fa1c55a793
2401ba04172df8d8d08948f32b9d7eeccd145eafa3888a24412a1f71981c37ba
243ee9d9bf3d31bf74d4bab58dc2b5f6a804a3bcbaf8b6391884038daf7f074c
25f5e78664ffc9a8c7c4b87c22e7c41f9a3aa85c76c0ee8bc304e1b7d9a0f330
272b9ff60113bccbe6ae7a3bbfb5656ef98a1c0364639ed13e598c1cdaacb37c
2794fd465664c81203539df50cb7bb8e343dbcb59598845c4c5169f7f01e92ea
298bcfaef1099bfe478aade287a8a93afe9aaa55d15197aa5951380686499e3b
2a510608bea5a262a86f8fa0ed974324267763020fc1ace6d2e0930c7adbeeff
2e85eefcb1e07382613b4c1bc4947863bc077989a14979d2b18a2a7206056d1a
30a29dc07665479d26fa72f2e93f700ffa0acf4523ae1a4a146dedd01210d12d
30e1ef7593b929ad135e7cdcd98a42c4e1132511ae6cc9ff995e98ac185ccfc2
344e0507e8bd6b3d60c138e91aff3cc177e6ad97c55a54ba4380ad215d7a003a
3490aaa63d40dca0841016447d9b156eb3791814bbbccc7319760e8b646cd6bc
34924bf674641aad200185693a615a4532d10e2ca8e1462761d246c1a8c90589
349735b8cb9eb961d7008ea2026ca9d8eac90ee373b7001dfdb875627da53fd8
3c9f4a7c2726c231c4a10e106d29002219a9dbf9ce2c0aaa19626c8db5f268d2
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e4dc1213dc5cde2b73637adac1a663a2f9c2656ed656f57c17eb8bdb63896c7
3ef16ffcc792b5fa8cf62b5c53b5cc32b6258e51b72751c47e9ea2c0f519ce0d
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
41ca903c1473f86aba2e91b4d06f9a89a363e9f2e5a3efdfd0cc675a9aafc75f
4359202b149eb07e3ddea304f3a45c678975575759768cb663cb453e606d33f4
46787dd8637d6a3eb90accc10852bfbcec47e4509d0e8be42535e007d253c78b
473142ce29b72063c2e28861942733b692e92e2ca0f57ba48bd5e5ebb23cb6be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ba994a639e2f32fed95f9b703dbc36c14af9f662e078866d4c094f2899d7f2
49cb91c4f1144347a19ee071b30fa8ca705d8ff05187984935c678bac2a9c546
4a4a1c64e09257bee28c09fa5aedd504c9182130a6a28d25a5444155eff83513
4d1c60a4ae5578bacb41b21b868a9b6a19f540ef1add76a78866b1c634368f97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4b26f2afe288e78b3fa5c75033e2204077c27d61f1ebb5e031282c422786f1
4e96d3915b55b9dc79d9ee8ac6d07f2537d75a1af56bdf11a645f9b1ebace18f
4f2831cc0da68d61caca4ddb350b8d4b5b176f480d138ad4c8dd976219a17fad
4fef7c361e1c8a91e632b5c7f0c13e1ba9b8a9b6fa06183e1ad0641b953122f4
513f4e6cef6e711dd78bc89a856ba58f3c9213137ff6fef8be183639750f7b14
51810e54fbe5651dfa644edf7903aab75804fbb1b2545259c8a1902a97637dde
52571863a599363e5a336d3cb2fc98fc98075c90982cc4ff2e1efcfdba7d6d87
526ed6796fd66af711c6e5900fc940e1e0f1b3112fcbc0e4a5e9258f20a80aad
52d64052b6cd1452faa90da5a63b61ac876bc0dc31a4e9caae8976a3f478fcd1
54a537f6f66441dc68a25558e658756b7c3e7e33b94986a93f4d2e280ab1b68c
5a5d4617f53ffd37e919cdaa79fc7658f67f1a4bd1ee45a6735af66f8bec9d16
5fc075a4be18e3c91b81bca52672787aadeb81ab87b2abb4596f64c20e3a3ec5
600cb9a4546d3e74f247708765d7218fa32bc68258f35ad404e4da2a1b0c1656
62cfa3bbb307dca38eefe78f5152f29723d5ed151e9c5b8e598271bea113d205
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63f66e890c656dc5f3f039ab5dc54c24c5ceb1bde7a8c1a6cf6d8c6c5e9d8e08
65378f092b110d28b911e5f5e20d83bd8763d4e6efb44d0709721ef784ab99e4
66dd7e53411bd89384765197f1fd986c9549aa6218de4bdd1eb5a21607b2aec7
66ed181d53b2a47e9d374451907ff8468486ed602b763e13a0d48d91c3c8c4f3
670ee6c1ca74619214047ff4135fa53e8ad6ec8b5121c202012d145e174bde77
6e1b79ec68183959e8ea8d86db9b1a84b76c03b60d74ea4851598aa626a162b5
7074184c483a6bfebf5fae6a183f1fa922e5760dc1ba726f3be1802af4088db3
716b7808bef24df83c18c185043e8789401f6f5aa8c6e1eb25f3b808059c1b98
755810d829a0945af916da87adf5af1b2577df753af6ee725228ba5c627c4b5f
76ac86b1ca005f11bc783424dbfd3a12c143429c2fe9240a45ffae13560dc0e7
79905fa9c1fa5308b609e8fea47193df27f5911e653c68baac03d2e2c6b215f6
7bb0b42de5898d2705e191543dfc4034a84c69381e21a58cb04ac0202caf308f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cde8955dd1cc410770b15985c2b9804d95ca739d6f4b7874d9698427e317c61
823ca20d14628c0765376b35ae70aee1bc9782da72ef22e580969f6e2bc6dcee
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356b1753a93f779331e8417546cc2857110bc74b77c201ae1c2210f33c8247a
83cfd99bb43cb269d6e8b9720814ae6a858e8b3bfb3275e10833a3840116c16d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85880bb9bbebc0ac7cdc407ec80a75093a4d405c0cfa8dd7a35a05f990bcf9fb
864502a3b06254f0a797eae674df73bc4013331ba363cf23bb6f42c25b2a1d59
89b0d23f41a8bf618920bdf77b95de6139bbb808e5b528b4369385aaee92195d
8bd7ce0acd853855da97f9bae5d6fdd95318323f1b74b6eaab907f49647d46eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee31a8ec197b5bcccb6391b0ebe3cbb22237d183311f82a81f8dda422ab125a
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
902d323be237aab49171c7c57c503d3aab2368736d357d39291cfed319fffce9
90887fcf873aaee7e6f32972752bee5f40049984b2f3a0aafd0c92b0bb12454c
917375849ec4330488a733867ecda4e9ba60618ce62aabfb8eacf4e2a1277ee6
942fd9e3e334b0c031210e540a1de0d4125ebdfe3a61f30a4967f7b4bf5aa4ab
95b36f0b598064dccd79918084e3dbe82f68d5f35a1e22f9299559753021c290
9808a32c39d567a100f8fba11f542b35c43e5a92fb7642cf77d521459fd6a390
989a307c1e8c954c403599c03dd9884039cd52228a09da9d592cad78a38d73b7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ae7386ad1b3c7a29b73aae154d24082d2b10c5141d7cdca6761a7fc554795f8
9c30905ffd81a07f5d1c38082c1c6d95f3842445b28612cf8f1b11cb291fb386
9d16b952176c29bb311afe9e9d98dc81f23ae7373a2af685f4e20206987e67d7
9dbb5756dcbba9910bbf701834ba74d3d8887c40d817ba623b3f19738905359f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a24924de8430c1e2b8d4ea1fd64d5c9da6a99a492c42f4a38b0ac03a2b843c
a471bb4843f880bee61423eab960bd4cd83525b949232d255e1aed6352511351
a57834c9a7978711d3d27a53b13e2a46548deee1685fb2e4a5561f256a2fcd91
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a9153e7f3571474652e0f7c590fa3f3ff5215659961a2183772864ce0e82e9a7
a9c5332b1532ddec4a3f40d56c47e41b8cd23ded059a8e31128b53be75f75b18
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7d436259d9e51363161e007905ef250116c889ec097096b5097d7aebe9e317b
b8f68ec748e6ca1cda1be48a6b9f45f0772a3b71e143354e8fa4922a7d016c61
bf450887b0645d334ba1fb77ed67efe0057de3e63e5421681683229d1be0478e
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1c6c18e564c90badd969953bdbc7c5297fdca53dd3eff7f50a6ee69c24b042e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3a9213e34c0f222c1ac8bbd393572837c0fd576a0a5db132c44c54103992d5e
c48aeb5fd15a7c40c8e367d1ac76ffab5c51e2279b3e2a162c0181dd03f47586
c70e7ebd9c8d28034c7e5e52d736447c8882955922ea8974067661b37308bd55
c73cbd2c72159d2cdeddaaa2e80ce5b1a397ce5b6d2270c44f7e89cb711bd290
c7aff8498ce062d76a9b0c237c1a7439b5cc8fb39fffb014606a0fbed49860ee
c7bf18d3d3298059c4e097b0a7267c594098f3119d208b516a5d15a9c1f9b1e4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e4d5523deb4a3d8c47da92ba6eb439ee2958979d30351b591ba123b086a863
cad00e97b1de2c9c8b041aac59c7d56fa8395adcebbf59507050c77cf4a29d3c
cb53007010874b9ce94082a4128fb859cd316d45c5761ef0396b605b5d0edfd0
cf3e49414eeb6f0bd9dd120aa721e720a49c1f3870b4e472b0671894e4b0297f
cf5dbf4281457879edd5128c7de20106871b03f94896e0143601a236d01ccc2a
d04d8cf413dd55fef13403f8e5e68f54bd36de1ab4e567973b7d14cce3d95def
d19ea24eb16259a32a4dd8da233a0ad363db963c37aadcbf91280b197fd7668c
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d787751900b095fb05c5e9680aaecfbcf455b6834cedeb40c1ac16cdeac1e836
db710b2b228ec2aa2a046f17f4af881df8824694b676dbfe4394407e2fdaefd7
db81c73926eb48eede13e07dbb9db9ff718327a2b393956344e07a626ac7666d
dc318a1facaf2dff8f9e2d372a54b974fbf16b6c610b74301c34f698e40d0390
dd32dd1e09c094cc8e3ad7770a3c8b9cc11664f83ca739afc0f1f091a413758e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4062a23a607f79ca256db8184d9dba90e8dfecae479b6ef79cc640c64f096ad
e68b7a0207c24c76c8cfd874fb1dd0e7b4bd89ee80540c5c18bf9471003029f0
e7aa1692b259e875fca3732a0c7fd02ed83802dc341e3ce4318dae28b3748a87
e7d7e86ab5d9ff97059d7cc843978fdb3c41b22ab9692bbc5840cc8f51a73ec7
e86989fc556d8439a1fa1f697da4cc0d31001db2042b7ea179526235f81daba9
eaeca7b0c68cac8c8ca0eb34272d4f17e0a16889fdf8311c8cdb7f0e28a4a083
eb3c99d25a213a4b8e262d2dd9cb4e02f741934d320d1648dc87080bfa66f503
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ff34cfd56e6e58ed561a74d7f9a5807c18e6a6b2adbab054b6f03f13505e7
f095a1aaaa4f5292c2b8e3fa0e751073453738b3dc91dfb3d5e415db23399b32
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6d9fc8462ef09acf5d1987b19a3e04c15c921699fc82679c7e94311fd454d74
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007
fcc17f84f5d11e969d50f9c477e28a350be200f23211f9f02b041ade37b047b7
fd17341b646d26459fa7e9477c674880dc40a8cad06ca6f4978d8516535236a0
fd2be0cad1ca33cef25e60297959b1ffacee8433e8a03a82b5bd81c1dfa938a8
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fd84e3f5931e69b7c4c1e7c26dfbeb2233ef101c52a10f3de91f309afc55276c
fe4348eaa2a357ccc3a9043c01635b6bd617044116d50d8fbc8c46e9ac57d2c2

www.shultsfordsouth.com Open in urlscan Pro 143.204.89.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

92 %HTTPS

33 %IPv6

55 Domains

80 Subdomains

73 IPs

6 Countries

3323 kBTransfer

11618 kBSize

87 Cookies

27 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.shultsfordsouth.com Open in urlscan Pro
143.204.89.6 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

92 %
HTTPS

33 %
IPv6

55
Domains

80
Subdomains

73
IPs

6
Countries

3323 kB
Transfer

11618 kB
Size

87
Cookies

239 HTTP transactions
6 data transactions