www.carmax.com Open in urlscan Pro
2a02:26f0:280:184::1c4e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.carmax.com/car/24818774
Submission: On November 19 via api (November 19th 2023, 1:41:23 am UTC) from US — Scanned from DE

Summary HTTP 205 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 27 domains to perform 205 HTTP transactions. The main IP is 2a02:26f0:280:184::1c4e, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.carmax.com. The Cisco Umbrella rank of the primary domain is 52161.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 14th 2023. Valid for: a year.

This is the only time www.carmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	2a02:26f0:280... 2a02:26f0:280:184::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.24.153.248 52.24.153.248	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:280... 2a02:26f0:280:48b::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	34.242.172.171 34.242.172.171	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.214 63.140.62.214	16509 (AMAZON-02) (AMAZON-02)
1 1	3.248.147.241 3.248.147.241	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.126 66.235.152.126	15224 (OMNITURE) (OMNITURE)
14	2a02:26f0:280... 2a02:26f0:280:194::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:280... 2a02:26f0:280:29a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:224... 2600:9000:2240:e400:1:fb61:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	95.101.54.225 95.101.54.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.235.87.133 185.235.87.133	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.235.87.175 185.235.87.175	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2	3.123.116.199 3.123.116.199	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.149.99 95.101.149.99	16625 (AKAMAI-AS) (AKAMAI-AS)
205	38

64 2a02:26f0:280:184::1c4e (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img2.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.153.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-153-248.us-west-2.compute.amazonaws.com

ethn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:280:48b::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217990f.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.242.172.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-172-171.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
carmaxbusinessservicesllc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-214.data.adobedc.net

carmax.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.147.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.126 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-126.data.adobedc.net

carmax.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:280:194::1c4e (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img2.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:280:29a::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:e400:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ping.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.225 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-225.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dnacdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.235.87.133 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ag.gbc.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.235.87.175 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gem.gbc.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.116.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-116-199.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-99.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	carmax.com www.carmax.com — Cisco Umbrella Rank: 52161 img2.carmax.com — Cisco Umbrella Rank: 57028	2 MB
16	qualtrics.com zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com — Cisco Umbrella Rank: 71531 siteintercept.qualtrics.com — Cisco Umbrella Rank: 985 sjc1.qualtrics.com — Cisco Umbrella Rank: 10613	78 KB
14	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	169 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	2 KB
12	google.de www.google.de — Cisco Umbrella Rank: 6862	1 KB
12	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	12 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	588 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
6	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4133 gum.criteo.com — Cisco Umbrella Rank: 454 ag.gbc.criteo.com — Cisco Umbrella Rank: 4888 gem.gbc.criteo.com — Cisco Umbrella Rank: 4915 mug.criteo.com — Cisco Umbrella Rank: 2926	27 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2176 rs.fullstory.com — Cisco Umbrella Rank: 2183	93 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2589 wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2588 fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	265 B
3	pdst.fm ping.pdst.fm — Cisco Umbrella Rank: 23442	119 B
3	omtrdc.net carmax.sc.omtrdc.net — Cisco Umbrella Rank: 66077 carmax.tt.omtrdc.net — Cisco Umbrella Rank: 68545	6 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 carmaxbusinessservicesllc.demdex.net — Cisco Umbrella Rank: 82129	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	4 KB
2	agkn.com d.agkn.com — Cisco Umbrella Rank: 755	1 KB
2	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2651	576 B
2	dnacdn.net dnacdn.net — Cisco Umbrella Rank: 3424	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 654	53 KB
1	akstat.io 0217990f.akstat.io — Cisco Umbrella Rank: 66941	202 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	402 B
1	levelaccess.net cdn.levelaccess.net — Cisco Umbrella Rank: 15952 api.levelaccess.net Failed	62 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275	517 B
1	ethn.io ethn.io — Cisco Umbrella Rank: 41343	657 B
205	27

	Domain	Requested by
49	www.carmax.com	www.carmax.com
29	img2.carmax.com	www.carmax.com
14	assets.adobedtm.com	www.carmax.com assets.adobedtm.com
13	siteintercept.qualtrics.com	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com edge.fullstory.com siteintercept.qualtrics.com
12	www.google.de	www.carmax.com
11	www.google.com	2 redirects www.carmax.com
10	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
8	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
7	bat.bing.com	www.carmax.com bat.bing.com
4	www.facebook.com
3	ping.pdst.fm
3	rs.fullstory.com	s.go-mpulse.net edge.fullstory.com
3	edge.fullstory.com	www.carmax.com edge.fullstory.com rs.fullstory.com
3	www.google-analytics.com	assets.adobedtm.com www.google-analytics.com
2	sjc1.qualtrics.com	cdn.levelaccess.net
2	www.googleadservices.com	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	d.agkn.com
2	pt.ispot.tv
2	dnacdn.net	gum.criteo.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	connect.facebook.net	www.carmax.com connect.facebook.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	carmax.sc.omtrdc.net	assets.adobedtm.com
2	dpm.demdex.net	assets.adobedtm.com www.carmax.com
1	0217990f.akstat.io	s.go-mpulse.net
1	mug.criteo.com
1	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	www.carmax.com
1	pagead2.googlesyndication.com	edge.fullstory.com
1	gem.gbc.criteo.com	gum.criteo.com
1	ag.gbc.criteo.com	gum.criteo.com
1	fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	dynamic.criteo.com	assets.adobedtm.com
1	cdn.levelaccess.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	carmax.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	carmaxbusinessservicesllc.demdex.net	assets.adobedtm.com
1	s.go-mpulse.net	www.carmax.com
1	ethn.io	www.carmax.com
0	api.levelaccess.net Failed	edge.fullstory.com
205	44

This site contains links to these domains. Also see Links.

Domain
www4.carmax.com
careers.carmax.com
facebook.com
twitter.com
socialresponsibility.carmax.com
foundation.carmax.com
media.carmax.com
investors.carmax.com

Subject Issuer	Validity	Valid
www.carmax.com GeoTrust RSA CA 2018	`2023-11-14` - `2024-11-05`	a year	crt.sh
*.ethn.io R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-28` - `2023-11-26`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
cdn.levelaccess.net Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
ping.pdst.fm GTS CA 1D4	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
dnacdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-24` - `2023-12-17`	3 months	crt.sh
*.gbc.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-14` - `2023-12-17`	3 months	crt.sh
*.ispot.tv R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.carmax.com/car/24818774
Frame ID: 00D903DF6ADEA888A68A8BC107FBA6D5
Requests: 202 HTTP requests in this frame

Frame: https://carmaxbusinessservicesllc.demdex.net/dest5.html?d_nsid=0
Frame ID: 38DACEEBD341C09CB2150ADDB05FA602
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag
Frame ID: 33DA53F243248B18D9BABE27A2A605F4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Used 2022 Audi Q5 Plug-in Hybrid in Phoenix, AZ | CarMaxChat Bubble Icon

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

205
Requests

95 %
HTTPS

55 %
IPv6

27
Domains

44
Subdomains

38
IPs

6
Countries

3140 kB
Transfer

9034 kB
Size

43
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www4.carmax.com/account/summary
Title: Make a payment

Search URL Search Domain Scan URL

URL: https://careers.carmax.com/us/en/
Title: Search jobs at CarMax

Search URL Search Domain Scan URL

URL: https://facebook.com/carmax
Title: CarMax Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/carmax
Title: CarMax Twitter

Search URL Search Domain Scan URL

URL: https://socialresponsibility.carmax.com/
Title: Social responsibility

Search URL Search Domain Scan URL

URL: https://foundation.carmax.com/
Title: CarMax Foundation

Search URL Search Domain Scan URL

URL: http://media.carmax.com/
Title: Media center

Search URL Search Domain Scan URL

URL: http://investors.carmax.com/
Title: Investor relations

Search URL Search Domain Scan URL

URL: https://careers.carmax.com/us/en
Title: Search Jobs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cm.everesttech.net/cm/dd?d_uuid=73689830128223699064230799168752985772 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVlnuwAAANsaPwNn

Request Chain 116

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pcosp8w96 HTTP 302
https://wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 117

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pcosp8w96 HTTP 302
https://fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 139

https://gum.criteo.com/sid/json?origin=onetag&domain=carmax.com&sn=EdgeSyncframe&so=0&topUrl=www.carmax.com&info=ZG64y19uUEVHN2FndlZXaiUyQm5hSlg1cWdESG1OU0djQjUwU29hMTFLMGMwUEhmOFpGQ3Nrc2JoanhQQyUyQkE1MkZVR2tRRkd6c083ViUyRmxwamR4Z2J4RVByVUQ0dyUzRCUzRA&idsd=1590673329,886013331&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yamSdnwrTXFBeVQvdkhyTW01ZlNyMnI0eXBFbkZBTGNFV3VnSHpmVDFjek91cmVFdXkyWkxIRDY1aWUxeEpPckd2QzZjK3RqbjNtT05BK3RydVg1SEJ1VE5GQVU0QlFCbFJOMGw4djB5QTUrQWVwOEJyMVRpVkNQYnhCMEdjSm5sT21CYlNnOXlPSEdvZzJCSzJkaHlnQ2JEaGxGSWkwZFBzT2FuWkFqN1VIOEhWb0hDbURZSmJ0WU5TVlN0ZUdod0xXdk9kQVg5RmZsZ1ZlR2xyaHhJMmpNR29oU2IrUjM1ZEtNSjE3Q0xpZWZLb0JIRFZUMUEzaks5bGtNYU10ZXJEMnlGdkZqK05SLzIwK2QvVTVRamhZL0pSTEJGaTJBdHFoSysrV1MwOXZlWmxHeGQyMjZqQlorK3k2bEt2L045TFl0K0NubTRudGM5VXdaSFU0Qkd5NkRzNEE9PXw&cppv=2

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=vmdZZe7WA6GrjuwPqvCn0Ak&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU2SFZSTEl2YksxSHRvQzMwNTZwRlFyMkxLTGFta0w1TW1ObGN2Y0hGN0k0YVplZVZtOS1SN0g0dyITCO6t77n3zoIDFaGVgwcdKvgJmg HTTP 302
https://www.google.com/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU2SFZSTEl2YksxSHRvQzMwNTZwRlFyMkxLTGFta0w1TW1ObGN2Y0hGN0k0YVplZVZtOS1SN0g0dyITCO6t77n3zoIDFaGVgwcdKvgJmg&is_vtc=1&ocp_id=vmdZZe7WA6GrjuwPqvCn0Ak&cid=CAQSKQDICaaNmXzScOwZBJJFxp3Xx9CU3YOyzPOKrrCZfaFAgadO5F9Fp7eX&random=1875806188 HTTP 302
https://www.google.de/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU2SFZSTEl2YksxSHRvQzMwNTZwRlFyMkxLTGFta0w1TW1ObGN2Y0hGN0k0YVplZVZtOS1SN0g0dyITCO6t77n3zoIDFaGVgwcdKvgJmg&is_vtc=1&ocp_id=vmdZZe7WA6GrjuwPqvCn0Ak&cid=CAQSKQDICaaNmXzScOwZBJJFxp3Xx9CU3YOyzPOKrrCZfaFAgadO5F9Fp7eX&random=1875806188&ipr=y

Request Chain 174

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=vmdZZYXTBuyLjuwPsJuLuAI&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU1QVlXempvQmx1c0pwSzBSZU5JZ1VyU0ZOai1ZQzFncDRkYWZ4OTJqYllZVmRmUUtFYllEWFBBUSITCIWq8rn3zoIDFeyFgwcdsM0CJw HTTP 302
https://www.google.com/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU1QVlXempvQmx1c0pwSzBSZU5JZ1VyU0ZOai1ZQzFncDRkYWZ4OTJqYllZVmRmUUtFYllEWFBBUSITCIWq8rn3zoIDFeyFgwcdsM0CJw&is_vtc=1&ocp_id=vmdZZYXTBuyLjuwPsJuLuAI&cid=CAQSKQDICaaNG79Ep-vwe0Q6v_YtqOqYiaPivd-etzguNUXmaIZF4n8cl8hh&random=2055907983 HTTP 302
https://www.google.de/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU1QVlXempvQmx1c0pwSzBSZU5JZ1VyU0ZOai1ZQzFncDRkYWZ4OTJqYllZVmRmUUtFYllEWFBBUSITCIWq8rn3zoIDFeyFgwcdsM0CJw&is_vtc=1&ocp_id=vmdZZYXTBuyLjuwPsJuLuAI&cid=CAQSKQDICaaNG79Ep-vwe0Q6v_YtqOqYiaPivd-etzguNUXmaIZF4n8cl8hh&random=2055907983&ipr=y

205 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 24818774 Show response
www.carmax.com/car/ 41 KB
43 KB 727ms
504ms Document
text/html 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

516a10a1a98426126703d6942ff9e95c238b3fdc8a89a999a3d332ebd67dc2cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 19 Nov 2023 01:41:15 GMT
etag: "0x8DBE7927D8D772E"
last-modified: Fri, 17 Nov 2023 17:27:36 GMT
server-timing: cdn-cache; desc=MISS edge; dur=454 origin; dur=25 ak_p; desc="1700358074643_34830168_355208568_47836_14702_9_166_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
timing-allow-origin: *
x-akamai-transformed: 9 36709 0 pmb=mTOE,3mRUM,2
x-azure-ref: 0u2dZZQAAAAAHrh3Gcu1gSo0O6/WtejhcQ0gxQUEyMDIwNjA4MDUzADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ms-request-id: af8e6db3-601e-0012-7c89-1ab34f000000
x-ms-version: 2018-03-28

GET
H2 200 hero.jpg
img2.carmax.com/assets/24818774/ 45 KB
46 KB 557ms
500ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/hero.jpg?width=800&height=450

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

95f298838656f771c9a5e1d01448f475457afe9f83b212e8e01fdd1d50165641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 03:36:16 GMT
x-serial: 1681
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 46392
expires: Mon, 20 Nov 2023 01:41:15 GMT

GET
H2 200 main.js Show response
www.carmax.com/shared/saved-vehicles/saved-vehicles/full/js/ 71 KB
15 KB 33ms
32ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/saved-vehicles/saved-vehicles/full/js/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3cbea6ff8454ef59cee1bc5705f8bb0a0af11768b82a787076ccdd73c48c2fdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075330_34830168_355208644_77_8091_10_0_146";dur=1
content-length: 14689
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 09 Nov 2023 05:56:41 GMT
etag: "0x8D9D5DEE7B92A4C"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 lato-v16-latin-regular.woff2
www.carmax.com/shared/fonts/ 23 KB
23 KB 30ms
29ms Font
font/woff2 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 16 Nov 2023 20:19:50 GMT
etag: "0x8DBE6E163286EEF"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075319_34830168_355208640_30_9580_9_0_219";dur=1
timing-allow-origin: *
content-length: 23484
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 CarMaxSharpSansDisp-Bold.woff2
www.carmax.com/shared/fonts/ 51 KB
51 KB 20ms
20ms Font
font/woff2 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 16 Nov 2023 20:19:48 GMT
etag: "0x8DBE6E161F76E66"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075319_34830168_355208641_27_9175_9_0_219";dur=1
timing-allow-origin: *
content-length: 52120
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 lato-v16-latin-700.woff2
www.carmax.com/shared/fonts/ 22 KB
23 KB 35ms
34ms Font
font/woff2 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 16 Nov 2023 20:19:49 GMT
etag: "0x8DBE6E1628DF325"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075330_34830168_355208643_75_9403_10_0_219";dur=1
timing-allow-origin: *
content-length: 22992
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 main.css
www.carmax.com/shared/header-footer/full/css/ 79 KB
9 KB 19ms
18ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/css/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d4b124128dd18d9fe9746aba0ced6031f943e26f2779d5cc135e7e32ffd220b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075351_34830168_355208650_30_8312_9_0_255";dur=1
content-length: 8347
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 16 Nov 2023 20:29:24 GMT
etag: "0x8DBE6E16902E8D2"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 vendor.0b153b48.css
www.carmax.com/car/assets/styles/ 39 KB
7 KB 30ms
29ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/vendor.0b153b48.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abb523f8650a0b0749ae89e77c592ea2724a9d6671212d58fca7255c34501b1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 71BcSpHIyMiXZjFpPpcRKQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075360_34830168_355208652_93_9407_9_0_255";dur=1
content-length: 6902
last-modified: Fri, 17 Nov 2023 17:32:39 GMT
etag: "0x8DBE790A5C92AC9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173238Z-74r9ay984h1treq000z97m2wnc00000003sg00000001118q
x-ms-request-id: 06f37f50-f01e-002f-457c-19c554000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.0fa5e6f6.css
www.carmax.com/car/assets/styles/ 34 KB
6 KB 31ms
30ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/main.0fa5e6f6.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2ebd801e1e99f79130ae3445342361c89c54737405161ca83e3d87bc4356e1ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: UEenRBIqXmsya5w10B/n7w==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075360_34830168_355208654_92_9393_9_0_255";dur=1
content-length: 5561
last-modified: Fri, 17 Nov 2023 17:31:14 GMT
etag: "0x8DBE790A5E4C505"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173113Z-9xvesn61pd691frwrut0rn5xbn000000011g00000002ca15
x-ms-request-id: 17f113e4-501e-0044-1b7b-1942a0000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 58dc05a4 Show response
www.carmax.com/akam/13/ 26 KB
10 KB 42ms
40ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/58dc05a4

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

217a344e2f0cfd12cdabf715cf79d67fc081950d1d66a71c6b53fb04bcc11c8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 09 Feb 2022 15:10:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "4d1eb49a3dbb2aa5317356e1cda953ed20d4230f76680e830956f90356b73f29"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
server-timing: cdn-cache; desc=HIT, edge; dur=17, origin; dur=0, ak_p; desc="1700358075390_34830168_355208660_1855_6312_9_0_146";dur=1
timing-allow-origin: *
content-length: 8814

GET
H2 200 main.js Show response
www.carmax.com/shared/header-footer/full/js/ 169 KB
33 KB 38ms
36ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/js/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3b841de4d53904ebc19e520a4c742a5f050ef329c465a806f4f99aad3038db9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208661_230_10315_9_0_146";dur=1
content-length: 32849
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 16 Nov 2023 20:34:50 GMT
etag: "0x8DBE6E1696963ED"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 pannellum.js Show response
www.carmax.com/car/assets/scripts/ 90 KB
19 KB 40ms
39ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/pannellum.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf0c411f714a04aa04ddfb95f17dc6f71b9e2737807a06de756e096cba4b18c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: bsGT/2FUZrXnvI8QT5C8nA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208662_262_10223_9_0_146";dur=1
content-length: 18374
last-modified: Fri, 17 Nov 2023 18:13:32 GMT
etag: "0x8DBE7909AFE3815"
vary: Accept-Encoding
x-azure-ref: 0S61XZQAAAAA75ENDbIUhSrSTTudp1pGzU0pDMjExMDUxMjAyMDMxADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: 521639dc-d01e-0071-1081-199429000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 43718.js Show response
ethn.io/ 0
657 B 1062ms
191ms Script
text/javascript 52.24.153.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ethn.io/43718.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.24.153.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-153-248.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

X-Runtime: 0.003602
Date: Sun, 19 Nov 2023 01:41:16 GMT
Strict-Transport-Security: max-age=0;
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Server: nginx
X-Download-Options: noopen
Content-Type: text/javascript
Cache-Control: no-cache
Feature-Policy: camera 'none'; geolocation 'none', microphone *
Connection: keep-alive
Content-Length: 0
X-Request-Id: 784273c0-e9b1-4192-9035-d68fa4479422

GET
H2 200 runtime.9ed0f83f.js Show response
www.carmax.com/car/assets/scripts/ 4 KB
2 KB 40ms
39ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d2aadb028c6e3981a4c1b1144d1a3e56537ed67f57cde5a3fb22c59ef7ce9e40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 8LsO2USaamd83dVXgM4t0Q==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208663_272_10204_9_0_146";dur=1
content-length: 1606
last-modified: Fri, 17 Nov 2023 17:36:40 GMT
etag: "0x8DBE790A5CD21C6"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173639Z-cwqb4a2xwx24z5wt3g31uc31bg00000001r000000000ub5x
x-ms-request-id: d6457b2a-401e-0058-107c-1910c0000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vendor.670c5c31.chunk.js Show response
www.carmax.com/car/assets/scripts/ 3 MB
560 KB 41ms
40ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2cc63c5023ca2118a2eb4c766dbdba70501eaf47a061356c13187b21b0b49ee0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: c+ojYjgLxtICF2LjStFUKw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208664_307_9874_9_0_146";dur=1
content-length: 572818
last-modified: Fri, 17 Nov 2023 17:31:02 GMT
etag: "0x8DBE790A61B0F3D"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173052Z-34arc9ap7h0sx3s4wp5crwypgn00000000hg000000026hmk
x-ms-request-id: 6ba97aed-201e-003c-227b-19e158000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.1077e900.chunk.js Show response
www.carmax.com/car/assets/scripts/ 135 KB
30 KB 51ms
50ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/main.1077e900.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47dc3774f8b59c2ee0c4d398fd51c248ddde4c6bfc6ff44004b98ed3bba24d7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: yQH/NI7tE3p6Ir1vd3VzVg==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208665_279_9854_9_0_146";dur=1
content-length: 30537
last-modified: Fri, 17 Nov 2023 17:30:30 GMT
etag: "0x8DBE790A5AAD1CB"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173029Z-74r9ay984h1treq000z97m2wnc00000003q0000000012z5x
x-ms-request-id: 346aebc2-801e-0078-117b-196b67000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BpYMX4B Show response
www.carmax.com/ns5COyAr/KTnRHHJ/2ZI5BC_/at/h1rakSz3bY/Lg88Mg/SDxjI/ 214 KB
80 KB 23ms
23ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/ns5COyAr/KTnRHHJ/2ZI5BC_/at/h1rakSz3bY/Lg88Mg/SDxjI/BpYMX4B

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Aug 2023 16:14:35 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "3dd9706bc878d2fa9f052a144bb312c0c70d7e9f11e8c527926ae3f932d6c897"
stored-attribute-sha-checksum: 5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075360_34830168_355208655_49_4248_9_0_182";dur=1
timing-allow-origin: *
content-length: 81453

GET
H2 200 G44P5-SQM6J-DDMWR-2C333-A6FEA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 50ms
13ms Script
application/javascript 2a02:26f0:280:48b::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24818774
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:280:48b::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Thu, 19 Oct 2023 18:23:34 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b44fec7e955719cd5a13d47130d55d9135ffcb16081d91fa30703b0ce4f94248

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml

GET
H2 200 launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js Show response
assets.adobedtm.com/ 649 KB
145 KB 22ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24818774
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 833250ee80557d6cbeb0b7b807b34449b49022f525b205b7028a34464df2fe39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:44 GMT
server: AkamaiNetStorage
etag: "07131dd5096ca921065ed2dfc779de7d:1700162624.617463"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 147924
expires: Sun, 19 Nov 2023 02:41:15 GMT

GET
H2 200 main.css
www.carmax.com/shared/saved-vehicles/saved-vehicles/full/css/ 17 KB
3 KB 51ms
51ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/saved-vehicles/saved-vehicles/full/css/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

333db8b1e78f48c5ef193ce6a8974cf3fc71b152b402e62231a993a8aaf174f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075390_34830168_355208666_237_11630_9_0_109";dur=1
content-length: 2939
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Fri, 10 Nov 2023 13:22:38 GMT
etag: "0x8D9D5DEE7493B08"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

POST
H2 201 BpYMX4B Show response
www.carmax.com/ns5COyAr/KTnRHHJ/2ZI5BC_/at/h1rakSz3bY/Lg88Mg/SDxjI/ 18 B
937 B 371ms
371ms XHR
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/ns5COyAr/KTnRHHJ/2ZI5BC_/at/h1rakSz3bY/Lg88Mg/SDxjI/BpYMX4B

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/ns5COyAr/KTnRHHJ/2ZI5BC_/at/h1rakSz3bY/Lg88Mg/SDxjI/BpYMX4B

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: bdb579ab-3691-4764-870b-cbbfdde52bf5
server-timing: edge; dur=13, origin; dur=343, cdn-cache; desc=MISS, ak_p; desc="1700358075455_34830168_355208683_35493_5333_12_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 23:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 19 Nov 2023 01:49:38 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 384 B
927 B 188ms
31ms XHR
application/json 34.242.172.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=0C1038B35278345B0A490D4C%40AdobeOrg&d_nsid=0&ts=1700358075527

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.242.172.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-172-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

eb3994fea47eb24459824a4afe2e793fba5a069713cee494b226449b6ccaa645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-039b58785.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: +jY6SfvqRd4=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 321
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12463
expires: Sun, 19 Nov 2023 02:41:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sun, 19 Nov 2023 02:41:15 GMT

GET
H2 200 RC3b64dcef9ed34ef3824e4c8988dacf20-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 568 B
598 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC3b64dcef9ed34ef3824e4c8988dacf20-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b0160caebe5e5f1cd977a8b184b4e718e6bea75fc1af5d08e031d83bac41059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 341
expires: Sun, 19 Nov 2023 02:41:15 GMT

GET
H2 200 22.b2feab45.chunk.js Show response
www.carmax.com/car/assets/scripts/ 233 B
1 KB 21ms
21ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/22.b2feab45.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

63e2c966d1ae68a7110c2ab35afa67d479b9ed6c7b1825c6c73df21d1f6b5b49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 6eW+FZG6ldulGbfYdSonTQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075702_34830168_355208734_67_10121_12_0_146";dur=1
content-length: 163
last-modified: Fri, 17 Nov 2023 17:36:18 GMT
etag: "0x8DBE790A5E62457"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173617Z-sz27rgzd4d03bcdngk244u556400000003f000000000tsum
x-ms-request-id: 78d69810-901e-005b-4f7c-19f1a4000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dest5.html Show response
carmaxbusinessservicesllc.demdex.net/ Frame 38DA 7 KB
3 KB 62ms
30ms Document
text/html 34.242.172.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://carmaxbusinessservicesllc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.242.172.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-172-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 19 Nov 2023 01:41:15 GMT
dcs: dcs-prod-irl1-1-v054-0752fc470.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 17 Nov 2023 11:52:54 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: Rn4rePz8RYc=

GET
H2 200 id Show response
carmax.sc.omtrdc.net/ 2 B
267 B 65ms
21ms XHR
application/x-javascript 63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://carmax.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0C1038B35278345B0A490D4C%40AdobeOrg&mid=76955742309912890853907182263057701411&ts=1700358075745

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.carmax.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZVlnuwAAANsaPwNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73689830128223699064230799168752985772
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVlnuwAAANsaPwNn

42 B
717 B

31ms
31ms

Image
image/gif

34.242.172.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVlnuwAAANsaPwNn

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Server

34.242.172.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-172-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 6cxCak9iR0w=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVlnuwAAANsaPwNn
Date: Sun, 19 Nov 2023 01:41:15 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
carmax.tt.omtrdc.net/rest/v1/ 17 KB
6 KB 137ms
43ms XHR
application/json 66.235.152.126
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://carmax.tt.omtrdc.net/rest/v1/delivery?client=carmax&sessionId=cde646343700450e965d5b974e78b100&version=2.5.0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.126 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-126.data.adobedc.net

Software

jag /

Resource Hash

a576ff585ca1ffac14047edced97046b1acd1792d3cc7480996cd114010e4eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

date: Sun, 19 Nov 2023 01:41:15 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: ddd465ae-d470-4733-b303-30f2d932f259

GET
H2 204 2022 Show response
www.carmax.com/car/api/reviews/Audi/Q5%20Plug-in%20Hybrid/ 0
386 B 318ms
317ms Fetch 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/reviews/Audi/Q5%20Plug-in%20Hybrid/2022

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
api-supported-versions: 1.0
x-frame-options: sameorigin
server-timing: cdn-cache; desc=MISS, edge; dur=141, origin; dur=157, ak_p; desc="1700358075796_34830168_355208750_29693_10001_9_0_219";dur=1
timing-allow-origin: *
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 featuretoggles Show response
www.carmax.com/car/api/ 156 B
963 B 880ms
879ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/featuretoggles

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

26e50f8a6a45d6d191599abd236c53ff9aaeec5841bd3eacff2e20a0308ab9f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=841, origin; dur=6, ak_p; desc="1700358075807_34830168_355208752_84590_11084_9_0_219";dur=1
timing-allow-origin: *
content-length: 214
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 404 low Show response
www.carmax.com/myaccount/token/svc/cookie/validate/ 33 B
834 B 280ms
280ms Fetch
text/plain 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/myaccount/token/svc/cookie/validate/low

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fb4b0288e6a42913d8d814e8231e35138e3d785c1ed7320a87f5a923f0c44225

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-azure-ref: 0u2dZZQAAAAACtJ1khE3RTIBtz9GrpFhfQ0gxQUEyMDIwNjA5MDE3ADI4YTlmNjhhLWNkNDctNDlmNy1iODBiLTZlM2EwZmU0NzgxYw==
x-frame-options: sameorigin
content-type: text/plain; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=182, origin; dur=66, ak_p; desc="1700358075807_34830168_355208753_24779_11056_9_0_219";dur=1
timing-allow-origin: *
content-length: 33
request-context: appId=cid-v1:4fdfc076-2449-414b-ad51-c84addcf8417

GET
H2 200 financerates Show response
www.carmax.com/car/api/finance/ 612 B
1 KB 319ms
319ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/finance/financerates

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ea0572fd17272a449f02c366d609cb28e5f0dec0c7bead30031a1f135b29ff7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=291, origin; dur=0, ak_p; desc="1700358075807_34830168_355208754_29044_8639_9_0_219";dur=1
timing-allow-origin: *
content-length: 336
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Nov 2023 02:16:17 GMT

GET
H2 200 Copy.svg
www.carmax.com/car/assets/images/ 403 B
788 B 32ms
30ms Image
image/svg+xml 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/Copy.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51a48876d9e8e9a7b09864227e876c10c44ac9773e06a8e2e1bc3871402dc45f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: X7xm/0SfvfznCd+wqc3oNw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="1700358075843_34830168_355208760_984_10053_11_0_146";dur=1
content-length: 248
last-modified: Fri, 17 Nov 2023 17:38:00 GMT
etag: "0x8DBE790A59C5503"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20231117T173759Z-wrhfgazyuh54hcv9a967fnsam400000000xg000000014kyt
x-ms-request-id: 0aea59e3-001e-002b-787c-194853000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 FavIcon.svg
www.carmax.com/car/assets/images/nav-icons/ 1 KB
1021 B 33ms
32ms Image
image/svg+xml 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/nav-icons/FavIcon.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a7441682f1172733347258a8700bfada72ea4bd0c1d94b71a1a2586aa569e85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: TxfbkomX89kHcOzS9rURvA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075853_34830168_355208762_40_10247_11_0_146";dur=1
content-length: 482
last-modified: Fri, 17 Nov 2023 17:46:04 GMT
etag: "0x8DBE7909AE4B24B"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20231117T174602Z-k4unq323096vf7xg3yd1r0ctsw000000019g000000015kq5
x-ms-request-id: a1e0d839-701e-0078-147d-19d1fa000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ShareIcon.svg
www.carmax.com/car/assets/images/nav-icons/ 579 B
890 B 32ms
31ms Image
image/svg+xml 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/car/assets/images/nav-icons/ShareIcon.svg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

583999d7707ecc8a05e42220c4a50fba22a4f2238a155c046ede07e0c2252499

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: O1MEbmWTbOQuumSdAupgOA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075853_34830168_355208763_164_8556_11_0_146";dur=1
content-length: 352
last-modified: Fri, 17 Nov 2023 17:33:41 GMT
etag: "0x8DBE7909AD312D3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
x-azure-ref: 20231117T173341Z-s6ryrmvsud5p92evnhsh9tmk2400000000tg00000002eqqf
x-ms-request-id: 2c2e5fe8-b01e-0067-247c-1962fe000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 24818774 Show response
img2.carmax.com/api/subject/ 13 KB
14 KB 485ms
293ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

04a475016aa44428f99847ee76f014bd464adf790dbcc77eb825af00245c4de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
server: Kestrel
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 13766
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 24818774 Show response
www.carmax.com/car/api/hotspots/ 17 KB
5 KB 391ms
390ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/hotspots/24818774

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c0474279dddd49f8d329cf27e359c69e079a21ee157771cca441857a8c9fd9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=255, origin; dur=116, ak_p; desc="1700358075869_34830168_355208764_37016_9448_9_0_219";dur=1
timing-allow-origin: *
content-length: 4050
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 24818774 Show response
www.carmax.com/car/api/saved-vehicle/count/ 35 B
906 B 364ms
364ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/saved-vehicle/count/24818774

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e68d5b8fc8491f97501881d44c5c5887b774ed0296eb8285563d6f4f05a16c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=249, origin; dur=85, ak_p; desc="1700358075879_34830168_355208766_33327_10340_9_0_219";dur=1
timing-allow-origin: *
content-length: 153
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 7662 Show response
www.carmax.com/car/api/stores/ 2 KB
2 KB 421ms
420ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/stores/7662

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

051ad4170a34d2a384a20f83b1c73c5594200c59280a690788812ad9e81a8a17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=280, origin; dur=122, ak_p; desc="1700358075891_34830168_355208768_40157_8380_9_0_219";dur=1
timing-allow-origin: *
content-length: 1170
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 153ms
13ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/car/24818774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7

Request headers

Referer: https://www.carmax.com/
Origin: https://www.carmax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:09:22 GMT
content-encoding: br
age: 1914
x-guploader-uploadid: ABPtcPqgAf9zKbnBOXie9UqLq92RQuC6dqz4sP-l1D6wO5CAHVZUsZwrkmNH2qV5zE5ngcIIYys2e9dZqtTBTEOuacSsrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69204
last-modified: Fri, 10 Nov 2023 14:06:35 GMT
server: UploadServer
etag: "76afec209977b7bdc80ad7f037ea3611"
vary: Accept-Encoding
x-goog-generation: 1699625194984472
x-goog-hash: crc32c=LMNjrA==, md5=dq/sIJl3t73ICtfwN+o2EQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69204
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 19 Nov 2023 02:09:22 GMT

HEAD
H2 200 main.js Show response
www.carmax.com/shared/chat/ 0
432 B 33ms
33ms XHR
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
mpulse_origin_time: 0
server-timing: ak_p; desc="1700358075909_34830168_355208770_1436_8484_9_0_255";dur=1
content-length: 2794677
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Tue, 14 Nov 2023 6:22:28 GMT
mpulse_cdn_cache: HIT
etag: "0x8DBE4DA137F288F"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 pagecontext Show response
www.carmax.com/chat/ 491 B
1 KB 270ms
269ms XHR
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/chat/pagecontext

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

53ca396b7c8aa3548abfac2962cb4e4d6908f42548cc0dafa476d26547511607

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=240, origin; dur=9, ak_p; desc="1700358075944_34830168_355208780_24872_10019_9_0_219";dur=1
timing-allow-origin: *
content-length: 482
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 200 main.css Show response
www.carmax.com/shared/chat/ 12 KB
3 KB 45ms
45ms XHR
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

daf68e77ce7bdf5a0ba1d2c424334b0f14c44d87fd410a622894b9029f2d4a89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208781_39_11103_9_0_219";dur=1
content-length: 2202
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Tue, 14 Nov 2023 06:24:37 GMT
etag: "0x8DBE4DA125CA4C8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 404 ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 0
371 B 377ms
377ms Image
text/plain 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: sameorigin
server-timing: cdn-cache; desc=MISS, edge; dur=264, origin; dur=82, ak_p; desc="1700358075954_34830168_355208782_34498_11084_9_0_146";dur=1
timing-allow-origin: *
content-length: 0
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 200 6.dfcfe40d.css
www.carmax.com/car/assets/styles/ 5 KB
2 KB 38ms
35ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/6.dfcfe40d.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61eddc05277ef55331b57f845725edbdae2e98ba090092ae19a46dda57276f29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 0/UpQnK4MtPA1Wx6czJ1gw==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208783_64_10208_9_0_255";dur=1
content-length: 1105
last-modified: Fri, 17 Nov 2023 17:32:57 GMT
etag: "0x8DBE790A5B46D57"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173257Z-faw2dc6thx01fb6b60045d5y7800000002s0000000002vne
x-ms-request-id: 06f3bdda-f01e-002f-0d7c-19c554000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6.1909efa8.chunk.js Show response
www.carmax.com/car/assets/scripts/ 56 KB
15 KB 41ms
38ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/6.1909efa8.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a53023387c9f79268a5aa462bbbf714f11fc7ccb2cc6133418523112e666a1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 2HMsEisFnQaqDF5kWghGaQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208785_73_10083_9_0_146";dur=1
content-length: 15175
last-modified: Fri, 17 Nov 2023 17:32:20 GMT
etag: "0x8DBE790A5E38CAA"
vary: Accept-Encoding
x-azure-ref: 0o6NXZQAAAABPHsNmNXIoQZj1vNeaT8SOQ0gxQUEyMDIwNjA4MDIzADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: f93c5c5a-301e-0042-5a7c-19711f000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5.3b063683.css
www.carmax.com/car/assets/styles/ 6 KB
2 KB 38ms
36ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/5.3b063683.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ab6279a393e805cd9cc954b2d964898a1641a9013caa3de16a9f747acb172da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: H81EAb9hLz/Wbd/2QaDkdQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208784_71_10110_9_0_255";dur=1
content-length: 1428
last-modified: Fri, 17 Nov 2023 19:04:45 GMT
etag: "0x8DBE790A5C951D0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T190445Z-29berr5ze55356uak02qb1mbs800000003gg00000001kt8q
x-ms-request-id: 95451008-401e-0067-3c88-19d863000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5.1e32bda8.chunk.js Show response
www.carmax.com/car/assets/scripts/ 14 KB
5 KB 41ms
39ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/5.1e32bda8.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6c8c732208ab420d2cd5a6d24de327264126462d6325d1791bc25dae0093e46b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: nMdKKYBjIXGVakEbljKv3A==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208786_81_10061_9_0_146";dur=1
content-length: 4181
last-modified: Fri, 17 Nov 2023 17:30:53 GMT
etag: "0x8DBE790A5D1DC10"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173052Z-74r9ay984h1treq000z97m2wnc00000003q00000000132wu
x-ms-request-id: 346b595b-801e-0078-017b-196b67000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 11.d2d01d8e.css
www.carmax.com/car/assets/styles/ 1 KB
930 B 38ms
36ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/11.d2d01d8e.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4f9846fb7224f20e24fe90f6e0517e058040a487a078e2fc07cb7c7290c53325

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: OLx8JLKoZJLW9YMyzH56cQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208787_68_11108_9_0_255";dur=1
content-length: 399
last-modified: Fri, 17 Nov 2023 17:32:06 GMT
etag: "0x8DBE790A5A2E3BA"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173205Z-faw2dc6thx01fb6b60045d5y7800000002s0000000002nr7
x-ms-request-id: 06f3063e-f01e-002f-737b-19c554000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 11.d1a51122.chunk.js Show response
www.carmax.com/car/assets/scripts/ 5 KB
2 KB 41ms
39ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/11.d1a51122.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

532797186ba6804ac0147bd8acc0ae2c2fd3f7eb6065da2f9b5c2c11e8db12c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: 2xR3RVRaoGKL+HW14Rrjww==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075965_34830168_355208791_66_10348_9_0_146";dur=1
content-length: 1963
last-modified: Fri, 17 Nov 2023 17:32:32 GMT
etag: "0x8DBE790A5AAF8D7"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
x-azure-ref: 20231117T173231Z-74r9ay984h1treq000z97m2wnc00000003sg0000000110f5
x-ms-request-id: 06f36751-f01e-002f-617c-19c554000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 14.7bfeb9c0.css
www.carmax.com/car/assets/styles/ 538 B
790 B 38ms
37ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/14.7bfeb9c0.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65024566ac65f2a5de20394dea222f14c66dbbd3c6f369da1686e95039ba5bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: BpcicUsI8w7tYfxWwwbs9Q==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075954_34830168_355208788_69_11088_9_0_255";dur=1
content-length: 258
last-modified: Fri, 17 Nov 2023 17:31:03 GMT
etag: "0x8DBE790A5DFBCB3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173103Z-ugmb7auemd2pz4webur78t76dw00000002y000000001ub0w
x-ms-request-id: 19d673f0-701e-0031-317b-19298c000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 14.b628ae74.chunk.js Show response
www.carmax.com/car/assets/scripts/ 1 KB
1 KB 41ms
40ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/14.b628ae74.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1224aeceefbcee58effb6f255c7f144c4c92a4d0c7c0872a555bebd54316b57d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: wKbU1BWangrpsGeVeT90BA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075965_34830168_355208792_68_10317_9_0_146";dur=1
content-length: 585
last-modified: Fri, 17 Nov 2023 17:34:17 GMT
etag: "0x8DBE790A5BFB647"
vary: Accept-Encoding
x-azure-ref: 0GaRXZQAAAADLGjcBxJulToGPrIVX0E3AQ0gxQUEyMDIwNjA4MDExADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: 391a7f17-401e-003a-337c-19d2e7000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15.7bfeb9c0.css
www.carmax.com/car/assets/styles/ 538 B
790 B 38ms
37ms Stylesheet
text/css 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/styles/15.7bfeb9c0.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

70e15e42bd39b6c862c1b4e45e0b2c37661c14fe694d006dab23211dca824825

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: hde0ZN60LDC454KrW7qWmQ==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="1700358075954_34830168_355208789_1169_10004_9_0_255";dur=1
content-length: 258
last-modified: Fri, 17 Nov 2023 17:34:29 GMT
etag: "0x8DBE790A5B4945C"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
x-azure-ref: 20231117T173428Z-pt02sepq617pxf3aah91k7xumn00000004gg00000000av0y
x-ms-request-id: 6e8049be-101e-0055-627c-19d814000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15.7ad66665.chunk.js Show response
www.carmax.com/car/assets/scripts/ 1 KB
1 KB 41ms
41ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/assets/scripts/15.7ad66665.chunk.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/runtime.9ed0f83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d32d4a6a7f7abaf246913a753e2740a27adb8117ae8613ce705caf5ec24d3a11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:15 GMT
content-md5: xNXpOIezIphokHGibv6lpA==
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358075965_34830168_355208793_147_10474_9_0_146";dur=1
content-length: 601
last-modified: Fri, 17 Nov 2023 17:31:49 GMT
etag: "0x8DBE790A5D1DC10"
vary: Accept-Encoding
x-azure-ref: 0hKNXZQAAAACne3QiNZnbRayamqiww4EqQ0gxQUEyMDIwNjA5MDM3ADk2NDVkZWJkLTMxNjUtNDM4OS1hNTBmLTA2YjdhZmZiNzE5OA==
content-type: application/javascript
x-frame-options: sameorigin
x-ms-request-id: ebc1264f-801e-0068-387b-19ae0f000000
cache-control: max-age=900
x-ms-version: 2018-03-28
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 35ms
35ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1671187928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&ul=en-us&de=UTF-8&dt=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIJAAAAACAMo~&jid=1772969482&gjid=1171769732&cid=1411854586.1700358076&tid=UA-187672-9&_gid=1542096893.1700358076&_r=1&_slc=1&z=386386452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel_58dc05a4 Show response
www.carmax.com/akam/13/ 0
852 B 20ms
19ms XHR
text/html 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/pixel_58dc05a4

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/akam/13/58dc05a4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: sameorigin
content-type: text/html
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1700358076091_34830168_355208829_334_5604_9_0_219";dur=1
timing-allow-origin: *
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-187672-9&cid=1411854586.1700358076&jid=1772969482&gjid=1171769732&_gid=1542096893.1700358076&_u=aGDAAUIIAAAAACAMo~&z=120573015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Nov 2023 01:41:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/J90WC/v1/ 20 KB
4 KB 342ms
342ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/J90WC/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7c2d2799108da79590d323f597bf90ef6677b3cb84e0ebab74a8e29640e529ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPp3vACkBfsOF_Hyjh5jB1eWhM5QXyI_G0Vhl0n5VvS6EiJuXX4i4pDL9wC8ajEx6W3rM-1oDHsraEwPTizWTz-fIyHA471o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3530
last-modified: Sun, 19 Nov 2023 01:36:20 GMT
server: UploadServer
etag: "d6a3fc699fb1c7776d3468b0d3bf2784"
x-goog-generation: 1700357780507754
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=2HZY6g==, md5=1qP8aZ+xx3dtNGiw078nhA==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 3530
accept-ranges: bytes
expires: Sun, 19 Nov 2023 01:56:16 GMT

GET
H2 200 24818774 Show response
www.carmax.com/car/api/transferstatus/ 2 KB
2 KB 607ms
607ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/transferstatus/24818774

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7ef2332c8a23a563f60a5141f0809485751791d9fda6bab88a6500f811fe9166

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=486, origin; dur=100, ak_p; desc="1700358076167_34830168_355208843_58529_10102_15_0_219";dur=1
timing-allow-origin: *
content-length: 1203
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 24818774 Show response
www.carmax.com/car/api/highlights/ 929 B
1 KB 249ms
248ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/highlights/24818774

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca9d4114e2663c70ac47dc5949d0028d23b065a62ffb54bca4491a11a44c2a3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=132, origin; dur=92, ak_p; desc="1700358076178_34830168_355208848_22423_11067_9_0_219";dur=1
timing-allow-origin: *
content-length: 739
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 undefined Show response
www.carmax.com/car/api/prioruse/disclosures/24818774/ 2 B
867 B 192ms
192ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/prioruse/disclosures/24818774/undefined

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=82, ak_p; desc="1700358076178_34830168_355208849_17056_8601_9_0_219";dur=1
timing-allow-origin: *
content-length: 122
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 93ms
35ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=1411854586.1700358076&jid=1772969482&_u=aGDAAUIIAAAAACAMo~&z=907440873

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 58ms
24ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=1411854586.1700358076&jid=1772969482&_u=aGDAAUIIAAAAACAMo~&z=907440873

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 22 KB
4 KB 98ms
61ms XHR
application/json 2a02:26f0:280:29a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=G44P5-SQM6J-DDMWR-2C333-A6FEA&d=www.carmax.com&t=5667860&v=1.720.0&sl=0&si=a3ecb6d9-e775-4379-9456-ee72bccc553f-s4ckor&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=245985
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:280:29a::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d2f97e9a7142b4146e7b42c049d1f9aeb7c874fc17b6d4a4eeb11a4b931dc8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Sun, 19 Nov 2023 01:41:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 3751

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 4 KB
2 KB 307ms
306ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/0.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

547d06874865cfca99c1dbfd488012c530f0b990fa097c296e4d324379ea6a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 905
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 2 KB
1 KB 241ms
240ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360BackSeat.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7890e0e22c9e85c6b2872ad48199da60c61157725ae5bea7942c1439ae883a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 614
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 5 KB
2 KB 238ms
238ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360Driver.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

90b5ac3f14745a4ff2309a07a4e7c7f3edcbb8d68e4a8d7a088ecbe55b397a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 1044
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 spin Show response
img2.carmax.com/api/subject/24818774/360-exterior/ 491 KB
492 KB 412ms
412ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-exterior/spin

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

b5784113b4faa6b9a5b06a3db66dbebc120f348dc4840b5930307cdafe80cc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
server: Kestrel
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 4 KB
2 KB 171ms
170ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/0.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

547d06874865cfca99c1dbfd488012c530f0b990fa097c296e4d324379ea6a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 905
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 2 KB
1 KB 304ms
304ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360BackSeat.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7890e0e22c9e85c6b2872ad48199da60c61157725ae5bea7942c1439ae883a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 614
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 5 KB
2 KB 236ms
235ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360Driver.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

90b5ac3f14745a4ff2309a07a4e7c7f3edcbb8d68e4a8d7a088ecbe55b397a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 1044
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 10.jpg
img2.carmax.com/assets/24818774/image/ 25 KB
25 KB 506ms
504ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/10.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8cb2f9d9d937ffc34df618b41a4d072bea8fb715968af410cae8093303a3258a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:46 GMT
x-serial: 445
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 25784
expires: Mon, 20 Nov 2023 01:41:16 GMT

GET
H2 200 12.jpg
img2.carmax.com/assets/24818774/image/ 31 KB
31 KB 496ms
495ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/12.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f94dcf4f81a76f791b636e7a182766914ef9b64d1a3cdc1c8ba6d20f887c5df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:44 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 31916
expires: Mon, 20 Nov 2023 01:41:16 GMT

GET
H2 200 11.jpg
img2.carmax.com/assets/24818774/image/ 27 KB
27 KB 474ms
473ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/11.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4275b3f7548af21fab0cf7730663c37ea6e617de6c774a6d746037aac65ae099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:38 GMT
x-serial: 753
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 27780
expires: Mon, 20 Nov 2023 01:41:16 GMT

GET
H2 200 23.jpg
img2.carmax.com/assets/24818774/image/ 25 KB
25 KB 402ms
400ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/23.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

25a309835e6a97602ec35bc67ff8aa32cf3f0e196dc89e78d3c336d44985f0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:39 GMT
x-serial: 839
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 25274
expires: Mon, 20 Nov 2023 01:41:16 GMT

GET
H2 200 21.jpg
img2.carmax.com/assets/24818774/image/ 29 KB
29 KB 319ms
318ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/21.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9130551d6e2594f1ecd0758103b90bfc397ac8f3d22983d0b568a7fa910cb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:38 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 29572
expires: Mon, 20 Nov 2023 01:41:16 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24818774/image/ 15 KB
15 KB 826ms
825ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/15.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

014bf2576c5177702a88277688093af320d2112a61ab70d876fc95ba73c8e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:37 GMT
x-serial: 2019
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 15534
expires: Mon, 20 Nov 2023 01:41:17 GMT

GET
DATA 200
OK truncated
/ 799 B
799 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0576f94f1d666e893c67c1457ba42f9c38015a10e638dbfdb991c8aa45684407

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/svg+xml

POST
H2 200 page Show response
rs.fullstory.com/rec/ 20 KB
4 KB 178ms
128ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8f75e787afb4cc8bc8e70cfc688814bfbb458b858ab893ead843eee6170822dc

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 4 KB
2 KB 18ms
18ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/0.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

547d06874865cfca99c1dbfd488012c530f0b990fa097c296e4d324379ea6a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 905
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 2 KB
1 KB 28ms
27ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360BackSeat.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7890e0e22c9e85c6b2872ad48199da60c61157725ae5bea7942c1439ae883a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 614
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 5 KB
2 KB 25ms
25ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360Driver.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

90b5ac3f14745a4ff2309a07a4e7c7f3edcbb8d68e4a8d7a088ecbe55b397a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 1044
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

POST
H2 200 aprscore Show response
www.carmax.com/car/api/ 74 B
992 B 369ms
368ms Fetch
application/json 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/car/api/aprscore

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8c01fc1bfbd933e7ea66a408d224f10987182ee74e9dd7fa289dd9bf345932ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.carmax.com/car/24818774
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
api-supported-versions: 1.0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=144, origin; dur=207, ak_p; desc="1700358076695_34830168_355208913_35069_7587_10_0_219";dur=1
timing-allow-origin: *
content-length: 189
request-context: appId=cid-v1:9c309cbd-9a02-40a2-b976-69dcfcebf7be

GET
H2 200 0.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 4 KB
2 KB 17ms
16ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/0.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

547d06874865cfca99c1dbfd488012c530f0b990fa097c296e4d324379ea6a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 905
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360BackSeat.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 2 KB
1 KB 27ms
26ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360BackSeat.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

7890e0e22c9e85c6b2872ad48199da60c61157725ae5bea7942c1439ae883a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 614
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 S-I-360Driver.jpg Show response
img2.carmax.com/api/subject/24818774/360-images/ 5 KB
2 KB 24ms
24ms Fetch
application/json 2a02:26f0:280:194::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img2.carmax.com/api/subject/24818774/360-images/S-I-360Driver.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:194::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

90b5ac3f14745a4ff2309a07a4e7c7f3edcbb8d68e4a8d7a088ecbe55b397a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Kestrel
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 1044
request-context: appId=cid-v1:45f0236b-df79-48a5-aff6-fb9ef08fe6da

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 5 KB
5 KB 113ms
113ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 433903449ae157398dd752c1e5faca02b5ec31f74d1c69ca7fbede8f5e8ed54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 45ms
17ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:24:44 GMT
content-encoding: gzip
age: 992
x-guploader-uploadid: ABPtcPqEYNpE4ieQ6vwN1mP7-KO05Oy6BQVMRei8Xn6xqwimVIe2eabJiXMFbrD_g09caH3FSEzSPQh-601k84sVrUrw0Qg4Fp6W
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11988
last-modified: Wed, 08 Nov 2023 20:56:56 GMT
server: UploadServer
etag: "39b7f7e673615461d3b4367d3c8bed3d"
x-goog-generation: 1699477015913229
x-goog-hash: crc32c=rAGCBw==, md5=Obf35nNhVGHTtDZ9PIvtPQ==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11988
accept-ranges: bytes
expires: Sun, 19 Nov 2023 02:24:44 GMT

GET
H2 200 RCefa34504f82c495d8e54193a956f69fe-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 1 KB
873 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RCefa34504f82c495d8e54193a956f69fe-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: be41865e096bba5d4f612c968489d14f01b943bea1ea8fb6b987f05c1f7e32ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 616
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24818774/image/ 15 KB
15 KB 21ms
21ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/15.jpg?width=400&height=300

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/assets/scripts/vendor.670c5c31.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

014bf2576c5177702a88277688093af320d2112a61ab70d876fc95ba73c8e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:37 GMT
x-serial: 2019
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 15534
expires: Mon, 20 Nov 2023 01:41:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Nov 2023 01:41:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZInQDM6ky/oJLjfIazrNIDQB/o4iR8zfmwqqVUK3DxanBUgUtq+ZJ9JPsLEXzzXAJwuIw3UC/gLeNEDbLLZk8w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RCd4d761a91d4049e9bc2ab4b3fe291e03-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 1 KB
851 B 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RCd4d761a91d4049e9bc2ab4b3fe291e03-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8f363dfa83b99177fa8af885b80b6e8954c86ad03626d3452d7caba990739949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 594
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 56ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 19 Nov 2023 01:41:16 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0B52DFCC5394FBA99FECBF8DAA61EB0 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:17Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13187

GET
H2 200 RCb71449ad634c447ca4bdf56aa153f6ef-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 1 KB
890 B 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RCb71449ad634c447ca4bdf56aa153f6ef-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 58fdfd63c8045084bc157b2158c73271b83b4654746a2b39baafabe63b25fd55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 633
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 RC1bf1cd9f3a3e44eda4b8a2bd521b99b7-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 3 KB
1 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC1bf1cd9f3a3e44eda4b8a2bd521b99b7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3776b9bd1781c5b547515ff7500230ecc290b56536bf1c99c91978b1f6e7b841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1202
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wMTI0OTY/ 462 KB
62 KB 67ms
10ms Script
application/javascript 2600:9000:2240:e400:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wMTI0OTY/access.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e400:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee0b2853c994d5be10792538856cf07d6f57b7edf1eac055296c3ce64652227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: FIuzYeYZrC_n8rZWkaij9oCSewRVu8N6
Content-Encoding: gzip
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Date: Sun, 19 Nov 2023 01:29:17 GMT
X-Amz-Cf-Pop: FRA60-P1
Age: 756
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 62541
Last-Modified: Sat, 03 Jun 2023 02:16:50 GMT
Server: AmazonS3
ETag: "980779ff45a9e0f3f93a64047f677ffe"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: oppC54Wkpx3xfGaeyj2p4fjDE_q4LjSiqYtlIHUAqSewTQGPs9GPwA==

GET
H2 204 tr.gif
ping.pdst.fm/ 0
47 B 218ms
135ms Image
text/plain 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
via: 1.1 google

GET
H2 200 RC66a4865870924c83a5ab2c34ac81f1bb-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 544 B
600 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC66a4865870924c83a5ab2c34ac81f1bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 54d0ca678073d045c241555d25c22c6482530e63e416f3e47d54ff58a80c62f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 343
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 176869726424290 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/176869726424290?v=2.9.138&r=stable&domain=www.carmax.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4df31381011de9aa4c29a3d881734469fd7d68848c3ccc60a037eea8607267c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Nov 2023 01:41:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ybDewKqLrvLJoFsjB3opTPzC2hih89J6+jtFk3pHCt+eQSDrqciEFHWhHopbL/C+GkQR6HRfPLjBdjpGHsVKRg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 36004432.js Show response
bat.bing.com/p/action/ 0
116 B 30ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/36004432.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 19 Nov 2023 01:41:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E97B92A8D904A489C8A3B06E3C7E6A9 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:17Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 76ms
76ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=36004432&Ver=2&mid=7e8376b9-aa43-4779-8d8d-702321881393&sid=bb633cf0867c11ee81483dd7981f648f&vid=bb6357c0867c11ee96bce9612638621f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix,%20AZ%20%7C%20CarMax&p=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&r=&lt=2625&evt=pageLoad&sv=1&rn=563176

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Nov 2023 01:41:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD9EEEF1F31C45EAB968413FA71D8DA5 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4028650.js Show response
bat.bing.com/p/action/ 0
117 B 74ms
74ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4028650.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 19 Nov 2023 01:41:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 108362C360ED434D8CBF7719933C703F Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:17Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
229 B 71ms
71ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4028650&Ver=2&mid=40144dcb-27ba-4c25-847f-e6a921bc8431&sid=bb633cf0867c11ee81483dd7981f648f&vid=bb6357c0867c11ee96bce9612638621f&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix,%20AZ%20%7C%20CarMax&p=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&r=&lt=2625&evt=pageLoad&sv=1&rn=773315

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Nov 2023 01:41:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C35A57240C74B37A0EDB0245CFA9EB9 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
www.carmax.com/shared/interact-one/ 2 KB
1 KB 21ms
21ms Script
application/javascript 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/interact-one/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a836d2c3a76bd1288a33d2ec77c8030124a6a82d3697f675cb1b4cc0993ae44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358077343_34830168_355208989_35_10643_9_0_146";dur=1
content-length: 651
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Wed, 15 Nov 2023 06:35:55 GMT
etag: "0x8DBDA250219BAC2"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *

GET
H2 200 RC545ab73db53e4143ae6557a896343666-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 3 KB
1 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC545ab73db53e4143ae6557a896343666-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d014f485744d00c649f0d8365bce61041da4fa48d866084ec5452e192f809a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1175
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 RC99a07e4edf9f4c6bb4e30fbb2048e697-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 634 B
644 B 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC99a07e4edf9f4c6bb4e30fbb2048e697-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d4cee737adb5d540f30161c6fbf9e1c3177a34f782f025a4fa731fce4b9e9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 387
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=PageView&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&rl=&if=false&ts=1700358077369&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700358077368.1747472023&ler=empty&it=1700358077281&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Nov 2023 01:41:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=ViewContent&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&rl=&if=false&ts=1700358077371&cd[content_category]=Carpage%3AComing%20Soon&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700358077368.1747472023&ler=empty&it=1700358077281&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Nov 2023 01:41:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 43ms
14ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=35257

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc5ae48d6f770ce559dad21c38a75293548b084bd158a73009ea1fc4449e384d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 RCbd4c3b1389454f4399ac8d536cb16bba-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 830 B
727 B 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RCbd4c3b1389454f4399ac8d536cb16bba-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6a8addee26f7c2b8510830b774da4299a12b241105075e90a89821a82cfe2a08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 470
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H/1.1

200
OK

results.txt Show response
wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pcosp8w96
https://wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

89ms
8ms

XHR
text/plain

95.101.54.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.54.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-225.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Sun, 19 Nov 2023 01:41:17 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Sun, 19 Nov 2023 01:41:17 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pcosp8w96
https://fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

73ms
7ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Sun, 19 Nov 2023 01:41:17 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Sun, 19 Nov 2023 01:41:17 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 76ms
42ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8789640

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7fde43de759dfd755effb321f1039f04175c7deaa506d510365cf281cea93a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67278
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 33DA 13 KB
5 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=35257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f953c0f47acf28b49b3b78330423297e1fed1c5e079f5a628e1c66f203e477f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 01:41:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 309157
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 dna Show response
dnacdn.net/ Frame 33DA 0
525 B 67ms
14ms Fetch 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dnacdn.net/dna

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 122149
content-length: 0
expires: 0

GET
H2 200 newidsd Show response
ag.gbc.criteo.com/ Frame 33DA 19 B
389 B 88ms
14ms Fetch
application/json 185.235.87.133
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ag.gbc.criteo.com/newidsd

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.235.87.133 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f5b89e378e60fec3d28549472ebb65f9267b35d98fb3247f6ca3cd4381b12fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 45205
expires: 0

GET
H2 200 newidsd Show response
gem.gbc.criteo.com/ Frame 33DA 18 B
403 B 86ms
14ms Fetch
application/json 185.235.87.175
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gem.gbc.criteo.com/newidsd

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.235.87.175 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

209e9aec2095f6400db28f8d42a3cfd9f267013720bb964d5640a799f133eed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 62677
expires: 0

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
315 B 45ms
7ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 137ms
136ms Image
text/plain 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
via: 1.1 google

GET
H/1.1 200 /
d.agkn.com/pixel/9043/ 43 B
564 B 57ms
9ms Image
image/gif 3.123.116.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9043/?abid=76955742309912890853907182263057701411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.116.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-116-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Sun, 19 Nov 2023 01:41:17 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=76955742309912890853907182263057701411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Nov 2023 01:41:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

HEAD
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 0
402 B 72ms
37ms XHR
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52713
x-xss-protection: 0
server: cafe
etag: 10655948795765532149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 RCd49cb070e2434d56bc17bc5e7a0c9334-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 2 KB
1 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RCd49cb070e2434d56bc17bc5e7a0c9334-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6872c28d9ca7ceb9dbac0ef066d02f05bb8e8939983860e554a490a239be3068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 840
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
95 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06ccc6fde8fa799bb8a8af8a1aed1cb13085dbdc6f7022ff399a7504b3139b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 46ms
44ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b13913fe572b1132dac33e7697bd1a8ff3dcf582b5d3a3ce0ff23c02ea929cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77559
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 95ms
94ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1df7b2a2b3eb74a0dd52e2c6037d722778fbfacc5e91b86432eea607f3e5d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75203
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

161dce8926ec3f90e216e4973fcb79cc918658b30358c0f3c315ef2cb58b2178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72227
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
74 KB 86ms
86ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708462047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f1092521ce69335d30b84dd4e51294b4cb82393feb32291872c03e52ad7651b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75559
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-586870437&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77a5178fb521b2d64c948696976ee38a7084cd9d853d267403d22f40cce505a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57912
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 99ms
99ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ef70dcce35ce501b3d9c88dc976cb38289c476a0ff1a1596b1210a7af4ea641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77828
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 01:41:17 GMT

GET
H2 200 dna Show response
dnacdn.net/ Frame 33DA 149 B
753 B 16ms
15ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dnacdn.net/dna

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0aacf47013e76902d1639c24e4a128563ebbaaa4be0c1cbb4bb0e19dd32fd4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 136085
expires: 0

GET
H2 200 / Show response
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 70ms
24ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/car/24818774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937df2d24975cc71db30239495f33c6aa27407cb3f7d39c4fc2d7a6e953641e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 155974
cf-polished: origSize=9155
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23c3-/wk18AkNf4wJgJUbJrZdaWSPiRk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0020bfd694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 RC1ef666b34dbf4bbebfe16006ae965801-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/ 1 KB
854 B 12ms
11ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/02d33ece1bb1/432c2b4d80d0/RC1ef666b34dbf4bbebfe16006ae965801-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63bcc7d291644d7bb97df7d8af0018cc.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8d8d86824f08fa440452abe0d8af6ac0467edf22097c79b088c124ace2b5bd10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 19:23:45 GMT
server: AkamaiNetStorage
etag: "70c53aab0a1c88a88e6f043cc38a5421:1700162625.485724"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 597
expires: Sun, 19 Nov 2023 02:41:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 33DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=carmax.com&sn=EdgeSyncframe&so=0&topUrl=www.carmax.com&info=ZG64y19uUEVHN2FndlZXaiUyQm5hSlg1cWdESG1OU0djQjUwU29hMTFLMGMwUEhmOFpGQ3Nrc2JoanhQQyUy...
https://mug.criteo.com/sid?cpp=yamSdnwrTXFBeVQvdkhyTW01ZlNyMnI0eXBFbkZBTGNFV3VnSHpmVDFjek91cmVFdXkyWkxIRDY1aWUxeEpPckd2QzZjK3RqbjNtT05BK3RydVg1SEJ1VE5GQVU0QlFCbFJOMGw4djB5QTUrQWVwOEJyMVRpVkNQYnhCME...

486 B
691 B

16ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yamSdnwrTXFBeVQvdkhyTW01ZlNyMnI0eXBFbkZBTGNFV3VnSHpmVDFjek91cmVFdXkyWkxIRDY1aWUxeEpPckd2QzZjK3RqbjNtT05BK3RydVg1SEJ1VE5GQVU0QlFCbFJOMGw4djB5QTUrQWVwOEJyMVRpVkNQYnhCMEdjSm5sT21CYlNnOXlPSEdvZzJCSzJkaHlnQ2JEaGxGSWkwZFBzT2FuWkFqN1VIOEhWb0hDbURZSmJ0WU5TVlN0ZUdod0xXdk9kQVg5RmZsZ1ZlR2xyaHhJMmpNR29oU2IrUjM1ZEtNSjE3Q0xpZWZLb0JIRFZUMUEzaks5bGtNYU10ZXJEMnlGdkZqK05SLzIwK2QvVTVRamhZL0pSTEJGaTJBdHFoSysrV1MwOXZlWmxHeGQyMjZqQlorK3k2bEt2L045TFl0K0NubTRudGM5VXdaSFU0Qkd5NkRzNEE9PXw&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b2e03accf5cd5c216cb31d54be7e5c1369d79f905d5360b80812fc5d5afd546d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1104106
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yamSdnwrTXFBeVQvdkhyTW01ZlNyMnI0eXBFbkZBTGNFV3VnSHpmVDFjek91cmVFdXkyWkxIRDY1aWUxeEpPckd2QzZjK3RqbjNtT05BK3RydVg1SEJ1VE5GQVU0QlFCbFJOMGw4djB5QTUrQWVwOEJyMVRpVkNQYnhCMEdjSm5sT21CYlNnOXlPSEdvZzJCSzJkaHlnQ2JEaGxGSWkwZFBzT2FuWkFqN1VIOEhWb0hDbURZSmJ0WU5TVlN0ZUdod0xXdk9kQVg5RmZsZ1ZlR2xyaHhJMmpNR29oU2IrUjM1ZEtNSjE3Q0xpZWZLb0JIRFZUMUEzaks5bGtNYU10ZXJEMnlGdkZqK05SLzIwK2QvVTVRamhZL0pSTEJGaTJBdHFoSysrV1MwOXZlWmxHeGQyMjZqQlorK3k2bEt2L045TFl0K0NubTRudGM5VXdaSFU0Qkd5NkRzNEE9PXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 341241
content-length: 0
expires: 0

POST
H2 204 /
0217990f.akstat.io/ 0
202 B 308ms
285ms Ping
image/gif 2a02:26f0:280:48b::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217990f.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:280:48b::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-type: image/gif
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 19 Nov 2023 01:41:18 GMT

GET
H2 200 s05114516300360
carmax.sc.omtrdc.net/b/ss/carmaxadaptive/1/JS-2.24.0-LDQM/ 43 B
223 B 22ms
21ms Image
image/gif 63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carmax.sc.omtrdc.net/b/ss/carmaxadaptive/1/JS-2.24.0-LDQM/s05114516300360?AQB=1&ndh=1&pf=1&t=19%2F10%2F2023%202%3A41%3A17%200%20-60&sdid=468A82118DDD2A99-7CB5DF88BA2F5F56&mid=76955742309912890853907182263057701411&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=Carpage%3AComing%20Soon&g=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&cc=USD&ch=Carpage&server=carmax.com&xact=955c40aed67c6bc08b88ea6b631d8cda&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Carpage&v1=Carpage%3AComing%20Soon&v2=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&v6=ba5947a1-8549-42f5-a4e0-70df13d99071&c8=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&v8=undefined&v9=Carpage&v19=fb.1.1700358077368.1747472023%20%7C%20null&c36=1&v42=NaN&v46=null&v47=Frankfurt&v51=undefined%3Anull&c61=1600x1200&c62=AppMeasurement%7Cv2.8.0%7C20170816%20%7C%20null&c63=11%2F19%2F2023%2C%202%3A41%3A17%20AM&c64=0-24%25&c65=8%3A41%20PM&c66=2%3A30%20AM&c67=Saturday&c68=Weekend&v73=955c40aed67c6bc08b88ea6b631d8cda&v83=76955742309912890853907182263057701411&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0C1038B35278345B0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 01:41:17 GMT
server: jag
etag: 3651491167320276992-4617861742352008514
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 18 Nov 2023 01:41:17 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 285ms
146ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=8853e857-363f-4b28-ab60-6947d4106dca&SessionId=ed928059-bcc1-41d2-b26d-dfad5ce99d05&PageId=b9b3f91b-ad49-46a3-a8d4-d753ce1df92e&Seq=1&PageStart=1700358076712&PrevBundleTime=0&LastActivity=872&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 3987d424f040f112367a22d742623c671b0d1ab70d44598ac5e184d909dab38b

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sun, 19 Nov 2023 01:41:18 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/586870437/ 3 KB
2 KB 75ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/586870437/?random=1700358077845&cv=11&fst=1700358077845&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893569515&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-586870437&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bea9a0585c83aef8a0ae925d9bf060b730a443d0e60c1837583b3b9413a121a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.20b1d36d36c1dfbe70fa.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 70 KB
21 KB 24ms
23ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b5c93f6affe076aa846f63596819be1a4b6ca73e58baf41f4b01db979fdb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281432
cf-polished: origSize=72939
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11ceb-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c002ac30694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 46ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NTWN6LKPPS&gtm=45je3b81v893987339&_p=1700358075537&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1411854586.1700358076&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1700358077&sct=1&seg=0&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&dt=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3352
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NTWN6LKPPS&cid=1411854586.1700358076&gtm=45je3b81v893987339&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 43ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NTWN6LKPPS&gtm=45je3b81v893987339&_p=1700358075537&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1411854586.1700358076&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1700358077&sct=1&seg=0&dl=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&dt=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&cu=USD&en=carpage_view&_c=1&epn.value=0&_et=3&tfd=3357
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
24ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NTWN6LKPPS&cid=1411854586.1700358076&gtm=45je3b81v893987339&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1394205916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/ 3 KB
2 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1700358077952&cv=11&fst=1700358077952&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8b9386918fe9c07a0af46ed11c90f45ffaa4f1a3d54f4fdb00e6676edc7a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/ 3 KB
2 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1700358077963&cv=11&fst=1700358077963&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cdf4fbe91de8095f0611d931129ada18557d537675f026082dbf4ce245bc8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/ 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1700358077985&cv=11&fst=1700358077985&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f6f9be09a5225add7b307a91b6777af9bca51428495f55fe308e380b754ea32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1060501044/ 3 KB
2 KB 75ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1060501044/?random=1700358077998&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d99306f730c91baa9c5586692cf58a6ddfb8f1f35736fd53d09a1e8d993936ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/ 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1700358078002&cv=11&fst=1700358078002&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24818774&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

552ceeb0ae3ef9f1b5a80f01590053d08cd6f1d035146accf918e3086f08ddb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/ 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/?random=1700358078021&cv=11&fst=1700358078021&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892579784&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

496a9e2be6961b72c8327c5c6b1b6cbcbdd053e2d42f9742404043c0e9dd801f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708462047/ 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708462047/?random=1700358078048&cv=11&fst=1700358078048&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885074536&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708462047&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7c9edc2bf63eeee6ef41edd60142aaae5df29a62cb89269bbfb3019cd19e77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/ 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=1700358078080&cv=11&fst=1700358078080&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e7f42ec751238459fb1c0c8549e55501f2717c74b8ddc39c974cee89e025b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10777432239/ 3 KB
2 KB 26ms
25ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10777432239/?random=1700358078095&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f1be51bbd758230bd3d10a09143fe3699e2c10fd1a77cdc7e12d2a4de1552f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 13 KB
2 KB 141ms
141ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_824BpwRuzg5MXB3&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8a5223f633e4a130d2108f94f80ca31f1e9ec1d5d55781339d771003a5a8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: fcab7cb345237149
cf-ray: 8284c0044cbe694b-FRA
timing-allow-origin: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/586870437/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/586870437/?random=1700358077845&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893569515&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN17N-D3e0Mag2Hbw3Hz6q9KEINoU3Xw&random=3670814766&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/586870437/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/586870437/?random=1700358077845&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893569515&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN17N-D3e0Mag2Hbw3Hz6q9KEINoU3Xw&random=3670814766&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769504883/ 42 B
108 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769504883/?random=1700358077952&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4ZmqduRrcLa6P12TBxIfU9ZpO18sX8phQWYWl0A6sUyS5eXk&random=2608927404&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/769504883/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769504883/?random=1700358077952&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4ZmqduRrcLa6P12TBxIfU9ZpO18sX8phQWYWl0A6sUyS5eXk&random=2608927404&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769504883/ 42 B
108 B 36ms
36ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769504883/?random=1700358077963&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxfREOunBF3c60LDXe1PQ2BBNYm7vmQ_EByxD9-rbgv1ad6p8&random=2879456785&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/769504883/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769504883/?random=1700358077963&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNxfREOunBF3c60LDXe1PQ2BBNYm7vmQ_EByxD9-rbgv1ad6p8&random=2879456785&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060501044/ 42 B
108 B 37ms
37ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060501044/?random=1700358077985&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNtNC3QAYbJmn-aW3rL_zBu2apmBwsQKEpYTq0fqQSrCQMAqSu&random=566747496&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1060501044/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060501044/?random=1700358077985&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNtNC3QAYbJmn-aW3rL_zBu2apmBwsQKEpYTq0fqQSrCQMAqSu&random=566747496&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1060501044/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham...
https://www.google.com/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
https://www.google.de/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...

42 B
64 B

32ms
31ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU2SFZSTEl2YksxSHRvQzMwNTZwRlFyMkxLTGFta0w1TW1ObGN2Y0hGN0k0YVplZVZtOS1SN0g0dyITCO6t77n3zoIDFaGVgwcdKvgJmg&is_vtc=1&ocp_id=vmdZZe7WA6GrjuwPqvCn0Ak&cid=CAQSKQDICaaNmXzScOwZBJJFxp3Xx9CU3YOyzPOKrrCZfaFAgadO5F9Fp7eX&random=1875806188&ipr=y

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1060501044/?random=1375537870&cv=11&fst=1700358077998&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU2SFZSTEl2YksxSHRvQzMwNTZwRlFyMkxLTGFta0w1TW1ObGN2Y0hGN0k0YVplZVZtOS1SN0g0dyITCO6t77n3zoIDFaGVgwcdKvgJmg&is_vtc=1&ocp_id=vmdZZe7WA6GrjuwPqvCn0Ak&cid=CAQSKQDICaaNmXzScOwZBJJFxp3Xx9CU3YOyzPOKrrCZfaFAgadO5F9Fp7eX&random=1875806188&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060501044/ 42 B
108 B 36ms
34ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060501044/?random=1700358078002&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24818774&fmt=3&is_vtc=1&cid=CAQSKQDICaaNRd7ytaa1Fadb4Dntpl4E00oe5QX3gpJ2-Ab7Jijf0piYppHZ&random=3032055385&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1060501044/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060501044/?random=1700358078002&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v872296686&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dpage_view%3Bdynx_pagetype%3DCarpage%3AComing%20Soon%3Bdynx_itemid%3D24818774&fmt=3&is_vtc=1&cid=CAQSKQDICaaNRd7ytaa1Fadb4Dntpl4E00oe5QX3gpJ2-Ab7Jijf0piYppHZ&random=3032055385&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/768545124/ 42 B
108 B 38ms
36ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/768545124/?random=1700358078021&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892579784&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNAwpdra1Ad2-gJ8aJ6EKDNgdgrM_PhCrFCsVjBjsuFiR6lAQm&random=911630244&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/768545124/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/768545124/?random=1700358078021&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v892579784&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNAwpdra1Ad2-gJ8aJ6EKDNgdgrM_PhCrFCsVjBjsuFiR6lAQm&random=911630244&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/708462047/ 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708462047/?random=1700358078048&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885074536&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN-ql1L9klGuk_V2LmskzEfTEsVzb7bNJrHbp88CesWbVl2nK_&random=1594241069&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/708462047/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708462047/?random=1700358078048&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885074536&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN-ql1L9klGuk_V2LmskzEfTEsVzb7bNJrHbp88CesWbVl2nK_&random=1594241069&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/10777432239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypha...
https://www.google.com/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...
https://www.google.de/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...

42 B
64 B

30ms
30ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU1QVlXempvQmx1c0pwSzBSZU5JZ1VyU0ZOai1ZQzFncDRkYWZ4OTJqYllZVmRmUUtFYllEWFBBUSITCIWq8rn3zoIDFeyFgwcdsM0CJw&is_vtc=1&ocp_id=vmdZZYXTBuyLjuwPsJuLuAI&cid=CAQSKQDICaaNG79Ep-vwe0Q6v_YtqOqYiaPivd-etzguNUXmaIZF4n8cl8hh&random=2055907983&ipr=y

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10777432239/?random=1268287587&cv=11&fst=1700358078095&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&auid=1872240988.1700358078&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ043aHFnWVExTTZFX1l5ZDdOOWpFaVlBWXhMT21jTU9OSVZWdFlTMmVreDItYzdmeFB0dmVRVjhnbVBaeVlfaTQwS2l3dVdOaGcaWkNoRUlnTjdocWdZUWl2Mi03cldCbWV2RUFSSXVBR3pJelU1QVlXempvQmx1c0pwSzBSZU5JZ1VyU0ZOai1ZQzFncDRkYWZ4OTJqYllZVmRmUUtFYllEWFBBUSITCIWq8rn3zoIDFeyFgwcdsM0CJw&is_vtc=1&ocp_id=vmdZZYXTBuyLjuwPsJuLuAI&cid=CAQSKQDICaaNG79Ep-vwe0Q6v_YtqOqYiaPivd-etzguNUXmaIZF4n8cl8hh&random=2055907983&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10777432239/ 42 B
108 B 36ms
36ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10777432239/?random=1700358078080&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNqDKK53cRdcWpEdWTqjG0BYTF8WfbTmqZtszTjBcMMoRclcFC&random=1081920879&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10777432239/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10777432239/?random=1700358078080&cv=11&fst=1700355600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v893265671&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774&frm=0&tiba=Used%202022%20Audi%20Q5%20Plug-in%20Hybrid%20in%20Phoenix%2C%20AZ%20%7C%20CarMax&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNqDKK53cRdcWpEdWTqjG0BYTF8WfbTmqZtszTjBcMMoRclcFC&random=1081920879&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 01:41:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 99 KB
31 KB 22ms
21ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca3b492e58624d30201bfe06213e6a513c37f56ba433d9bae00e5513d5576b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281428
cf-polished: origSize=102574
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"190ae-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0053d2b694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.61eadfb61701cbba3995.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 28ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.61eadfb61701cbba3995.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33eafe7c71aa27415b3fe0254b6e1c4be7cfccdb32fec684bf876f52b291cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 602444
cf-polished: origSize=2904
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b58-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0057d44694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.b6ed8c4fe4b3f457815a.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 24ms
24ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.b6ed8c4fe4b3f457815a.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d420011478b9237ee35799a2ad0c8ec8dd01cb9d5cfc7295fdb48556c240c7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281428
cf-polished: origSize=29402
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72da-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0057d45694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 LinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
909 B 24ms
24ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/LinkModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281413
cf-polished: origSize=2541
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9ed-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0057d48694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 22ms
21ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 241197
cf-polished: origSize=3546
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 02:23:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"dda-18bacbdecd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c0057d49694b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 38ms
19ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9oDlYMwRwk31RDD&Version=6&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

servershortname
date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 240024
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 07:00:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c005990830c0-FRA
expires: Sun, 13 Nov 2033 07:00:54 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 201 B
274 B 38ms
20ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_emTkxoXvaQjl7dH&Version=1&Q_InterceptID=SI_9oDlYMwRwk31RDD&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

servershortname
date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 181152
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 23:22:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c005990930c0-FRA
expires: Sun, 13 Nov 2033 23:22:06 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 38ms
20ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ah0reLCPOi4vXLv&Version=17&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f2c351adcae377cbaa579e2434df7a0232db66dd4c45169a50bf1809dc0ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

servershortname
date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 406552
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Nov 2023 08:45:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c005990b30c0-FRA
expires: Fri, 11 Nov 2033 08:45:26 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 329 B
351 B 42ms
24ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_aWu0ZeBRVehNneJ&Version=1&Q_InterceptID=SI_ah0reLCPOi4vXLv&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

servershortname
date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 414754
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Nov 2023 06:28:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 8284c005990c30c0-FRA
expires: Fri, 11 Nov 2033 06:28:44 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
215 B 29ms
29ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_emTkxoXvaQjl7dH&Q_SIID=SI_9oDlYMwRwk31RDD&Q_ASID=AS_10337099&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&r=1700358078361

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: d2dc344ec4d82d57
cf-ray: 8284c005c91830c0-FRA

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
126 B 34ms
33ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_aWu0ZeBRVehNneJ&Q_SIID=SI_ah0reLCPOi4vXLv&Q_ASID=AS_9YzH717RdZH7sPj&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&r=1700358078364

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.carmax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: a158b903b96b585c
cf-ray: 8284c005c91b30c0-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
3 KB 97ms
20ms Image
image/png 95.101.149.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_20qzf8m77sY0mLX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.149.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-149-99.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Qualtrics+feedback+button
content-length: 1635
x-request-id: fa3306e0-36ff-4648-8722-212437f70850
referrer-policy: strict-origin-when-cross-origin
etag: "f0fa91fd84b7d45f13e79867954223d3"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: b1af296f-63d6-4f8b-9c94-29c5f0e10b9e
cache-control: public, max-age=7
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Sun, 19 Nov 2023 01:41:25 GMT

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
3 KB 15ms
15ms Image
image/png 95.101.149.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_20qzf8m77sY0mLX

Requested by

Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTI0OTY/access.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.149.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-149-99.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Qualtrics+feedback+button
content-length: 1635
x-request-id: fa3306e0-36ff-4648-8722-212437f70850
referrer-policy: strict-origin-when-cross-origin
etag: "f0fa91fd84b7d45f13e79867954223d3"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: b1af296f-63d6-4f8b-9c94-29c5f0e10b9e
cache-control: public, max-age=5
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Sun, 19 Nov 2023 01:41:25 GMT

GET
H2 200 hero.jpg
img2.carmax.com/assets/24818774/ 45 KB
46 KB 28ms
24ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/hero.jpg?width=800&height=450

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

95f298838656f771c9a5e1d01448f475457afe9f83b212e8e01fdd1d50165641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 03:36:16 GMT
x-serial: 1681
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 46392
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 10.jpg
img2.carmax.com/assets/24818774/image/ 25 KB
25 KB 43ms
39ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/10.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8cb2f9d9d937ffc34df618b41a4d072bea8fb715968af410cae8093303a3258a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:46 GMT
x-serial: 445
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 25784
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 12.jpg
img2.carmax.com/assets/24818774/image/ 31 KB
31 KB 44ms
41ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/12.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f94dcf4f81a76f791b636e7a182766914ef9b64d1a3cdc1c8ba6d20f887c5df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:44 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 31916
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 11.jpg
img2.carmax.com/assets/24818774/image/ 27 KB
27 KB 45ms
42ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/11.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4275b3f7548af21fab0cf7730663c37ea6e617de6c774a6d746037aac65ae099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:38 GMT
x-serial: 753
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 27780
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 23.jpg
img2.carmax.com/assets/24818774/image/ 25 KB
25 KB 45ms
42ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/23.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

25a309835e6a97602ec35bc67ff8aa32cf3f0e196dc89e78d3c336d44985f0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:39 GMT
x-serial: 839
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 25274
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 21.jpg
img2.carmax.com/assets/24818774/image/ 29 KB
29 KB 46ms
43ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/21.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9130551d6e2594f1ecd0758103b90bfc397ac8f3d22983d0b568a7fa910cb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:38 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 29572
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 200 15.jpg
img2.carmax.com/assets/24818774/image/ 15 KB
15 KB 46ms
43ms Image
image/webp 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.carmax.com/assets/24818774/image/15.jpg?width=400&height=300

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

014bf2576c5177702a88277688093af320d2112a61ab70d876fc95ba73c8e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Nov 2023 02:50:37 GMT
x-serial: 2019
server: Akamai Image Manager
x-check-cacheable: YES
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=86400
timing-allow-origin: *
content-length: 15534
expires: Mon, 20 Nov 2023 01:41:20 GMT

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 138ms
136ms Image
text/plain 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
via: 1.1 google

GET
H/1.1 200 /
d.agkn.com/pixel/9043/ 43 B
564 B 12ms
10ms Image
image/gif 3.123.116.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9043/?abid=76955742309912890853907182263057701411
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.116.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-116-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Sun, 19 Nov 2023 01:41:20 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 0
18 B 10ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=76955742309912890853907182263057701411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Nov 2023 01:41:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 404 ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 0
343 B 38ms
36ms Image
text/plain 2a02:26f0:280:184::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:184::1c4e Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/car/24818774
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sun, 19 Nov 2023 01:41:20 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: sameorigin
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700358080725_34830168_355209473_89_11205_11_0_146";dur=1
timing-allow-origin: *
content-length: 0
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 204 0
bat.bing.com/action/ 0
119 B 35ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Nov 2023 01:41:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43489A1B7E194A58BD60D2561AE36E32 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:20Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 42ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Nov 2023 01:41:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDFEB2FECCC54535B1153AA792EE58D7 Ref B: FRAEDGE1510 Ref C: 2023-11-19T01:41:20Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
261 B 10ms
9ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Nov 2023 01:41:20 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET tr.gif
ping.pdst.fm/ 0
0

GET ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 0
0

POST results
api.levelaccess.net/analytics/3.0/ 0
0

POST v2
rs.fullstory.com/rec/bundle/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ping.pdst.fm
URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init

Domain: www.carmax.com
URL: https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Domain: api.levelaccess.net
URL: https://api.levelaccess.net/analytics/3.0/results

Domain: rs.fullstory.com
URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=8853e857-363f-4b28-ab60-6947d4106dca&SessionId=ed928059-bcc1-41d2-b26d-dfad5ce99d05&PageId=b9b3f91b-ad49-46a3-a8d4-d753ce1df92e&Seq=2&PageStart=1700358076712&PrevBundleTime=1700358077869&LastActivity=4856&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.carmax.com/car	1970-01-20 16:19:19	Name: adobeTransID Value: 955c40aed67c6bc08b88ea6b631d8cda
.carmax.com/	1970-01-21 01:04:54	Name: Kmx_Aka_Location Value: zip=,lat=50.12,long=8.68,country_code=DE,city=frankfurt,throughput=low,network=,network_type=hosted,region_code=HE,timezone=GMT+1
.carmax.com/	1970-01-20 16:19:32	Name: bm_sz Value: 7AFB7178A8C56906FC3B7E38CAC2121B~YAAQWHcTAusnZM2LAQAApzM95RVrngEDd51MYlF6mVPF2ms971jVf6YhTdYaIhLw3umHv2xS9bvxTTBU2sidQvUWvUtQ8koqT2R4Hsstb6sE7DOmyHy9RbdDoqrw51XsW7bbccJ3OdIn5PXmq1Qwp3CgFCIwrNKM3juIx+XB27VSBqE061kcB7c4viOn7wUKaE34N5nwwz/cUCMfSAFS2ubOHn0wSOO2FKO80xoc23I24YpNksKbQQ/OJGj7ISQNyiMzqO8c2jU5+THHPsTAbvc9wPVSuRuSREbZ0LM9q4eqlYI=~3555634~3749697
.carmax.com/	1970-01-21 01:04:54	Name: KMX_ViewedVehicles Value: ViewedVehicles=[{"stockNumber":"24818774","timestamp":1700358075334,"viewCount":1}]
.carmax.com/	1970-01-21 01:04:54	Name: KmxVisitor_0 Value: VisitorID=ba5947a1-8549-42f5-a4e0-70df13d99071&CookieDate=11/19/2023, 2:41:15 AM&IsFirstVisit=True
.carmax.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 20:38:30	Name: demdex Value: 73689830128223699064230799168752985772
.carmax.com/	1969-12-31 23:59:59	Name: AMCVS_0C1038B35278345B0A490D4C%40AdobeOrg Value: 1
.carmax.com/	1970-01-20 16:20:44	Name: _gid Value: GA1.2.1542096893.1700358076
.carmax.com/	1970-01-21 01:04:54	Name: _abck Value: 0434BD5C0F9139CDC8206572AE931CF5~0~YAAQWHcTAvEnZM2LAQAAqDU95QoQ08jDHIWRppb0Hl4ZwlERmSEOFZrnF35jfe/LA6Gq+9nMK7xr3EEj01yDJ80p6pikPwfr7b20yIPGBVvp6EbN3XoTEeX4v5VPtq1FVpgBFqWesnmmiebU7dFLiCPhGBOoMYchfAdXP7zLEbPp0k4wK0kOOPU1joD/PwyGTTpRuxwHeh7uyrCT4g77iaO2DYdgIVCx+i8fpRzU/SoUUXyp3/sCxtAobDUmdjONs2YFJjxnZeBjbQ6Sblci9gE3rr+jZkxxJfVBY4PIjKNboQ22cczDF1uf+pAV3/7quPJP0+NxTcaYem5w7ZYUAfRFH5QE0F1iZ1bCM0L9xoO0vHcUIVvg1oCBeUsam9K9lcjt8W5Vh1N79wkBXZZkvTst1rhtQivbuQ==~-1~-1~1700361571
.everesttech.net/	1970-01-21 01:04:54	Name: everest_g_v2 Value: g_surferid~ZVlnuwAAANsaPwNn
.carmax.com/	1970-01-21 01:55:18	Name: mbox Value: session#cde646343700450e965d5b974e78b100#1700359936\|PC#cde646343700450e965d5b974e78b100.37_0#1763602876
.dpm.demdex.net/	1970-01-20 20:38:30	Name: dpm Value: 73689830128223699064230799168752985772
.carmax.com/	1970-01-21 01:55:18	Name: AMCV_0C1038B35278345B0A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19681%7CMCMID%7C76955742309912890853907182263057701411%7CMCAAMLH-1700962875%7C6%7CMCAAMB-1700962875%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1700365275s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19688%7CvVersion%7C5.2.0
.carmax.com/	1970-01-20 16:19:18	Name: _gat_6144a510cabc4cd086ae55f1e2df5ad8 Value: 1
.carmax.com/	1970-01-20 16:19:25	Name: ak_bmsc Value: 09E78FED756F067724D33F2208A35145~000000000000000000000000000000~YAAQWHcTAvMnZM2LAQAAxDY95RV4/XeLeJSTi7MNrUb7ZaH8mNH1Zeh2GbXV/R4JM58QJKnpgUwiG55Suh8nQrvzNe4sZylipVYhm2b+F8tjuWmpiXXl+fu0R6SaOSIHA6hmQ9xXtELdFEhnhiE1ACNGdaW0YyJl12mTcl2UysOO78Bg1nqs+Cwp1eta455z1J7a/9DYT2kyZguz0gr76QTvFvREhdO6phODnlLafUrgqZOkBTuv+atbWfoxbdTbiXComJW59lhnhEmrQ0y0S8+KlsuvuI/Ug0QMxQxbbILfXqov1UxDytL+99raUEcMoak/H3CKN02ix5Bs15HF10wZLz7hq95jONMhaKvRmhKDpP9c9MhAOObwIqNL5LA5GqneDVOag4t7NrSkCBZbrmpo+aGE4cDKlz6qNZE99ElyWWcAdkhuE9m8v3MYFCiMLwsfgBcIOvfqCqgtIKGMo3yMF8cv216ww607wo4cMFHh1ckWBeOEGdRfGb5UExMdKjuo0c+fyx15YBs=
.carmax.com/	1970-01-20 16:19:19	Name: fs_lua Value: 1.1700358076710
.carmax.com/	1970-01-21 01:04:54	Name: fs_uid Value: #J90WC#8853e857-363f-4b28-ab60-6947d4106dca:ed928059-bcc1-41d2-b26d-dfad5ce99d05:1700358076710::1#/1731894076
.carmax.com/	1970-01-20 16:19:25	Name: bm_sv Value: ADA22BAF77E457A39CC65BADAFB72806~YAAQWHcTAv4nZM2LAQAAfjo95RUX96rClYzExRKeyfCaz81MAcawivdLdtL6ll/fg4PvTTJxjGzcoecgQ+FO5hRPXjZ1Revp3Ev6J7ECAtUPThV2sIP8HiFUPYgof7CJmbVm2PARznNci8EPKgWjxCyOIp5o6Kb1P9eBPf1dfPhDR/NN4cqsbtmHqCWyZpC9nvPsL2LCjbfL5U+aAIgHYr8a9zzD4L+9IAr5pY/7dysvvRjlaIUOlDIRDinWxUqM~1
.carmax.com/	1969-12-31 23:59:59	Name: KmxSession_0 Value: logOdds=4.45135046890574&modelDecile=7
.carmax.com/	1970-01-20 16:29:22	Name: RT Value: "z=1&dm=carmax.com&si=048649a5-fc2d-4606-a665-ec0749af6041&ss=lp4tan6i&sl=1&tt=20x&bcn=%2F%2F0217990f.akstat.io%2F&ld=211"
.carmax.com/	1970-01-20 16:20:44	Name: _uetsid Value: bb633cf0867c11ee81483dd7981f648f
.carmax.com/	1970-01-21 01:40:54	Name: _uetvid Value: bb6357c0867c11ee96bce9612638621f
.carmax.com/	1970-01-20 18:28:54	Name: _fbp Value: fb.1.1700358077368.1747472023
.bing.com/	1970-01-21 01:40:54	Name: MUID Value: 1DFEAD8DCE9C647900DDBE43CFF76553
.criteo.com/	1970-01-21 01:40:54	Name: uid Value: eae7124f-9d8a-462f-8468-873e9eb8e52a
.carmax.com/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.carmax.com/	1969-12-31 23:59:59	Name: s_ppv Value: Carpage%253AComing%2520Soon%2C17%2C17%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.carmax.com/	1970-01-20 16:19:19	Name: gpv_v4 Value: Carpage%3AComing%20Soon
.carmax.com/	1970-01-20 16:19:19	Name: s_visit Value: 1
.carmax.com/	1970-01-21 01:06:10	Name: s_vnc365 Value: 1731894077561%26vn%3D1
.carmax.com/	1970-01-20 16:19:19	Name: s_ivc Value: true
.ispot.tv/	1970-01-21 01:55:18	Name: pt Value: v2:7938b8258a45e01c903591418cec7ba8bcb0ac1780fa8c2996b82f83976d5327\|cb4fb54b939d039984244514dbd0e00d9778899f87cb2e72f6319a28624c69c8
.agkn.com/	1970-01-21 01:04:54	Name: ab Value: 0001%3AGSiCDHZZHkiVEAvB5ulJ3MWZVEToV9Ia
.carmax.com/	1970-01-20 18:28:54	Name: _gcl_au Value: 1.1.1872240988.1700358078
.dnacdn.net/	1970-01-21 01:40:54	Name: browser_data Value: ZG64y19uUEVHN2FndlZXaiUyQm5hSlg1cWdESG1OU0djQjUwU29hMTFLMGMwUEhmOFpGQ3Nrc2JoanhQQyUyQkE1MkZVR2tRRkd6c083ViUyRmxwamR4Z2J4RVByVUQ0dyUzRCUzRA
.carmax.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.carmax.com/	1970-01-21 01:48:42	Name: cto_bundle Value: sZVMul9uUEVHN2FndlZXaiUyQm5hSlg1cWdESHE5QnE3JTJCa0l0aW51aE9rREszJTJCY0VjTEVzMWhNR0htbEFzd1NSbXh0QWNKajc2VmNPTEtGdUxiOXM2RXFrMTA3OVl2UUFrQTE2ZlgyU3gzQmRjYXRHeFFvRm9TOSUyRmVXNVBHYlNsSkRrdUxjeU9RVVpPNXQwRVd3RzJkenNKczYzQVVybkNRWSUyQiUyRjUyQ2FCNVNsWFdJcHclM0Q
.carmax.com/	1970-01-21 01:55:18	Name: _ga Value: GA1.1.1411854586.1700358076
.carmax.com/	1970-01-21 01:55:18	Name: _ga_NTWN6LKPPS Value: GS1.1.1700358077.1.0.1700358077.60.0.0
.doubleclick.net/	1970-01-21 01:40:54	Name: IDE Value: AHWqTUnIcKu8keOZn2BjIjltU_6D1xb4hJ13Z0EbwoxSF71mCtHxh8ZS6sgobZXF
www.carmax.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.carmax.com%2Fcar%2F24818774~1700358078269
.agkn.com/	1970-01-21 01:04:54	Name: u Value: C\|0CAAs7CQ9LOwkQAAAAAABATEnAAAAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.carmax.com/myaccount/token/svc/cookie/validate/low Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217990f.akstat.io
ag.gbc.criteo.com
api.levelaccess.net
assets.adobedtm.com
bat.bing.com
c.go-mpulse.net
carmax.sc.omtrdc.net
carmax.tt.omtrdc.net
carmaxbusinessservicesllc.demdex.net
cdn.levelaccess.net
cm.everesttech.net
connect.facebook.net
d.agkn.com
dnacdn.net
dpm.demdex.net
dynamic.criteo.com
edge.fullstory.com
ethn.io
fiaazgbakcqaokqce3ydkaaaczsvsz55-pcosp8-1731156b2-clienttons-s.akamaihd.net
gem.gbc.criteo.com
googleads.g.doubleclick.net
gum.criteo.com
img2.carmax.com
mug.criteo.com
pagead2.googlesyndication.com
ping.pdst.fm
pt.ispot.tv
region1.analytics.google.com
rs.fullstory.com
s.go-mpulse.net
siteintercept.qualtrics.com
sjc1.qualtrics.com
stats.g.doubleclick.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
wkrndbc7mu3oczkzm66q-pcosp8-73946e28b-clientnsv4-s.akamaihd.net
www.carmax.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
api.levelaccess.net
ping.pdst.fm
rs.fullstory.com
www.carmax.com
104.17.208.240
104.17.209.240
142.250.184.226
151.101.66.132
178.250.1.11
185.235.87.133
185.235.87.175
2001:4860:4802:32::36
2600:9000:2240:e400:1:fb61:2b80:93a1
2620:1ec:c11::200
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2013
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9d
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:280:184::1c4e
2a02:26f0:280:194::1c4e
2a02:26f0:280:29a::11a6
2a02:26f0:280:48b::11a6
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:587::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.123.116.199
3.248.147.241
34.242.172.171
35.186.194.58
35.201.112.186
52.24.153.248
63.140.62.214
66.235.152.126
95.101.149.99
95.101.54.225
014bf2576c5177702a88277688093af320d2112a61ab70d876fc95ba73c8e3f4
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
04a475016aa44428f99847ee76f014bd464adf790dbcc77eb825af00245c4de3
051ad4170a34d2a384a20f83b1c73c5594200c59280a690788812ad9e81a8a17
0576f94f1d666e893c67c1457ba42f9c38015a10e638dbfdb991c8aa45684407
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06ccc6fde8fa799bb8a8af8a1aed1cb13085dbdc6f7022ff399a7504b3139b03
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0aacf47013e76902d1639c24e4a128563ebbaaa4be0c1cbb4bb0e19dd32fd4b9
0c0474279dddd49f8d329cf27e359c69e079a21ee157771cca441857a8c9fd9d
0e68d5b8fc8491f97501881d44c5c5887b774ed0296eb8285563d6f4f05a16c8
0f1092521ce69335d30b84dd4e51294b4cb82393feb32291872c03e52ad7651b
0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639
1224aeceefbcee58effb6f255c7f144c4c92a4d0c7c0872a555bebd54316b57d
161dce8926ec3f90e216e4973fcb79cc918658b30358c0f3c315ef2cb58b2178
209e9aec2095f6400db28f8d42a3cfd9f267013720bb964d5640a799f133eed9
217a344e2f0cfd12cdabf715cf79d67fc081950d1d66a71c6b53fb04bcc11c8c
25a309835e6a97602ec35bc67ff8aa32cf3f0e196dc89e78d3c336d44985f0db
26e50f8a6a45d6d191599abd236c53ff9aaeec5841bd3eacff2e20a0308ab9f9
2ca3b492e58624d30201bfe06213e6a513c37f56ba433d9bae00e5513d5576b3
2cc63c5023ca2118a2eb4c766dbdba70501eaf47a061356c13187b21b0b49ee0
2cdf4fbe91de8095f0611d931129ada18557d537675f026082dbf4ce245bc8ab
2d014f485744d00c649f0d8365bce61041da4fa48d866084ec5452e192f809a8
2ebd801e1e99f79130ae3445342361c89c54737405161ca83e3d87bc4356e1ae
2ef70dcce35ce501b3d9c88dc976cb38289c476a0ff1a1596b1210a7af4ea641
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
333db8b1e78f48c5ef193ce6a8974cf3fc71b152b402e62231a993a8aaf174f3
3776b9bd1781c5b547515ff7500230ecc290b56536bf1c99c91978b1f6e7b841
3987d424f040f112367a22d742623c671b0d1ab70d44598ac5e184d909dab38b
3b841de4d53904ebc19e520a4c742a5f050ef329c465a806f4f99aad3038db9c
3cbea6ff8454ef59cee1bc5705f8bb0a0af11768b82a787076ccdd73c48c2fdd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4275b3f7548af21fab0cf7730663c37ea6e617de6c774a6d746037aac65ae099
433903449ae157398dd752c1e5faca02b5ec31f74d1c69ca7fbede8f5e8ed54b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47dc3774f8b59c2ee0c4d398fd51c248ddde4c6bfc6ff44004b98ed3bba24d7d
496a9e2be6961b72c8327c5c6b1b6cbcbdd053e2d42f9742404043c0e9dd801f
4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95
4df31381011de9aa4c29a3d881734469fd7d68848c3ccc60a037eea8607267c6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9846fb7224f20e24fe90f6e0517e058040a487a078e2fc07cb7c7290c53325
516a10a1a98426126703d6942ff9e95c238b3fdc8a89a999a3d332ebd67dc2cd
51a48876d9e8e9a7b09864227e876c10c44ac9773e06a8e2e1bc3871402dc45f
532797186ba6804ac0147bd8acc0ae2c2fd3f7eb6065da2f9b5c2c11e8db12c7
53ca396b7c8aa3548abfac2962cb4e4d6908f42548cc0dafa476d26547511607
547d06874865cfca99c1dbfd488012c530f0b990fa097c296e4d324379ea6a4a
54d0ca678073d045c241555d25c22c6482530e63e416f3e47d54ff58a80c62f7
5516c738033ef1e7d0e3062c67d58fad3f44fc33083f9a5189c4c7832535fce7
552ceeb0ae3ef9f1b5a80f01590053d08cd6f1d035146accf918e3086f08ddb5
583999d7707ecc8a05e42220c4a50fba22a4f2238a155c046ede07e0c2252499
58fdfd63c8045084bc157b2158c73271b83b4654746a2b39baafabe63b25fd55
5a836d2c3a76bd1288a33d2ec77c8030124a6a82d3697f675cb1b4cc0993ae44
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f6f9be09a5225add7b307a91b6777af9bca51428495f55fe308e380b754ea32
61eddc05277ef55331b57f845725edbdae2e98ba090092ae19a46dda57276f29
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63e2c966d1ae68a7110c2ab35afa67d479b9ed6c7b1825c6c73df21d1f6b5b49
65024566ac65f2a5de20394dea222f14c66dbbd3c6f369da1686e95039ba5bb4
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6872c28d9ca7ceb9dbac0ef066d02f05bb8e8939983860e554a490a239be3068
6a8addee26f7c2b8510830b774da4299a12b241105075e90a89821a82cfe2a08
6ab6279a393e805cd9cc954b2d964898a1641a9013caa3de16a9f747acb172da
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6c8c732208ab420d2cd5a6d24de327264126462d6325d1791bc25dae0093e46b
6e7f42ec751238459fb1c0c8549e55501f2717c74b8ddc39c974cee89e025b36
70e15e42bd39b6c862c1b4e45e0b2c37661c14fe694d006dab23211dca824825
77a5178fb521b2d64c948696976ee38a7084cd9d853d267403d22f40cce505a7
7890e0e22c9e85c6b2872ad48199da60c61157725ae5bea7942c1439ae883a67
7a53023387c9f79268a5aa462bbbf714f11fc7ccb2cc6133418523112e666a1e
7b0160caebe5e5f1cd977a8b184b4e718e6bea75fc1af5d08e031d83bac41059
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2d2799108da79590d323f597bf90ef6677b3cb84e0ebab74a8e29640e529ac
7d4b124128dd18d9fe9746aba0ced6031f943e26f2779d5cc135e7e32ffd220b
7ef2332c8a23a563f60a5141f0809485751791d9fda6bab88a6500f811fe9166
80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231
833250ee80557d6cbeb0b7b807b34449b49022f525b205b7028a34464df2fe39
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878fa0dda1bf5303d4c094f42ba9f7b3aaff615c75b0f89ef4011ea9f5adcaf7
8a7441682f1172733347258a8700bfada72ea4bd0c1d94b71a1a2586aa569e85
8c01fc1bfbd933e7ea66a408d224f10987182ee74e9dd7fa289dd9bf345932ce
8cb2f9d9d937ffc34df618b41a4d072bea8fb715968af410cae8093303a3258a
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d8d86824f08fa440452abe0d8af6ac0467edf22097c79b088c124ace2b5bd10
8f363dfa83b99177fa8af885b80b6e8954c86ad03626d3452d7caba990739949
8f75e787afb4cc8bc8e70cfc688814bfbb458b858ab893ead843eee6170822dc
90b5ac3f14745a4ff2309a07a4e7c7f3edcbb8d68e4a8d7a088ecbe55b397a97
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
9130551d6e2594f1ecd0758103b90bfc397ac8f3d22983d0b568a7fa910cb170
937df2d24975cc71db30239495f33c6aa27407cb3f7d39c4fc2d7a6e953641e8
95f298838656f771c9a5e1d01448f475457afe9f83b212e8e01fdd1d50165641
9bea9a0585c83aef8a0ae925d9bf060b730a443d0e60c1837583b3b9413a121a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a576ff585ca1ffac14047edced97046b1acd1792d3cc7480996cd114010e4eb4
abb523f8650a0b0749ae89e77c592ea2724a9d6671212d58fca7255c34501b1c
ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b13913fe572b1132dac33e7697bd1a8ff3dcf582b5d3a3ce0ff23c02ea929cd8
b2e03accf5cd5c216cb31d54be7e5c1369d79f905d5360b80812fc5d5afd546d
b44fec7e955719cd5a13d47130d55d9135ffcb16081d91fa30703b0ce4f94248
b5784113b4faa6b9a5b06a3db66dbebc120f348dc4840b5930307cdafe80cc26
b7fde43de759dfd755effb321f1039f04175c7deaa506d510365cf281cea93a5
be41865e096bba5d4f612c968489d14f01b943bea1ea8fb6b987f05c1f7e32ad
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5b5c93f6affe076aa846f63596819be1a4b6ca73e58baf41f4b01db979fdb4f
ca9d4114e2663c70ac47dc5949d0028d23b065a62ffb54bca4491a11a44c2a3c
cc5ae48d6f770ce559dad21c38a75293548b084bd158a73009ea1fc4449e384d
ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c
ce8b9386918fe9c07a0af46ed11c90f45ffaa4f1a3d54f4fdb00e6676edc7a6c
cf0c411f714a04aa04ddfb95f17dc6f71b9e2737807a06de756e096cba4b18c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2aadb028c6e3981a4c1b1144d1a3e56537ed67f57cde5a3fb22c59ef7ce9e40
d2f97e9a7142b4146e7b42c049d1f9aeb7c874fc17b6d4a4eeb11a4b931dc8e6
d32d4a6a7f7abaf246913a753e2740a27adb8117ae8613ce705caf5ec24d3a11
d33eafe7c71aa27415b3fe0254b6e1c4be7cfccdb32fec684bf876f52b291cbe
d420011478b9237ee35799a2ad0c8ec8dd01cb9d5cfc7295fdb48556c240c7b0
d4cee737adb5d540f30161c6fbf9e1c3177a34f782f025a4fa731fce4b9e9b06
d8f2c351adcae377cbaa579e2434df7a0232db66dd4c45169a50bf1809dc0ac5
d99306f730c91baa9c5586692cf58a6ddfb8f1f35736fd53d09a1e8d993936ab
daf68e77ce7bdf5a0ba1d2c424334b0f14c44d87fd410a622894b9029f2d4a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee0b2853c994d5be10792538856cf07d6f57b7edf1eac055296c3ce64652227
e1df7b2a2b3eb74a0dd52e2c6037d722778fbfacc5e91b86432eea607f3e5d62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cb2dafa252ae54afb3b91b1c30d12761a37459d7e03741268408d9bd106bb6
ea0572fd17272a449f02c366d609cb28e5f0dec0c7bead30031a1f135b29ff7d
eb3994fea47eb24459824a4afe2e793fba5a069713cee494b226449b6ccaa645
ee8a5223f633e4a130d2108f94f80ca31f1e9ec1d5d55781339d771003a5a8de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1be51bbd758230bd3d10a09143fe3699e2c10fd1a77cdc7e12d2a4de1552f44
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5b89e378e60fec3d28549472ebb65f9267b35d98fb3247f6ca3cd4381b12fcd
f7c9edc2bf63eeee6ef41edd60142aaae5df29a62cb89269bbfb3019cd19e77d
f94dcf4f81a76f791b636e7a182766914ef9b64d1a3cdc1c8ba6d20f887c5df1
f953c0f47acf28b49b3b78330423297e1fed1c5e079f5a628e1c66f203e477f1
fb4b0288e6a42913d8d814e8231e35138e3d785c1ed7320a87f5a923f0c44225

www.carmax.com Open in urlscan Pro 2a02:26f0:280:184::1c4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

95 %HTTPS

55 %IPv6

27 Domains

44 Subdomains

38 IPs

6 Countries

3140 kBTransfer

9034 kBSize

43 Cookies

9 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.carmax.com Open in urlscan Pro
2a02:26f0:280:184::1c4e Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

95 %
HTTPS

55 %
IPv6

27
Domains

44
Subdomains

38
IPs

6
Countries

3140 kB
Transfer

9034 kB
Size

43
Cookies

205 HTTP transactions
4 data transactions