www.setf.com Open in urlscan Pro
45.60.240.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.setf.com/
Submission: On November 18 via api (November 18th 2023, 7:21:46 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 50 HTTP transactions. The main IP is 45.60.240.243, located in United States and belongs to INCAPSULA, US. The main domain is www.setf.com. The Cisco Umbrella rank of the primary domain is 678062.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 12th 2023. Valid for: 6 months.

This is the only time www.setf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 31	45.60.240.243 45.60.240.243	19551 (INCAPSULA) (INCAPSULA)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
2	2600:1408:c40... 2600:1408:c400:2b::17de:4d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	146.75.37.230 146.75.37.230	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:2b::17de:4cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::8a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.125.209.212 20.125.209.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
50	14

31 45.60.240.243 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.setf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:2b::17de:4d4 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.37.230 (Reston, United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:2b::17de:4cc (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.209.212 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	setf.com 2 redirects www.setf.com — Cisco Umbrella Rank: 678062	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 c.clarity.ms — Cisco Umbrella Rank: 1405 v.clarity.ms — Cisco Umbrella Rank: 7292	27 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	179 KB
2	medallia.com resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4548	86 KB
1	kampyle.com udc-neb.kampyle.com — Cisco Umbrella Rank: 2563	318 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	344 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	763 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	4 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3780	45 KB
50	11

	Domain	Requested by
31	www.setf.com	2 redirects www.setf.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	v.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	www.googletagmanager.com	www.setf.com www.googletagmanager.com
2	resources.digital-cloud-west.medallia.com	www.setf.com resources.digital-cloud-west.medallia.com
2	use.typekit.net	www.setf.com use.typekit.net
1	udc-neb.kampyle.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.bing.com	1 redirects
1	unpkg.com	www.setf.com
1	p.typekit.net	use.typekit.net
1	cdn.evgnet.com	www.setf.com
50	14

This site contains links to these domains. Also see Links.

Domain
exploretoyota.com
www.facebook.com
www.toyota.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-12` - `2024-05-10`	6 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2023-11-01` - `2024-12-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-03-29` - `2024-02-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.setf.com/
Frame ID: 4EBC5C6FAD131DF38BCBBA9B0C5F58BE
Requests: 50 HTTP requests in this frame

Frame: https://www.setf.com/-/media/images/benefits/setf/animated-account-access-icon.svg
Frame ID: E15119ECDD471B1C7AED0DFE2A6D9B58
Requests: 1 HTTP requests in this frame

Frame: https://www.setf.com/-/media/images/benefits/setf/animated-account-alerts-icon.svg
Frame ID: 0A6011497CDA3E159947CA51C2A74F0F
Requests: 1 HTTP requests in this frame

Frame: https://www.setf.com/-/media/images/benefits/setf/animated-account-service-icon.svg
Frame ID: 3015F369E75BAF1CB9DA91FA02890DAB
Requests: 1 HTTP requests in this frame

Frame: https://www.setf.com/-/media/images/benefits/setf/animated-account-management-icon.svg
Frame ID: 86677163538AE6C78D26004667F7607D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Southeast Toyota FinanceClose

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

50
Requests

94 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

14
IPs

1
Countries

2319 kB
Transfer

4626 kB
Size

32
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://exploretoyota.com/
Title: View offers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/southeasttoyotafinance/
Title: Find Us On Facebook

Search URL Search Domain Scan URL

URL: https://exploretoyota.com/offers/
Title: Local Offers

Search URL Search Domain Scan URL

URL: https://www.toyota.com/
Title: Toyota.com

Search URL Search Domain Scan URL

URL: https://www.toyota.com/owners/
Title: Toyota Owners

Search URL Search Domain Scan URL

URL: https://exploretoyota.com/toyotacare/
Title: ToyotaCare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.setf.com/areas/SETF/fonts/ToyotaType-Regular.woff2 HTTP 301
https://www.setf.com/areas/setf/fonts/toyotatype-regular.woff2

Request Chain 26

https://www.setf.com/areas/SETF/fonts/ToyotaType-Semibold.woff2 HTTP 301
https://www.setf.com/areas/setf/fonts/toyotatype-semibold.woff2

Request Chain 46

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&RedC=c.clarity.ms&MXFR=3129881718456B5A04139BDA1C456526 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&MUID=3502DB5164596E5B0F7AC89C65286FB5

50 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.setf.com/ 45 KB
12 KB 796ms
727ms Document
text/html 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3ba3bed9a5a910e1d85de133a23c1bcaff42484ff04a67f5fa620b68cf4cfc2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 19:21:39 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 13-28711008-28711013 NNNY CT(25 53 0) RT(1700335298290 30) q(0 0 0 2) r(6 7) U24
x-xss-protection: 1; mode=block

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/jmfamily/production/scripts/ 178 KB
45 KB 114ms
29ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/jmfamily/production/scripts/evergage.min.js
Requested by: Host: www.setf.com
URL: https://www.setf.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b942eed163cdb44aa4b80ebf3d38792073e99e3dbe3869793f1dbbc36fac9a23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: TClSkA3FfNyhrqeultvIVmAo_7.9E7gM
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sat, 18 Nov 2023 19:21:40 GMT
x-amz-request-id: 70DZ7JVXV9H5TYP6
age: 75
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 45949
x-amz-id-2: GAWZTEPyTvv7ty35XHN4o9XeBxLl2HNlHQBdQu6NI77q0bA8jO/AtM9rL8abCo/hiKuV8Jbv3cI=
x-served-by: cache-iad-kiad7000127-IAD, cache-mia-kmia1760072-MIA
x-amz-meta-evergage-sum: 3c68786228de9552c039140ebb15d0002fcf7bfc
last-modified: Thu, 09 Nov 2023 12:41:20 GMT
server: AmazonS3
x-timer: S1700335300.137586,VS0,VE3
etag: "b39d80cda0399a51fed6f801e6d3ed3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 120300, 1

GET
H2 200 styles.css
www.setf.com/areas/setf/content/ 773 KB
97 KB 76ms
75ms Stylesheet
text/css 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/setf/content/styles.css?v=1.0.8710.21748

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a9205ccce9892c91011fa72597c8d65c4f7014c1d3a9fb5179f721186c952377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Nov 2023 12:08:48 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
etag: "0853ffa910da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-iinfo: 13-28711008-28711013 PNNy RT(1700335298290 817) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes
content-length: 97615
x-xss-protection: 1; mode=block

GET
H2 200 VisitorIdentification.js Show response
www.setf.com/layouts/system/ 2 KB
2 KB 77ms
76ms Script
application/javascript 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/layouts/system/VisitorIdentification.js

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Mar 2019 15:09:18 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
etag: "0e3de3678e5d41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 13-28711008-28711065 NNNY CT(25 52 0) RT(1700335298290 821) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes
content-length: 910
x-xss-protection: 1; mode=block

GET
H2 200 qxt4vzx.css
use.typekit.net/ 3 KB
905 B 172ms
54ms Stylesheet
text/css 2600:1408:c400:2b::17de:4d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qxt4vzx.css

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2b::17de:4d4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

110acec63c257f1019a8b2faae468f20b280945296d9d5faa70669f696d5bb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 18 Nov 2023 19:21:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 682

GET
H2 200 setf-logo-fullcolor.svg
www.setf.com/-/media/images/header/setf/ 11 KB
5 KB 170ms
169ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/header/setf/setf-logo-fullcolor.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

526fbc46d7a83cf53f0e4bafcf4f2cf6a0291b0de72b193ad356f9b24f28e278

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Wed, 14 Jul 2021 14:17:53 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711067 NNYN CT(25 25 0) RT(1700335298290 823) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="SETF-logo-FullColor.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 caps-lock-icon.svg
www.setf.com/-/media/images/vehicle-information/registration-sign-in-wizard/ 1 KB
2 KB 142ms
141ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/vehicle-information/registration-sign-in-wizard/caps-lock-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b99ecb06cb7e0104c1275a217955f9bd3484e35c5ab0177cd29f314c4e9b1f24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 10 May 2022 00:54:36 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711069 NNYN CT(25 25 0) RT(1700335298290 825) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="caps-lock-icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 mfa-icon.svg
www.setf.com/-/media/images/vehicle-information/mfa/ 2 KB
2 KB 75ms
73ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/vehicle-information/mfa/mfa-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

596418713ac119ccbd4699b7e2aca667eaed86875721bcfb2031c45a8408f0a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Wed, 05 Apr 2023 12:25:32 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711067 PNYN RT(1700335298290 968) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="mfa-icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-access-icon.svg
www.setf.com/-/media/images/benefits/setf/ 36 KB
12 KB 102ms
102ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-access-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

678c760e5775479a6a6c6d1faaddaad4d9716abeb937f240bc421494ec75c17a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 10 May 2022 19:43:43 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711069 PNYN RT(1700335298290 989) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Access Icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-management-icon.svg
www.setf.com/-/media/images/benefits/setf/ 37 KB
12 KB 80ms
80ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-management-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d2f0dd095b40e08f606c88fd19a049234bee9cc79f139ab3821a848feaf61a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 10 May 2022 19:43:19 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711067 PNYN RT(1700335298290 1170) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Management Icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-service-icon.svg
www.setf.com/-/media/images/benefits/setf/ 44 KB
14 KB 104ms
103ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-service-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

58dbc2b37d533d4f36ae46a226386c4a5b8051fe8d01950f52ba5d569705e632

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 10 May 2022 19:43:31 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711069 PNYN RT(1700335298290 1202) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Service Icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-alerts-icon.svg
www.setf.com/-/media/images/benefits/setf/ 42 KB
13 KB 105ms
103ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-alerts-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bff25d30a567a3a9a9e76463dbb2b562f4254979e8d2de5056f12d443d481618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 10 May 2022 19:43:03 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711013 PNYy RT(1700335298290 1204) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Alerts Icon.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 25054_set_toyotathon_setf_header_eventlogo.png
www.setf.com/-/media/images/reusablecontent/ads/setf/set-offers/html_event_logo_200x50/ 9 KB
10 KB 126ms
125ms Image
image/png 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/reusablecontent/ads/setf/set-offers/html_event_logo_200x50/25054_set_toyotathon_setf_header_eventlogo.png?h=50&w=200&hash=58C3A0B5719601BA6792DFD4E0387DFD

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

807846fb2cea346123b73d0398f993d86a5596affafcff0d12c57fe62b358a01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Wed, 15 Nov 2023 15:34:58 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-28711008-28711065 PNNy RT(1700335298290 1207) q(0 0 0 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="25054_SET_Toyotathon_SETF_Header_EventLogo.png"
accept-ranges: bytes
content-length: 9170
x-xss-protection: 1; mode=block

GET
H2 200 setf-logo-fullcolor.svg
www.setf.com/-/media/images/footer/setf/ 11 KB
5 KB 142ms
141ms Image
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/footer/setf/setf-logo-fullcolor.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

526fbc46d7a83cf53f0e4bafcf4f2cf6a0291b0de72b193ad356f9b24f28e278

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Wed, 14 Jul 2021 14:19:07 GMT
x-cdn: Imperva
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711093 NNYY CT(25 26 0) RT(1700335298290 1210) q(0 0 0 -1) r(0 0) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="SETF-logo-FullColor.svg"
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/24233/onsite/ 1 KB
988 B 168ms
54ms Script
application/javascript 146.75.37.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/24233/onsite/embed.js

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.37.230 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2145c53394c670fa5ca35b31593cc90b0d5949eaec6f50b215992d3c85eea9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: clQyWOlbyMJGrjoplGmkrA7YL4EOqlmU
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: FSV9E6KGFKJG8H1A
age: 442884
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 531
x-amz-id-2: J7tN3SBm+tBnMN87UKqtLq9ofjQA+mjk4pQWhwIlXKYg9EeFJOHiANERs4fA4MSAFZofLrB/lhs=
x-served-by: cache-iad-kcgs7200040-IAD
last-modified: Mon, 13 Nov 2023 16:20:16 GMT
server: AmazonS3
x-timer: S1700335301.548696,VS0,VE0
etag: "c6aeb9d16e7215cd6de9dc67723c51f3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 main.bundle.js Show response
www.setf.com/areas/setf/scripts/ 327 KB
89 KB 72ms
72ms Script
application/javascript 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/setf/scripts/main.bundle.js?v=1.0.8710.21748

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f40c10f6daaafbad865210f77130489c34d06ccf80f2fcef3edc9af142ddac99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Nov 2023 12:08:50 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
etag: "035840aa10da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 13-28711008-28711067 PNNN RT(1700335298290 1043) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes
content-length: 89589
x-xss-protection: 1; mode=block

GET
H2 200 _Incapsula_Resource Show response
www.setf.com/ 160 KB
23 KB 62ms
61ms Script
application/javascript 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.setf.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1411997228
Requested by: Host: www.setf.com
URL: https://www.setf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.240.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 77fa41279bd76f8b1353bacbac58b59dc72d7e74f3a7f929c1b13261dc255660

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 22997
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
91 KB 183ms
78ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N86NDHC

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a07c08a144426085b4c24717eb529693613289682e7a01a6ed1caaee7a19c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92923
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 19:21:40 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 172ms
52ms Stylesheet
text/css 2600:1408:c400:2b::17de:4cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qxt4vzx&ht=tk&f=27034.27040.27042&a=4286737&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qxt4vzx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2b::17de:4cc Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 svgsheet.svg Show response
www.setf.com/areas/setf/images/ 141 KB
50 KB 127ms
127ms XHR
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/setf/images/svgsheet.svg?v=1.0.8710.21748

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5e9fb32a34a85c56294c8de444369dcbcb36e04f926b04dd203329c251c85081

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Nov 2023 12:08:48 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
etag: "0853ffa910da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-28711008-28711096 NNNY CT(25 26 0) RT(1700335298290 1220) q(0 0 0 -1) r(0 0) U24
accept-ranges: bytes
content-length: 49998
x-xss-protection: 1; mode=block

GET
H2 200 312066-2021-sienna-driven3-mobile.jpg
www.setf.com/-/media/images/contentblocks/setf/pages/homepage/ 135 KB
137 KB 121ms
120ms Image
image/jpeg 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/contentblocks/setf/pages/homepage/312066-2021-sienna-driven3-mobile.jpg?h=720&w=1280&hash=712384B92EADC79E37429C45185FA9BC

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f75dae39e181853d32ac6b0589df17a95cd465256547cee3556b42833beab9a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Fri, 11 Aug 2023 14:40:48 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 13-28711008-28711067 PNNN RT(1700335298290 1222) q(0 0 0 -1) r(0 0) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="312066-2021-sienna-driven3-mobile.jpg"
accept-ranges: bytes
content-length: 138684
x-xss-protection: 1; mode=block

GET
H2 200 2023-kbb-1280x720.jpg
www.setf.com/-/media/images/magazine/2023-kbb/ 157 KB
158 KB 186ms
185ms Image
image/jpeg 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/magazine/2023-kbb/2023-kbb-1280x720.jpg?h=720&w=1280&hash=5674250FD99A9831BDD73CBF731DA43B

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8860efbf7bc6382ab880d5f46efa8e2c449c219081832984aa1e57eef55246f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Mon, 24 Jul 2023 18:33:34 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 13-28711008-28711096 PNNy RT(1700335298290 1224) q(0 1 1 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="2023-KBB-1280x720.jpg"
accept-ranges: bytes
content-length: 160442
x-xss-protection: 1; mode=block

GET
H2 200 25054_set_toyotathon_setf_header.jpg
www.setf.com/-/media/images/reusablecontent/ads/setf/set-offers/html_bg_950x900/ 72 KB
74 KB 214ms
213ms Image
image/jpeg 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/reusablecontent/ads/setf/set-offers/html_bg_950x900/25054_set_toyotathon_setf_header.jpg?h=900&w=950&hash=EE62B29B57D09A10B632ACD8F31003DE

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4b398b6e47bddc78f550b82fe9fb4017050967802afec4469628ab57df1c4717

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Tue, 07 Nov 2023 18:45:12 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 13-28711008-28711067 PNNN RT(1700335298290 1227) q(0 1 1 -1) r(1 1) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="25054_SET_Toyotathon_SETF_Header.jpg"
accept-ranges: bytes
content-length: 74129
x-xss-protection: 1; mode=block

GET
H2 200 toyota-lease-or-buy-thinking.png
www.setf.com/-/media/images/reusablecontent/cards/setf/ 308 KB
310 KB 266ms
265ms Image
image/png 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/reusablecontent/cards/setf/toyota-lease-or-buy-thinking.png?h=720&w=1280&hash=2F22CFD1C66A77166A339D161F22A70F

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3e86dc1a9f1d417d670c6d085d3cc24546e35371775fa980033b5a694e1c84a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Fri, 30 Jun 2023 15:32:34 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-28711008-28711013 PNNy RT(1700335298290 1230) q(0 1 1 -1) r(2 2) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="toyota-lease-or-buy-thinking.png"
accept-ranges: bytes
content-length: 315566
x-xss-protection: 1; mode=block

GET
H2 200 as_college.png
www.setf.com/-/media/images/reusablecontent/cards/setf/ 362 KB
363 KB 251ms
250ms Image
image/png 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/reusablecontent/cards/setf/as_college.png?h=270&hash=43625711A7A6467ACB040A63B99E92ED&w=480

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b166e185ee91ad4267e5da17736994c5c3ab2633fb09cd4d09bf5b28149c5e84

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Fri, 30 Jun 2023 15:28:26 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-28711008-28711093 PNNy RT(1700335298290 1233) q(0 1 1 -1) r(2 2) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="as_college.png"
accept-ranges: bytes
content-length: 370321
x-xss-protection: 1; mode=block

GET
H2 200 as_military.png
www.setf.com/-/media/images/reusablecontent/cards/setf/ 352 KB
354 KB 267ms
266ms Image
image/png 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.setf.com/-/media/images/reusablecontent/cards/setf/as_military.png?h=270&hash=67F3D9528805E338F2DE8542D32A1C16&w=480

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

706e4539433aa6fbd6573df9c5a216ffb239786252cf69312a6ce785766baac2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Fri, 30 Jun 2023 15:31:45 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-28711008-28711067 PNNN RT(1700335298290 1234) q(0 1 1 -1) r(2 2) U24
cache-control: private, max-age=604800
content-disposition: inline; filename="as_military.png"
accept-ranges: bytes
content-length: 360447
x-xss-protection: 1; mode=block

GET
H2

200

toyotatype-regular.woff2
www.setf.com/areas/setf/fonts/
Redirect Chain

https://www.setf.com/areas/SETF/fonts/ToyotaType-Regular.woff2
https://www.setf.com/areas/setf/fonts/toyotatype-regular.woff2

44 KB
46 KB

107ms
106ms

Font
application/font-woff2

45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/setf/fonts/toyotatype-regular.woff2

Requested by

Host: www.setf.com
URL: https://www.setf.com/areas/setf/content/styles.css?v=1.0.8710.21748

Protocol

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dbfaa5cf90c9e9330ce0a84e9b797297f6f126e0fd0a949bd9d12a7b591cec8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/areas/setf/content/styles.css?v=1.0.8710.21748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Mon, 06 Nov 2023 12:08:48 GMT
x-cdn: Imperva
etag: "0853ffa910da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
x-iinfo: 13-28711008-28711069 PNNN RT(1700335298290 1330) q(0 0 0 -1) r(0 0) U24
x-incap-sess-cookie-hdr: nM43WT8J3mjaYdw2WdnHDcMOWWUAAAAAeZRIahp8BbiXsrcHnpZ89A==
accept-ranges: bytes
content-length: 45424
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://www.setf.com/areas/setf/fonts/toyotatype-regular.woff2
x-iinfo: 13-28711008-28711069 PNNN RT(1700335298290 1236) q(0 0 0 -1) r(0 0) U24
x-incap-sess-cookie-hdr: xJoYDsgPsALaYdw2WdnHDcMOWWUAAAAAbrWr3IZ1yY3+JEdb6E5Bzg==
content-length: 185
x-xss-protection: 1; mode=block

GET
H2

200

toyotatype-semibold.woff2
www.setf.com/areas/setf/fonts/
Redirect Chain

https://www.setf.com/areas/SETF/fonts/ToyotaType-Semibold.woff2
https://www.setf.com/areas/setf/fonts/toyotatype-semibold.woff2

43 KB
45 KB

91ms
91ms

Font
application/font-woff2

45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/setf/fonts/toyotatype-semibold.woff2

Requested by

Host: www.setf.com
URL: https://www.setf.com/areas/setf/content/styles.css?v=1.0.8710.21748

Protocol

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6b099015dcb6b2be3a0a35c8eeef1a716e6c44938dcf11d091a513c3bb08bc8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/areas/setf/content/styles.css?v=1.0.8710.21748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
last-modified: Mon, 06 Nov 2023 12:08:48 GMT
x-cdn: Imperva
etag: "0853ffa910da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
x-iinfo: 13-28711008-28711065 PNNy RT(1700335298290 1335) q(0 0 0 -1) r(0 0) U24
x-incap-sess-cookie-hdr: Typ+My9yynHaYdw2WdnHDcMOWWUAAAAAfv6Pmk+eFfYL07Bssk+5ug==
accept-ranges: bytes
content-length: 44300
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 18 Nov 2023 19:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://www.setf.com/areas/setf/fonts/toyotatype-semibold.woff2
x-iinfo: 13-28711008-28711013 PNNy RT(1700335298290 1238) q(0 0 0 -1) r(0 0) U24
x-incap-sess-cookie-hdr: ldN+Lfd8bmHaYdw2WdnHDcMOWWUAAAAAtm5a3Cfh/96ZtI19KvtcIg==
content-length: 186
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/5c2715/00000000000000007735b54e/30/ 57 KB
58 KB 170ms
54ms Font
application/font-woff2 2600:1408:c400:2b::17de:4d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c2715/00000000000000007735b54e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qxt4vzx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2b::17de:4d4 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f4004d1e0abb854ac10ad894d1947c38898aa69957a3aa1a1e262d3fc65448f1

Request headers

Referer: https://use.typekit.net/qxt4vzx.css
Origin: https://www.setf.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
server: nginx
etag: "6d84695849a563bfa47c4fdfcbbab87788254d45"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 58664

GET
H2 200 animated-account-access-icon.svg Show response
www.setf.com/-/media/images/benefits/setf/ Frame E151 36 KB
13 KB 116ms
115ms Document
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-access-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

678c760e5775479a6a6c6d1faaddaad4d9716abeb937f240bc421494ec75c17a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.setf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Access Icon.svg"
content-encoding: gzip
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
content-type: image/svg+xml
date: Sat, 18 Nov 2023 19:21:40 GMT
last-modified: Tue, 10 May 2022 19:43:43 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 13-28711008-28711065 PNYy RT(1700335298290 1242) q(0 0 0 -1) r(1 1) U24
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-alerts-icon.svg Show response
www.setf.com/-/media/images/benefits/setf/ Frame 0A60 42 KB
13 KB 145ms
145ms Document
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-alerts-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bff25d30a567a3a9a9e76463dbb2b562f4254979e8d2de5056f12d443d481618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.setf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Alerts Icon.svg"
content-encoding: gzip
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
content-type: image/svg+xml
date: Sat, 18 Nov 2023 19:21:40 GMT
last-modified: Tue, 10 May 2022 19:43:03 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 13-28711008-28711093 PNYy RT(1700335298290 1243) q(0 0 0 -1) r(1 1) U24
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-service-icon.svg Show response
www.setf.com/-/media/images/benefits/setf/ Frame 3015 44 KB
13 KB 138ms
138ms Document
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-service-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

58dbc2b37d533d4f36ae46a226386c4a5b8051fe8d01950f52ba5d569705e632

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.setf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Service Icon.svg"
content-encoding: gzip
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
content-type: image/svg+xml
date: Sat, 18 Nov 2023 19:21:40 GMT
last-modified: Tue, 10 May 2022 19:43:31 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 13-28711008-28711069 PNYN RT(1700335298290 1244) q(0 0 0 -1) r(1 1) U24
x-xss-protection: 1; mode=block

GET
H2 200 animated-account-management-icon.svg Show response
www.setf.com/-/media/images/benefits/setf/ Frame 8667 37 KB
12 KB 142ms
142ms Document
image/svg+xml 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/-/media/images/benefits/setf/animated-account-management-icon.svg

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d2f0dd095b40e08f606c88fd19a049234bee9cc79f139ab3821a848feaf61a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.setf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=604800
content-disposition: inline; filename="Animated Account Management Icon.svg"
content-encoding: gzip
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
content-type: image/svg+xml
date: Sat, 18 Nov 2023 19:21:40 GMT
last-modified: Tue, 10 May 2022 19:43:19 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 13-28711008-28711013 PNYy RT(1700335298290 1245) q(0 0 0 -1) r(1 1) U24
x-xss-protection: 1; mode=block

GET
H2 200 19.3e0859120b4568288d6e.bundle.js Show response
www.setf.com/areas/SETF/Scripts/ 35 KB
9 KB 222ms
221ms Script
application/javascript 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.setf.com/areas/SETF/Scripts/19.3e0859120b4568288d6e.bundle.js

Requested by

Host: www.setf.com
URL: https://www.setf.com/areas/setf/scripts/main.bundle.js?v=1.0.8710.21748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.240.243 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1f8b3bed84ac7d93da91c732c00b866140223d572a4486dadb24adf18fa6351f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Nov 2023 12:08:48 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' https://apps.sitecore.net *.widen.net *.widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.google.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.clarity.ms *.cloudfront.net *.marker.io *.jquery.com *.kampyle.com *.force.com *.salesforceliveagent.com *.salesforce.com *.my.site.com *.my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.typekit.net *.mapbox.com *.kampyle.com *.force.com *.my.site.com *.my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com *.typekit.net data:; connect-src 'self' *.google.com *.googletagmanager.com *.google-analytics.com *.evgnet.com *.medallia.com *.billmatrix.com *.idoxs.net *.doubleclick.net *.luckyorange.net *.clarity.ms *.evergage.com *.kampyle.com *.marker.io *.shippingapis.com *.jquery.com *.my.site.com *.my.salesforce.com; child-src 'self' *.youtube.com *.medallia.com *.widen.net *.widencdn.net *.force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
etag: "0853ffa910da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 13-28711008-28711065 PNNy RT(1700335298290 1249) q(0 1 1 -1) r(2 2) U24
accept-ranges: bytes
content-length: 6897
x-xss-protection: 1; mode=block

GET
H2 200 _Incapsula_Resource
www.setf.com/ 1 B
49 B 26ms
25ms Image
text/plain 45.60.240.243
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.setf.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6964036514760827
Requested by: Host: www.setf.com
URL: https://www.setf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.240.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44e2f3c74eb712f8c97f59adffd9cb9a5c28577bf1f0a2d9930609d8d5a5a749

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 683c33692908038b7469ceb51271792227d3ecfc3e053b8768d64a79cd03d40c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ea1cd6e8b4155c709d3da59193b6e5be2cc5fab21d180e779b4bb33087924f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e362760c0e80628f958552bcb8499e6060c052288a5567828ae1b4fb26f25237

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 62ms
62ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YEQ7DB1334&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86NDHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e68eae23dc00a26d73c37139fc353221cc5e5083019295a664ecf6487f825a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 19:21:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 155ms
51ms Script
text/javascript 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86NDHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 18:19:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 20:19:43 GMT

GET
H2 200 ch0c8krbe6 Show response
www.clarity.ms/tag/ 650 B
1013 B 138ms
55ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ch0c8krbe6?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86NDHC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc0aab69c14a432d0bd0cdd628cfb4dde9720147f858e7adc013611b18c1d4ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Sat, 18 Nov 2023 19:21:40 GMT
x-azure-ref: 20231118T192140Z-fb5y7g797544h1rdephd0wwrac000000073g000000008dh3
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 93ms
38ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: www.setf.com
URL: https://www.setf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 648093
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEYM13WQE8T5885GKJDABNTN-mia
server: cloudflare
etag: W/"2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 828293ee1d3e3dd2-MIA

POST
H2 204 collect
www.google-analytics.com/g/ 0
160 B 75ms
74ms Ping
text/plain 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YEQ7DB1334&gtm=45je3b81v879827699z8813472719&_p=1700335300071&gcd=11l1l1l1l1&dma=0&cid=782819833.1700335301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700335300&sct=1&seg=0&dl=https%3A%2F%2Fwww.setf.com%2F&dt=Southeast%20Toyota%20Finance&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=%2F&ep.effective_connection_type=4g&ep.save_data=unknown&tfd=1677
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEQ7DB1334&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 19:21:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.setf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 53ms
53ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ch0c8krbe6?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:21:40 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231118T192140Z-fb5y7g797544h1rdephd0wwrac000000073g000000008dh6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5923cf30-301e-0010-705d-19ebb3000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 59ms
59ms XHR
text/plain 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=33848614&t=pageview&_s=1&dl=https%3A%2F%2Fwww.setf.com%2F&ul=en-us&de=UTF-8&dt=Southeast%20Toyota%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1898254992&gjid=1486375255&cid=782819833.1700335301&tid=UA-9371672-2&_gid=898688897.1700335301&_r=1&_slc=1&gtm=45He3b81n81N86NDHCv813472719&cd1=&cd6=Non%20authenticated&cd7=English&gcd=11l1l1l1l1&dma=0&z=705644079

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.setf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 19:21:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.setf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic1699892414932.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/24233/onsite/ 393 KB
85 KB 56ms
56ms Script
application/javascript 146.75.37.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/24233/onsite/generic1699892414932.js

Requested by

Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/24233/onsite/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.37.230 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c5c164a1796a32f4cb4984ec3b16f31481d285aebd29ef760bd6cbf484469adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: AZpFP.Xd2l553RmwLccQkTt5DohLKZE8
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Nov 2023 19:21:41 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: ZWQ3FZ97VES7DJJ5
age: 442883
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 87189
x-amz-id-2: 2eZuGe1tPifuANG20lCnlPoKso4FvBVa1qazyHlngP8fKGg7uJFoG5cXVJbJ+pQvhx7XzxypyoM=
x-served-by: cache-iad-kcgs7200040-IAD
last-modified: Mon, 13 Nov 2023 16:20:16 GMT
server: AmazonS3
x-timer: S1700335301.010685,VS0,VE2
etag: "95d55a248c615deb488669149e644cb1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&RedC=c.clarity.ms&MXFR=3129881718456B5A04139BDA1C456526
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&MUID=3502DB5164596E5B0F7AC89C65286FB5

42 B
443 B

57ms
57ms

Image
image/gif

20.125.209.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&MUID=3502DB5164596E5B0F7AC89C65286FB5
Protocol: H2
Server: 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 19:21:41 GMT
last-modified: Wed, 30 Aug 2023 19:01:59 GMT
server: Microsoft-IIS/10.0
etag: "3f4a4a7474dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 19:21:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 920335A7043A4C4183DAE38DAD4095FF Ref B: MIA301000107051 Ref C: 2023-11-18T19:21:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CE7180FCC5FB496A87B8A9B185D77BCC&MUID=3502DB5164596E5B0F7AC89C65286FB5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 51ms
51ms Image
image/gif 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=33848614&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.setf.com%2F&ul=en-us&de=UTF-8&dt=Southeast%20Toyota%20Finance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=%2F&el=1.8&ev=2&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=782819833.1700335301&tid=UA-9371672-2&_gid=898688897.1700335301&gtm=45He3b81n81N86NDHCv813472719&gcd=11l1l1l1l1&dma=0&z=1690339906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 18:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2802
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
292 B 277ms
113ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.setf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.setf.com
Date: Sat, 18 Nov 2023 19:21:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 164ms
59ms XHR
text/plain 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9371672-2&cid=782819833.1700335301&jid=1898254992&gjid=1486375255&_gid=898688897.1700335301&_u=YADAAEAAAAAAACAAI~&z=1033876264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.setf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Nov 2023 19:21:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.setf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 112ms
53ms Image
image/gif 35.241.45.82
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJTb3V0aGVhc3QgVG95b3RhIEZpbmFuY2UiLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy5zZXRmLmNvbS8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTcwMDMzNTMwMTE3MiIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IC0xMCwidXNlcl9pZCI6ICIxOGJlM2UxYjIyNTZhMi0wODhkZWI4MGNhYmZmZC02MTMyNWU1My0xZDRjMDAtMThiZTNlMWIyMjY4MGYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtd2VzdCIsImFjY291bnRJZCI6IDI0MjMxLCJ1cmwiOiAiaHR0cHM6Ly93d3cuc2V0Zi5jb20vIiwid2Vic2l0ZUlkIjogMjQyMzMsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjY0NGQtMjBmMi1iNmJmLTVmNDgtMThmNy02ZWFkLWNkOTUtNDMxZSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzAwMzM1MzAxMTY4Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE0NTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUzLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MDAzMzUzMDExNzIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.setf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-8fp6
date: Sat, 18 Nov 2023 19:21:41 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
292 B 49ms
48ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.setf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.setf.com
Date: Sat, 18 Nov 2023 19:21:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 59ms
59ms Ping
text/plain 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YEQ7DB1334&gtm=45je3b81v879827699z8813472719&_p=1700335300071&gcd=11l1l1l1l1&dma=0&cid=782819833.1700335301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1700335300&sct=1&seg=0&dl=https%3A%2F%2Fwww.setf.com%2F&dt=Southeast%20Toyota%20Finance&_s=2&tfd=6810
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YEQ7DB1334&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.setf.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 19:21:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.setf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.setf.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ljmqsidm1oklfaxxa1oigbzm
www.setf.com/	1970-01-21 01:54:55	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: ca22b5f5e21d4c6f8f40325611d95893\|False
www.setf.com/	1969-12-31 23:59:59	Name: SuccessfulLanguageUpdate Value:
www.setf.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: bJJtrWX5kz4zxV6MCnhYj1havZ9j-OzJBpeEMt9lNCDGLhnbGjDMcx7ZzmjaYoRMerCiAZOLFZTnlMfUkKLA2hb-DPRimpMGLY-tTq6Dk7w1
.setf.com/	1970-01-21 01:03:49	Name: visid_incap_2628824 Value: xPeVcWleRJuYm+Pl9qLdpsIOWWUAAAAAQUIPAAAAAADfbhWUi+6CHCw4hg5ome6+
.setf.com/	1969-12-31 23:59:59	Name: nlbi_2628824 Value: cPi8YNPNLxQA6qZsATxKuAAAAACUeTv7zHfoG0WHv/ajYAL+
.setf.com/	1969-12-31 23:59:59	Name: incap_ses_993_2628824 Value: J1z5RxkcM0XaYdw2WdnHDcMOWWUAAAAA6KBi99MaTF07e1Yey4N1WQ==
.setf.com/	1970-01-21 01:54:55	Name: _sfid_0c17 Value: {%22anonymousId%22:%22f79c2b510b754ab0%22}
.setf.com/	1970-01-21 01:54:55	Name: _evga_3277 Value: {%22uuid%22:%22f79c2b510b754ab0%22}
www.setf.com/	1970-01-20 16:29:00	Name: AWSALBTG Value: 2ryoJNZ8bkVK2N1+I2oLBNRD/uhcilcrZcVNh6nJnbol4d5dqYqLzXEQ4wdOcwiyL3lVz0hES8OINo90ibK3t0l96rZFuK7f+gQMhvs3AanAKa+xrm2qpNnZsOize1eU8q/y8B8ZRPePj5dy/d1NDr1zvSMi4RNFI7Nv3XupobjUc6M5nfY=
www.setf.com/	1970-01-20 16:29:00	Name: AWSALBTGCORS Value: 2ryoJNZ8bkVK2N1+I2oLBNRD/uhcilcrZcVNh6nJnbol4d5dqYqLzXEQ4wdOcwiyL3lVz0hES8OINo90ibK3t0l96rZFuK7f+gQMhvs3AanAKa+xrm2qpNnZsOize1eU8q/y8B8ZRPePj5dy/d1NDr1zvSMi4RNFI7Nv3XupobjUc6M5nfY=
www.setf.com/	1970-01-20 16:29:00	Name: AWSALB Value: i9D1aIyQOVyKeemxw9WBHeqi9S+BBOtVzzdr0xpM1QvebY7QkfEBdBmFTJDuoEn2/Btlu2QYS/ufB7Vj1lJ4ueeYF/cwk3EfuYuMz3v9QV0zerW/9K4SqsHMS66q
www.setf.com/	1970-01-20 16:29:00	Name: AWSALBCORS Value: i9D1aIyQOVyKeemxw9WBHeqi9S+BBOtVzzdr0xpM1QvebY7QkfEBdBmFTJDuoEn2/Btlu2QYS/ufB7Vj1lJ4ueeYF/cwk3EfuYuMz3v9QV0zerW/9K4SqsHMS66q
www.clarity.ms/	1970-01-21 01:04:31	Name: CLID Value: fe1de8cb32284b42a339906343bb034c.20231118.20241117
.setf.com/	1970-01-21 01:04:31	Name: _clck Value: 3tj897%7C2%7Cfgt%7C0%7C1417
.setf.com/	1970-01-21 01:54:55	Name: _ga Value: GA1.2.782819833.1700335301
.setf.com/	1970-01-20 16:20:21	Name: _gid Value: GA1.2.898688897.1700335301
.setf.com/	1970-01-20 16:18:55	Name: _gat_UA-9371672-2 Value: 1
.setf.com/	1970-01-21 01:54:55	Name: _ga_YEQ7DB1334 Value: GS1.1.1700335300.1.0.1700335301.0.0.0
www.setf.com/	1970-01-21 01:04:31	Name: mdLogger Value: false
www.setf.com/	1970-01-21 01:04:31	Name: kampyle_userid Value: 644d-20f2-b6bf-5f48-18f7-6ead-cd95-431e
www.setf.com/	1970-01-21 01:04:31	Name: kampyleUserSession Value: 1700335301168
www.setf.com/	1970-01-21 01:04:31	Name: kampyleUserSessionsCount Value: 1
www.setf.com/	1970-01-21 01:04:31	Name: kampyleSessionPageCounter Value: 1
.bing.com/	1970-01-21 01:40:31	Name: MUID Value: 3502DB5164596E5B0F7AC89C65286FB5
.c.bing.com/	1970-01-20 16:29:00	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:40:31	Name: SRM_B Value: 3502DB5164596E5B0F7AC89C65286FB5
.setf.com/	1970-01-20 16:20:21	Name: _clsk Value: rotp43%7C1700335301343%7C1%7C1%7Cv.clarity.ms%2Fcollect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:40:31	Name: MUID Value: 3502DB5164596E5B0F7AC89C65286FB5
.c.clarity.ms/	1970-01-20 16:29:00	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:18:55	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://apps.sitecore.net .widen.net .widencdn.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .google-analytics.com .google.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .clarity.ms .cloudfront.net .marker.io .jquery.com .kampyle.com .force.com .salesforceliveagent.com .salesforce.com .my.site.com .my.salesforce.com https://unpkg.com; img-src 'self' data: http: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com .typekit.net .mapbox.com .kampyle.com .force.com .my.site.com .my.salesforce.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com .typekit.net data:; connect-src 'self' .google.com .googletagmanager.com .google-analytics.com .evgnet.com .medallia.com .billmatrix.com .idoxs.net .doubleclick.net .luckyorange.net .clarity.ms .evergage.com .kampyle.com .marker.io .shippingapis.com .jquery.com .my.site.com .my.salesforce.com; child-src 'self' .youtube.com .medallia.com .widen.net .widencdn.net .force.com; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.evgnet.com
p.typekit.net
resources.digital-cloud-west.medallia.com
stats.g.doubleclick.net
udc-neb.kampyle.com
unpkg.com
use.typekit.net
v.clarity.ms
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.setf.com
146.75.37.230
151.101.0.114
20.114.189.135
20.125.209.212
2600:1408:c400:2b::17de:4cc
2600:1408:c400:2b::17de:4d4
2606:4700::6810:7daf
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::61
2607:f8b0:4004:c1d::8a
2620:1ec:bdf::40
2620:1ec:c11::200
35.241.45.82
45.60.240.243
0d2f0dd095b40e08f606c88fd19a049234bee9cc79f139ab3821a848feaf61a3
110acec63c257f1019a8b2faae468f20b280945296d9d5faa70669f696d5bb27
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f8b3bed84ac7d93da91c732c00b866140223d572a4486dadb24adf18fa6351f
2a07c08a144426085b4c24717eb529693613289682e7a01a6ed1caaee7a19c8a
3ba3bed9a5a910e1d85de133a23c1bcaff42484ff04a67f5fa620b68cf4cfc2c
3e86dc1a9f1d417d670c6d085d3cc24546e35371775fa980033b5a694e1c84a9
42ea1cd6e8b4155c709d3da59193b6e5be2cc5fab21d180e779b4bb33087924f
44e2f3c74eb712f8c97f59adffd9cb9a5c28577bf1f0a2d9930609d8d5a5a749
4b398b6e47bddc78f550b82fe9fb4017050967802afec4469628ab57df1c4717
526fbc46d7a83cf53f0e4bafcf4f2cf6a0291b0de72b193ad356f9b24f28e278
58dbc2b37d533d4f36ae46a226386c4a5b8051fe8d01950f52ba5d569705e632
596418713ac119ccbd4699b7e2aca667eaed86875721bcfb2031c45a8408f0a3
5e9fb32a34a85c56294c8de444369dcbcb36e04f926b04dd203329c251c85081
678c760e5775479a6a6c6d1faaddaad4d9716abeb937f240bc421494ec75c17a
683c33692908038b7469ceb51271792227d3ecfc3e053b8768d64a79cd03d40c
6b099015dcb6b2be3a0a35c8eeef1a716e6c44938dcf11d091a513c3bb08bc8d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
706e4539433aa6fbd6573df9c5a216ffb239786252cf69312a6ce785766baac2
77fa41279bd76f8b1353bacbac58b59dc72d7e74f3a7f929c1b13261dc255660
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
807846fb2cea346123b73d0398f993d86a5596affafcff0d12c57fe62b358a01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8860efbf7bc6382ab880d5f46efa8e2c449c219081832984aa1e57eef55246f3
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e68eae23dc00a26d73c37139fc353221cc5e5083019295a664ecf6487f825a0
a9205ccce9892c91011fa72597c8d65c4f7014c1d3a9fb5179f721186c952377
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b166e185ee91ad4267e5da17736994c5c3ab2633fb09cd4d09bf5b28149c5e84
b2145c53394c670fa5ca35b31593cc90b0d5949eaec6f50b215992d3c85eea9a
b942eed163cdb44aa4b80ebf3d38792073e99e3dbe3869793f1dbbc36fac9a23
b99ecb06cb7e0104c1275a217955f9bd3484e35c5ab0177cd29f314c4e9b1f24
bff25d30a567a3a9a9e76463dbb2b562f4254979e8d2de5056f12d443d481618
c5c164a1796a32f4cb4984ec3b16f31481d285aebd29ef760bd6cbf484469adc
dbfaa5cf90c9e9330ce0a84e9b797297f6f126e0fd0a949bd9d12a7b591cec8f
dc0aab69c14a432d0bd0cdd628cfb4dde9720147f858e7adc013611b18c1d4ab
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e362760c0e80628f958552bcb8499e6060c052288a5567828ae1b4fb26f25237
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4004d1e0abb854ac10ad894d1947c38898aa69957a3aa1a1e262d3fc65448f1
f40c10f6daaafbad865210f77130489c34d06ccf80f2fcef3edc9af142ddac99
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f75dae39e181853d32ac6b0589df17a95cd465256547cee3556b42833beab9a5

www.setf.com Open in urlscan Pro 45.60.240.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

57 %IPv6

11 Domains

14 Subdomains

14 IPs

1 Countries

2319 kBTransfer

4626 kBSize

32 Cookies

6 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.setf.com Open in urlscan Pro
45.60.240.243 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

14
IPs

1
Countries

2319 kB
Transfer

4626 kB
Size

32
Cookies

50 HTTP transactions
4 data transactions