www.carmax.com Open in urlscan Pro
2a02:26f0:3500:883::1c4e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.carmax.com/
Effective URL:
https://www.carmax.com/
Submission: On April 13 via api (April 13th 2024, 3:10:34 am UTC) from US — Scanned from DE

Summary HTTP 231 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 57 domains to perform 231 HTTP transactions. The main IP is 2a02:26f0:3500:883::1c4e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.carmax.com. The Cisco Umbrella rank of the primary domain is 50861.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 10th 2024. Valid for: 7 months.

This is the only time www.carmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
75	2a02:26f0:350... 2a02:26f0:3500:883::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
6	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	52.24.153.248 52.24.153.248	16509 (AMAZON-02) (AMAZON-02)
4	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
8	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 5	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
16	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	3.120.52.13 3.120.52.13	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
3	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1 2	2.19.120.31 2.19.120.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.238.128.18 34.238.128.18	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:440... 2606:4700:4400::6812:2412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	52.29.51.157 52.29.51.157	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	54.217.19.5 54.217.19.5	16509 (AMAZON-02) (AMAZON-02)
1	35.186.225.155 35.186.225.155	15169 (GOOGLE) (GOOGLE)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	81.17.55.116 81.17.55.116	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.21 23.48.23.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.17.32.208 52.17.32.208	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	34.251.149.17 34.251.149.17	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.197.235.123 18.197.235.123	16509 (AMAZON-02) (AMAZON-02)
1	35.82.86.30 35.82.86.30	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.121.240.222 3.121.240.222	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:8ff1:abfb:15af:54f7	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.48.97.133 52.48.97.133	16509 (AMAZON-02) (AMAZON-02)
1	18.197.240.248 18.197.240.248	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.101.149.99 95.101.149.99	16625 (AKAMAI-AS) (AKAMAI-AS)
231	69

75 2a02:26f0:3500:883::1c4e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-images.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179914.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.153.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-153-248.us-west-2.compute.amazonaws.com

ethn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.196 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ping.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.52.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-13.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8789640.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.120.31 (Düsseldorf, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-31.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.128.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-128-18.compute-1.amazonaws.com

b.videoamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2412 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.51.157 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-51-157.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.19.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-19-5.eu-west-1.compute.amazonaws.com

rtb.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.225.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.225.186.35.bc.googleusercontent.com

tag.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.116 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-21.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.32.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.149.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-149-17.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.235.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-235-123.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.86.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-86-30.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.240.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-240-222.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:8ff1:abfb:15af:54f7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.97.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-97-133.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.240.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-240-248.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-99.deploy.static.akamaitechnologies.com

sjc1.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	carmax.com www.carmax.com — Cisco Umbrella Rank: 50861 content-images.carmax.com — Cisco Umbrella Rank: 79436	2 MB
19	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 436	148 KB
16	cdninstagram.com scontent.cdninstagram.com — Cisco Umbrella Rank: 930	1 MB
15	qualtrics.com zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com — Cisco Umbrella Rank: 67675 siteintercept.qualtrics.com — Cisco Umbrella Rank: 915 sjc1.qualtrics.com — Cisco Umbrella Rank: 10322	75 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	794 KB
9	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 8789640.fls.doubleclick.net — Cisco Umbrella Rank: 67965 cm.g.doubleclick.net — Cisco Umbrella Rank: 265	2 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2148 rs.fullstory.com — Cisco Umbrella Rank: 2152	100 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	491 B
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 465 dynamic.criteo.com — Cisco Umbrella Rank: 3683 sslwidget.criteo.com — Cisco Umbrella Rank: 2371 widget.us.criteo.com — Cisco Umbrella Rank: 20617 dis.criteo.com — Cisco Umbrella Rank: 673	26 KB
6	google.de www.google.de — Cisco Umbrella Rank: 7551	382 B
6	google.com 4 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3076 www.google.com — Cisco Umbrella Rank: 2	413 B
4	w55c.net 2 redirects tags.w55c.net — Cisco Umbrella Rank: 4623	3 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	6 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 335	14 KB
3	adform.net 1 redirects cm.adform.net — Cisco Umbrella Rank: 1223 c1.adform.net — Cisco Umbrella Rank: 601	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 263	3 KB
3	akstat.io 02179914.akstat.io — Cisco Umbrella Rank: 80854	678 B
3	pdst.fm ping.pdst.fm — Cisco Umbrella Rank: 22080	119 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
3	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 3356	7 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1876	2 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2426	1 KB
2	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2580	387 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 7120 dpm.demdex.net — Cisco Umbrella Rank: 240	2 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1395 c.go-mpulse.net — Cisco Umbrella Rank: 625	53 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2379	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3164	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5537	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 42389	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2885	400 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 524	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 921	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 939	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1162	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1500	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 12503	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 730	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 511	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 767	342 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 772	319 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 437	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2901	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1779	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 696	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 389	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 743	814 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 383	235 B
1	tapad.com tag.tapad.com — Cisco Umbrella Rank: 4292	243 B
1	adgrx.com rtb.adgrx.com — Cisco Umbrella Rank: 5830	304 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1562	633 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 10123	165 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 9467	179 B
1	videoamp.com b.videoamp.com — Cisco Umbrella Rank: 1962	312 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 729	556 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 687	15 KB
1	ethn.io ethn.io — Cisco Umbrella Rank: 39354	657 B
231	57

	Domain	Requested by
68	www.carmax.com	www.carmax.com s.go-mpulse.net
19	assets.adobedtm.com	www.carmax.com assets.adobedtm.com
16	scontent.cdninstagram.com
13	siteintercept.qualtrics.com	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com www.carmax.com siteintercept.qualtrics.com
10	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
7	www.facebook.com
7	content-images.carmax.com
6	www.google.de
5	www.google.com	4 redirects
4	tags.w55c.net	2 redirects
4	googleads.g.doubleclick.net	4 redirects
4	www.googleadservices.com	www.googletagmanager.com
4	bat.bing.com	www.carmax.com bat.bing.com
4	rs.fullstory.com	www.carmax.com edge.fullstory.com
4	edge.fullstory.com	www.carmax.com rs.fullstory.com edge.fullstory.com
3	ib.adnxs.com	2 redirects
3	02179914.akstat.io	s.go-mpulse.net
3	ping.pdst.fm
3	www.google-analytics.com	www.googletagmanager.com www.carmax.com
3	edge.adobedc.net	assets.adobedtm.com
2	c1.adform.net	1 redirects
2	r.casalemedia.com	1 redirects
2	trkn.us	1 redirects
2	8789640.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pt.ispot.tv	www.carmax.com
2	gum.criteo.com	1 redirects static.criteo.net
2	connect.facebook.net	www.carmax.com connect.facebook.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.carmax.com
1	sjc1.qualtrics.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	dpm.demdex.net
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com	www.carmax.com
1	tag.tapad.com
1	rtb.adgrx.com
1	sp.analytics.yahoo.com
1	action.media6degrees.com
1	action.dstillery.com	1 redirects
1	b.videoamp.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	dynamic.criteo.com	assets.adobedtm.com
1	d.agkn.com
1	static.criteo.net	assets.adobedtm.com
1	ethn.io	www.carmax.com
1	region1.analytics.google.com	www.googletagmanager.com
1	adobedc.demdex.net	assets.adobedtm.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.carmax.com
231	72

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
itunes.apple.com
play.google.com
www.youtube.com
instagram.com
www.tiktok.com
www.facebook.com
socialresponsibility.carmax.com
foundation.carmax.com
media.carmax.com
investors.carmax.com
careers.carmax.com

Subject Issuer	Validity	Valid
www.carmax.com GeoTrust RSA CA 2018	`2024-04-10` - `2024-11-05`	7 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
edge.adobedc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-21` - `2024-11-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.ethn.io R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ping.pdst.fm GTS CA 1D4	`2024-02-23` - `2024-05-23`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-01-21` - `2024-04-20`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-11` - `2024-06-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.ispot.tv R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.videoamp.com Amazon RSA 2048 M01	`2023-08-06` - `2024-09-03`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2024-06-06`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
hb.yahoo.net R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.carmax.com/
Frame ID: 5442779E5F280913475B588D16828A3C
Requests: 202 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag
Frame ID: 8B0938B88D76780632893BFF6811F886
Requests: 1 HTTP requests in this frame

Frame: https://8789640.fls.doubleclick.net/activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9181631201za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.carmax.com%2F
Frame ID: B2DF7679B73A5D33BBD42D8B9FE004F2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qHKs4-AbPPXCOpTu3n-7ygelHbk-qQ895Ov8sg&google_cm&google_hm=ay1xSEtzNC1BYlBQWENPcFR1M24tN3lnZWxIYmstcVE4OTVPdjhzZw
Frame ID: 17017542811A9A6E402F2EE745D7FCEE
Requests: 29 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 3CBCB5134E8F75A266F54A9F4E56DE8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CarMax - Shop for used cars, then buy online or at a store

Page URL History Show full URLs

http://www.carmax.com/ HTTP 307
https://www.carmax.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

231
Requests

94 %
HTTPS

26 %
IPv6

57
Domains

72
Subdomains

69
IPs

9
Countries

4760 kB
Transfer

11015 kB
Size

67
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/explore/tags/showyourbow/
Title: #ShowYourBow

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/carmax/id571044395?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.carmax.carmax

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@CarMax
Title: CarMax Youtube

Search URL Search Domain Scan URL

URL: https://instagram.com/carmax?igshid=MzRlODBiNWFlZA==
Title: CarMax Instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@carmax
Title: CarMax TikTok

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CarMax/
Title: CarMax Facebook

Search URL Search Domain Scan URL

URL: https://socialresponsibility.carmax.com/
Title: Social responsibility

Search URL Search Domain Scan URL

URL: https://foundation.carmax.com/
Title: CarMax Foundation

Search URL Search Domain Scan URL

URL: http://media.carmax.com/
Title: Media center

Search URL Search Domain Scan URL

URL: http://investors.carmax.com/
Title: Investor relations

Search URL Search Domain Scan URL

URL: https://careers.carmax.com/us/en
Title: Search jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.carmax.com/ HTTP 307
https://www.carmax.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIvana15u-hQMVb4mDBx1u9A0lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIvana15u-hQMVb4mDBx1u9A0lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqsOqlXguU9VhDub0Ew8k6TbJNC2D63Q&random=3558807922 HTTP 302
https://www.google.de/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIvana15u-hQMVb4mDBx1u9A0lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqsOqlXguU9VhDub0Ew8k6TbJNC2D63Q&random=3558807922&ipr=y

Request Chain 129

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIibDa15u-hQMVUKCDBx0HTwhBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIibDa15u-hQMVUKCDBx0HTwhBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkRsMozo6SP62pnuKW6i5kJ1HsqNx7A&random=1161982843 HTTP 302
https://www.google.de/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIibDa15u-hQMVUKCDBx0HTwhBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkRsMozo6SP62pnuKW6i5kJ1HsqNx7A&random=1161982843&ipr=y

Request Chain 159

https://sslwidget.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE&tld=carmax.com&fu=https%253A%252F%252Fwww.carmax.com%252F&ceid=153957d0-575a-4169-8620-21e38b415b20&dtycbr=20652 HTTP 302
https://widget.us.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE&tld=carmax.com&fu=https%253A%252F%252Fwww.carmax.com%252F&ceid=153957d0-575a-4169-8620-21e38b415b20&dtycbr=20652

Request Chain 163

https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9181631201za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.carmax.com%2F HTTP 302
https://8789640.fls.doubleclick.net/activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9181631201za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.carmax.com%2F

Request Chain 167

https://trkn.us/pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643 HTTP 302
https://trkn.us/pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643&ip=81.95.5.41&cuidchk=1

Request Chain 169

https://action.dstillery.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24

Request Chain 174

https://tags.w55c.net/rs?id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=fc8227f6-85ff-090d-3fde-c9bc815c4124&scc=1&id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing

Request Chain 175

https://tags.w55c.net/rs?id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=713c7d87-5c91-f91d-6c48-c98c84dc2c03&scc=1&id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing

Request Chain 180

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI0I_x15u-hQMV66GDBx0j-wiOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI0I_x15u-hQMV66GDBx0j-wiOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtqk_RZW2g_SL8nL0RM3vlqe-SEVOk9gjrKDWcGud5cYr7ESvVl&random=1915741559 HTTP 302
https://www.google.de/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI0I_x15u-hQMV66GDBx0j-wiOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtqk_RZW2g_SL8nL0RM3vlqe-SEVOk9gjrKDWcGud5cYr7ESvVl&random=1915741559&ipr=y

Request Chain 183

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI8Knx15u-hQMVtI6DBx3D7QAkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI8Knx15u-hQMVtI6DBx3D7QAkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtq0rn7H6Mgl_ys4CQbsNOvrwbivr5VuwQqwXeLy8gmJHjHL6xh&random=1278684123 HTTP 302
https://www.google.de/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI8Knx15u-hQMVtI6DBx3D7QAkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtq0rn7H6Mgl_ys4CQbsNOvrwbivr5VuwQqwXeLy8gmJHjHL6xh&random=1278684123&ipr=y

Request Chain 191

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1162305206384309573

Request Chain 201

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA&C=1

Request Chain 202

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nZpnRDbWvkmoe-WLDOQyNlaZI7vuC-_L

Request Chain 216

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q

231 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.carmax.com/
Redirect Chain

http://www.carmax.com/
https://www.carmax.com/

58 KB
17 KB

643ms
546ms

Document
text/html

2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e9f3857d69997f59b2123925a8e73e2751009b7c56ae4ba1a0427c3a8f91a6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cache-control: no-store,no-cache
content-encoding: gzip
content-length: 13098
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 03:10:27 GMT
link: <https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://content-images.carmax.com>;rel="preconnect",<https://p11.techlab-cdn.com>;rel="preconnect",<https://edge.fullstory.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://ethn.io>;rel="preconnect",<https://scontent.cdninstagram.com>;rel="preconnect",<https://scontent-den2-1.cdninstagram.com>;rel="preconnect" <https://assets.adobedtm.com>;rel="preconnect"
pragma: no-cache
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
server-timing: cdn-cache; desc=MISS edge; dur=303 origin; dur=221 ak_p; desc="1712977826606_388276638_2181813587_52429_14530_6_49_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-akamai-transformed: 9 13354 0 pmb=mTOE,3mRUM,2
x-content-type-options: nosniff
x-frame-options: sameorigin

Redirect headers

Location: https://www.carmax.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 CarMaxSharpSansDisp-Bold.woff2
www.carmax.com/shared/fonts/ 51 KB
51 KB 21ms
21ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Mon, 8 Apr 2024 15:26:21 GMT
etag: "0x8DC57E03EE25D84"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813753_37_13630_6_0_219";dur=1
timing-allow-origin: *
content-length: 52120
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 lato-v16-latin-700.woff2
www.carmax.com/shared/fonts/ 22 KB
23 KB 28ms
28ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Mon, 8 Apr 2024 15:26:25 GMT
etag: "0x8DC57E040F512DC"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813754_31_13650_6_0_219";dur=1
timing-allow-origin: *
content-length: 22992
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 lato-v16-latin-regular.woff2
www.carmax.com/shared/fonts/ 23 KB
23 KB 21ms
21ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Mon, 8 Apr 2024 15:26:26 GMT
etag: "0x8DC57E041A2ED23"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813755_34_13447_6_0_219";dur=1
timing-allow-origin: *
content-length: 23484
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 horizon-modules.f1aeda3af5a3e670f55c.bundle.js Show response
www.carmax.com/home/dist/ 88 KB
12 KB 49ms
46ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/horizon-modules.f1aeda3af5a3e670f55c.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93b0372ab328a19fd3c3878c231aefb15698be6d3ad47d8e129fcc0da601cd69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813762_101_13508_6_0_219";dur=1
content-length: 12018
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 03 Apr 2024 13:39:06 GMT
etag: "1da85c9d341c2a8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 13:38:30 GMT

GET
H2 200 lycg-xl.jpg
www.carmax.com/home/images/home/hero/ 213 KB
213 KB 62ms
61ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/hero/lycg-xl.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b71cdf587bc71b4e12fd7cb0f6857f52c69a9defb88cf1f8e75a21b5cc6d5586

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 05 Apr 2024 08:45:51 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a6e8b7"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1712977827221_388276638_2181813770_886_13233_6_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 218039
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 main.css
www.carmax.com/shared/header-footer/full/css/ 87 KB
10 KB 42ms
39ms Stylesheet
text/css 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/css/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba642a3c60fe7cf0b973f7e3210b93e950956c2206352d6e0e294d6a9d1c70b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813758_59_13570_6_0_255";dur=1
content-length: 9618
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Tue, 26 Mar 2024 14:31:19 GMT
etag: "0x8DC4DA0C5AE9C84"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 common.dcc9d5e818ebcf3e9048.css
www.carmax.com/home/dist/ 93 KB
11 KB 43ms
41ms Stylesheet
text/css 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/common.dcc9d5e818ebcf3e9048.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c9184ee65d9365bf05a95e61c7bd848136d25c9caf0fca0a05cc301b14ca34b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813759_124_13600_6_0_255";dur=1
content-length: 10895
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Tue, 26 Mar 2024 04:33:55 GMT
etag: "1da7620a4ff5584"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 04:33:54 GMT

GET
H2 200 home.b1883e0d3d3803cbcc32.css
www.carmax.com/home/dist/ 195 KB
22 KB 45ms
43ms Stylesheet
text/css 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

419daf054ec9112fcdfb2172521499a5bb9a71e2f7d442f09a6a544b0673fba7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813761_124_13531_6_0_255";dur=1
content-length: 21780
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 01 Apr 2024 07:20:48 GMT
etag: "1da7c753730aebb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 07:20:47 GMT

GET
H2 200 vendor.acf6fe6d7f7e05df87b6.css
www.carmax.com/home/dist/ 59 KB
9 KB 46ms
44ms Stylesheet
text/css 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/vendor.acf6fe6d7f7e05df87b6.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd37cdd786d87b78a4c819b77c29f3bbeddbd06f4520860d51b1fd187b7d8f01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813763_106_13572_6_0_255";dur=1
content-length: 9026
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 08 Apr 2024 16:16:14 GMT
etag: "1da85c9d3404819"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 16:14:52 GMT

GET
H2 200 main.js Show response
www.carmax.com/shared/header-footer/full/js/ 164 KB
32 KB 50ms
48ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/header-footer/full/js/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d51518f12dea95ae512faf6c89821fbcd922bfc0a56919dd9fd8ac6b3f53d1bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813764_63_13567_6_0_219";dur=1
content-length: 32544
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Tue, 26 Mar 2024 14:31:02 GMT
etag: "0x8DC4DA0C61C907A"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 common.39a64595cf1528249794.bundle.js Show response
www.carmax.com/home/dist/ 889 B
914 B 51ms
49ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/common.39a64595cf1528249794.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0b018d6c3eae5f22ff0f6afbab8fc560c7e3ae317309e1b2e52be76627435558

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813765_138_13509_6_0_219";dur=1
content-length: 438
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Fri, 05 Apr 2024 23:00:31 GMT
etag: "1da85c9d340a179"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Apr 2024 23:00:30 GMT

GET
H2 200 home.d694693d5dd86d204b6c.bundle.js Show response
www.carmax.com/home/dist/ 255 KB
62 KB 52ms
50ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/home.d694693d5dd86d204b6c.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff977808ecabc5ed1fb744e210eeed0771992839fa55fd6c86ba47c45546ab5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813766_112_13424_6_0_219";dur=1
content-length: 63294
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Thu, 11 Apr 2024 14:20:18 GMT
etag: "1da8a9376dd0a83"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 14:20:00 GMT

GET
H2 200 vendor.1cbaa3c0c78bf8fa3ff9.bundle.js Show response
www.carmax.com/home/dist/ 1 MB
262 KB 55ms
53ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/vendor.1cbaa3c0c78bf8fa3ff9.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5488171b3133ce94f377bf709d6ad1de1baa53afeb8f54093cd4cbc720b42407

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1712977827221_388276638_2181813767_640_13443_6_0_219";dur=1
content-length: 267602
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 03 Apr 2024 13:37:39 GMT
etag: "1da85c9d350562f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 13:37:35 GMT

GET
H2 200 runtime.6c0488885934bc1ac750.bundle.js Show response
www.carmax.com/home/dist/ 2 KB
1 KB 60ms
58ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/runtime.6c0488885934bc1ac750.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

575d43f5fb231afe678a95f6a28c2d3e439416ad3f6ad8fccf9359a27777533f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813768_104_13392_6_0_219";dur=1
content-length: 837
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 01 Apr 2024 15:36:51 GMT
etag: "1da7c753733a263"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 15:36:49 GMT

GET
H2 200 59db601b Show response
www.carmax.com/akam/13/ 26 KB
10 KB 258ms
258ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/59db601b

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bdc2882f9f24e1e000deaa2bcb97f82a7b0cdbbc524bc5a9377c51f06c620525

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 22 Feb 2024 19:42:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "6c7d09341241f21c925f81e98fe2a6f60a6c36939a749a9dcb537718535f0c68"
stored-attribute-sha-checksum: bdc2882f9f24e1e000deaa2bcb97f82a7b0cdbbc524bc5a9377c51f06c620525
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=239, origin; dur=0, ak_p; desc="1712977827290_388276638_2181813795_24267_6521_10_0_146";dur=1
timing-allow-origin: *
content-length: 8811

GET
H2 200 app-xl.png
www.carmax.com/home/images/home/native-apps/ 28 KB
28 KB 61ms
59ms Image
image/png 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/native-apps/app-xl.png

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

55267ef5b31d1df5b122e63ed8ec64c5df17a758b97b5f6f678e6ac7f59d7f82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 05 Apr 2024 02:36:59 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a5d5ee"
x-frame-options: sameorigin
content-type: image/png
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813769_101_13360_6_0_182";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 28398
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 app-badge_apple.png
www.carmax.com/home/images/home/native-apps/ 7 KB
7 KB 43ms
42ms Image
image/png 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/native-apps/app-badge_apple.png

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c500d4cc467b0194c0a7da2aeaa0e4271d12d87a724a847edb3067c65da206ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 07 Apr 2024 05:52:53 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a5a1c1"
x-frame-options: sameorigin
content-type: image/png
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827290_388276638_2181813796_426_12301_8_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 6849
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 app-badge_google.png
www.carmax.com/home/images/home/native-apps/ 6 KB
6 KB 44ms
44ms Image
image/png 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/native-apps/app-badge_google.png

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c96793d780adf29aa522832bdccc2df296a5600a5c840cf8ad4f55cd256d9e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 07 Apr 2024 21:26:50 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a5ac65"
x-frame-options: sameorigin
content-type: image/png
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1712977827290_388276638_2181813797_2499_12294_8_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 5989
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 launch-fabb7b419568.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/ 504 KB
121 KB 52ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 090731b4b0f5e3e2eb96a53e8b61f53b21c19beb32f1b5723630a88bb4f7f740

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:02 GMT
server: AkamaiNetStorage
etag: "0ffc942608a51e03649bac9269bfeaa8:1712943842.73456"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 123365
expires: Sat, 13 Apr 2024 04:10:27 GMT

GET
H2 200 dGc Show response
www.carmax.com/t30WfU8eJ/hs8b5Rc/Ww/9kViDkuYO7/bC4gdQ8CAg/GhR7J1oj/ 209 KB
76 KB 15ms
15ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/t30WfU8eJ/hs8b5Rc/Ww/9kViDkuYO7/bC4gdQ8CAg/GhR7J1oj/dGc

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6bec47ad3b816bdffae4dc81c4ee5c797a6405922ce160fb0650199ba16f2d62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 02 Aug 2023 16:13:47 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "30d872d06917b656defc6437778f650255f7c484a5c97973be313e67852b3e38"
stored-attribute-sha-checksum: 6bec47ad3b816bdffae4dc81c4ee5c797a6405922ce160fb0650199ba16f2d62
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600, max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827274_388276638_2181813786_38_7813_9_0_182";dur=1
timing-allow-origin: *
content-length: 77262

GET
H2 200 horizon-modules.f1aeda3af5a3e670f55c.bundle.js Show response
www.carmax.com/home/dist/ 88 KB
0 37ms
37ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/dist/horizon-modules.f1aeda3af5a3e670f55c.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93b0372ab328a19fd3c3878c231aefb15698be6d3ad47d8e129fcc0da601cd69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827221_388276638_2181813762_101_13508_6_0_219";dur=1
content-length: 12018
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 03 Apr 2024 13:39:06 GMT
etag: "1da85c9d341c2a8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Apr 2024 13:38:30 GMT

GET
H2 200 G44P5-SQM6J-DDMWR-2C333-A6FEA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 34ms
7ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sun, 14 Jan 2024 03:28:54 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 7173 Show response
www.carmax.com/stores/api/ 4 KB
3 KB 1081ms
1081ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/stores/api/7173

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/header-footer/full/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbaa822e3800eb71818a86a65dbd3b8f16f1309493d1ee3f04e3ee3827fa8891

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=288, origin; dur=764, ak_p; desc="1712977827310_388276638_2181813809_105599_12686_7_0_219";dur=1
timing-allow-origin: *
content-length: 1791
request-context: appId=cid-v1:9336cb2e-56a8-454e-8ffc-d63deab21124

GET
H2 200 lato-v16-latin-regular.woff2
www.carmax.com/shared/fonts/ 23 KB
0 0ms
0ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
last-modified: Mon, 8 Apr 2024 15:26:26 GMT
etag: "0x8DC57E041A2ED23"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813755_34_13447_6_0_219";dur=1
timing-allow-origin: *
content-length: 23484
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 CarMaxSharpSansDisp-Bold.woff2
www.carmax.com/shared/fonts/ 51 KB
0 1ms
1ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
last-modified: Mon, 8 Apr 2024 15:26:21 GMT
etag: "0x8DC57E03EE25D84"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813753_37_13630_6_0_219";dur=1
timing-allow-origin: *
content-length: 52120
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

GET
H2 200 lato-v16-latin-700.woff2
www.carmax.com/shared/fonts/ 22 KB
0 2ms
2ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/home/dist/home.b1883e0d3d3803cbcc32.css
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
last-modified: Mon, 8 Apr 2024 15:26:25 GMT
etag: "0x8DC57E040F512DC"
x-frame-options: sameorigin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827206_388276638_2181813754_31_13650_6_0_219";dur=1
timing-allow-origin: *
content-length: 22992
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad

POST
H2 201 dGc Show response
www.carmax.com/t30WfU8eJ/hs8b5Rc/Ww/9kViDkuYO7/bC4gdQ8CAg/GhR7J1oj/ 18 B
936 B 507ms
506ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/t30WfU8eJ/hs8b5Rc/Ww/9kViDkuYO7/bC4gdQ8CAg/GhR7J1oj/dGc

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/t30WfU8eJ/hs8b5Rc/Ww/9kViDkuYO7/bC4gdQ8CAg/GhR7J1oj/dGc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: https://www.carmax.com
access-control-allow-credentials: true
x_req_id: 948ab9f7-2365-4e6f-84e9-930cbd0ebb74
server-timing: edge; dur=3, origin; dur=483, cdn-cache; desc=MISS, ak_p; desc="1712977827362_388276638_2181813826_49156_7406_28_0_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 21 KB
4 KB 155ms
114ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=G44P5-SQM6J-DDMWR-2C333-A6FEA&d=www.carmax.com&t=5709926&v=1.720.0&sl=0&si=d87ea504-b8fb-4e3f-8358-ccdc8c0f5448-sbv25f&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=245985
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a56b7d41fb8250981b7cd1166fba7d7e4197d0db4e5667700e45eaded36d9d6c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 3684

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 creditrate Show response
www.carmax.com/home/api/ 616 B
2 KB 460ms
460ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/api/creditrate

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8b49a65628195255c15ab58585a3498473b1e40d044ab6d0c7080927446aff13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: public,max-age=600
server-timing: cdn-cache; desc=MISS, edge; dur=274, origin; dur=165, ak_p; desc="1712977827613_388276638_2181813941_43841_14247_6_0_219";dur=1
timing-allow-origin: *
content-length: 340
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 social-proof-carousel Show response
www.carmax.com/home/api/content/ 1 KB
2 KB 300ms
300ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/api/content/social-proof-carousel

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0afd245d994bb7f225cc7e3dc8347e141c06eceee4d5e4de3e01ec1c48113d92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: public,max-age=600
server-timing: cdn-cache; desc=MISS, edge; dur=255, origin; dur=11, ak_p; desc="1712977827628_388276638_2181813946_26579_13189_30_0_219";dur=1
timing-allow-origin: *
content-length: 967
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 main.css
www.carmax.com/shared/appraisals/ 256 KB
22 KB 34ms
33ms Stylesheet
text/css 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/appraisals/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/home/dist/home.d694693d5dd86d204b6c.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

39b3c4167a7536ac16ac1bdf0d7e8d3b21b5b0ee1e02151b53625a408b569eee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827628_388276638_2181813947_101_13075_13_0_255";dur=1
content-length: 21405
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 28 Mar 2024 16:34:51 GMT
etag: "0x8DC4CCFE7C6FDA4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *

GET
H2 200 main.bundle.js Show response
www.carmax.com/shared/appraisals/ 1 MB
296 KB 35ms
34ms Script
text/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/appraisals/main.bundle.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/home/dist/home.d694693d5dd86d204b6c.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9323da6eb007bdf8b1b9fa0904048ac867a27486e77ffb89e60f38376c71464e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712977827628_388276638_2181813948_184_12919_13_0_146";dur=1
content-length: 301599
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Mon, 25 Mar 2024 13:33:38 GMT
etag: "0x8DC4CCFE75142A9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *

GET
H2 200 related-content Show response
www.carmax.com/home/api/research/ 5 KB
4 KB 431ms
431ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/api/research/related-content

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8bfc0495fc42cd9bdb47f3f624b91e0da3b7e43643d001c7bc5285e08a72f543

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=373, origin; dur=27, ak_p; desc="1712977827628_388276638_2181813949_39982_12892_7_0_219";dur=1
timing-allow-origin: *
content-length: 2392
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Sat, 13 Apr 2024 04:10:27 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sat, 13 Apr 2024 04:10:27 GMT

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 731 B
914 B 143ms
69ms Fetch
application/json 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=9e009f07-799e-4cc2-8819-f948eaea115e&requestId=7ef4402d-969c-413b-8ffa-8d25b39a2865

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

c54a43934f00c217f401d679d1974e573db67a865f3d55286de9ed07a3579322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 7ef4402d-969c-413b-8ffa-8d25b39a2865

GET
H2 200 io-xl.jpg
www.carmax.com/home/images/home/instant-offers/ 95 KB
96 KB 56ms
56ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/instant-offers/io-xl.jpg

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1c6911fde06de9d5fbfea9ea63ff8cdf19061e62c9cfa1b643b3be2d20032e36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 04 Apr 2024 17:31:20 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a4c781"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=14, ak_p; desc="1712977827703_388276638_2181813980_1407_15406_12_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 97409
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H2 200 animated-loader-part-1.gif
www.carmax.com/home/images/home/instant-offers/ 272 KB
273 KB 60ms
60ms Image
image/gif 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/home/instant-offers/animated-loader-part-1.gif

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

80aed2010ecf88f43062b62a1ae31cc10ec9400ed1c50db7c9ec38e1eb3cee96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 04 Apr 2024 22:18:56 GMT
date: Sat, 13 Apr 2024 03:10:27 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 03 Apr 2024 13:13:50 GMT
etag: "1da85c8c4a1fa78"
x-frame-options: sameorigin
content-type: image/gif
cache-control: public, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1712977827719_388276638_2181813985_205_12891_12_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 278904
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d84e6af966a5fe2f22f672eff1161e18c0575bd9e37d82b10b9bf43effbf48b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
104 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5ff66af4c8ea2112a3a771b63782ba48e2cd2942ad6d8182989cddb39aea5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106287
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:27 GMT

POST
H2 200 interact Show response
edge.adobedc.net/ee/irl1/v1/ 20 KB
6 KB 109ms
60ms Fetch
application/json 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/irl1/v1/interact?configId=9e009f07-799e-4cc2-8819-f948eaea115e&requestId=bdbd6544-e2a7-4c91-9eae-1b6e7bc831fb

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

7fc167d8dcafe82cecadde8269b5fdaa9b631d17fbc1216067b0d1e0940fe45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 03:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: bdbd6544-e2a7-4c91-9eae-1b6e7bc831fb

GET
H2 200 favicon.ico
www.carmax.com/home/images/ 31 KB
5 KB 22ms
22ms Other
image/x-icon 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

168eccecfe30ff67372f483afb84c6825d7d792998ad86d541acf283973062e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 24 Apr 2020 20:33:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: "c2f7fbbecc18d3ec7056edf157d96480:1587760416.662452"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/x-icon
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977827798_388276638_2181814011_38_15267_34_0_219";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 4571

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-187672-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a84a16f51997d0801c9e33f59a06b3ccb2038548404727564221a302492821ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:27 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 49ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NTWN6LKPPS&gtm=45je44a0v893987339za200&_p=1712977827781&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=877330898.1712977828&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&uid=&dt=homepage&sid=1712977827&sct=1&seg=0&dl=https%3A%2F%2Fwww.carmax.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=false&tfd=1330
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 69ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NTWN6LKPPS&cid=877330898.1712977828&gtm=45je44a0v893987339za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
19ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NTWN6LKPPS&cid=877330898.1712977828&gtm=45je44a0v893987339za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1583609721

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 socialproof Show response
www.carmax.com/home/api/ 8 KB
4 KB 172ms
172ms XHR
text/plain 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/api/socialproof?id=Cp30czNsKpX&id=Cp8Rs4OuqfQ&id=Cq3rGMZPwpA&id=Cq6sxbeuyZ4&id=Cq6zPu9Oj5t&id=CqV2ghluWeD&id=CqVYWuHLxFL&id=Cqg6iMOLiFn&id=Cqt7KHfpfFt&id=Cqt7OZFrHcf&id=CqwSKdAvRVc&id=Cs5B7att_hj&id=CtK3hzwtlf9&id=CtNEZi5SRdf&id=CtNTdQBOXge&id=CtQdaiEOoXk&id=CtSRK74JjXM&id=CtVXHJOO9xI&id=CtnB23vP_u2&id=CtoQlzxOpWm

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0fd733437d95bd1c0a3044c9194ae64cf1e69e7f8f20da95a816619bdf2f2ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-faba3a97f1194088-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.faba3a97f1194088
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/plain; charset=utf-8
cache-control: public,max-age=600
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=11, ak_p; desc="1712977827970_388276638_2181814073_12793_17897_6_0_219";dur=1
timing-allow-origin: *
content-length: 3079
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H/1.1 200
OK 33034.js Show response
ethn.io/ 0
657 B 576ms
194ms Script
text/javascript 52.24.153.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ethn.io/33034.js?ftv=true

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.24.153.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-153-248.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Runtime: 0.006131
Date: Sat, 13 Apr 2024 03:10:28 GMT
Strict-Transport-Security: max-age=0;
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Server: nginx
X-Download-Options: noopen
Content-Type: text/javascript
Cache-Control: no-cache
Feature-Policy: camera 'none'; geolocation 'none', microphone *
Connection: keep-alive
Content-Length: 0
X-Request-Id: ef7fefdf-30d6-40a6-9aff-b99fea5d8b7d

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 260 KB
71 KB 29ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d2b9c1f1c9ea64eb3d4f45dc3a50504228ab0805e2065e98f4e092250d602f2e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 02:38:56 GMT
content-encoding: br
age: 1891
x-guploader-uploadid: ABPtcPpAa3DdhqXMlaassokwSe5XfR-EkcH0UcEvXwwFmfDMI2_UY5K1Tuqcd_Mli0jbpPHKIuRgWrD1zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72574
last-modified: Wed, 10 Apr 2024 15:36:22 GMT
server: UploadServer
etag: "169e4b4b7f04067a85da188332e770aa"
vary: Accept-Encoding
x-goog-generation: 1712763382241019
x-goog-hash: crc32c=zTfkdw==, md5=Fp5LS38EBnqF2hiDMudwqg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 72574
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Apr 2024 03:38:56 GMT

HEAD
H2 200 main.js Show response
www.carmax.com/shared/chat/ 0
432 B 26ms
26ms XHR
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-93fc9cfdea0e4484-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.93fc9cfdea0e4484
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
mpulse_origin_time: 0
server-timing: ak_p; desc="1712977827970_388276638_2181814074_404_14918_27_0_255";dur=1
content-length: 721519
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 04 Apr 2024 12:03:49 GMT
mpulse_cdn_cache: HIT
etag: "0x8DC549EE6EFBD62"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 pagecontext Show response
www.carmax.com/chat/ 419 B
1 KB 690ms
689ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/chat/pagecontext

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1fd13e9268297ee64ad03436fb80b93cca4780cdfcc606bb5f59976faf268e22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-68266b78b3564af3-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.68266b78b3564af3
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
server-timing: cdn-cache; desc=MISS, edge; dur=660, origin; dur=4, ak_p; desc="1712977827997_388276638_2181814098_66372_17852_10_0_219";dur=1
timing-allow-origin: *
content-length: 461
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

GET
H2 200 main.css Show response
www.carmax.com/shared/chat/ 10 KB
2 KB 44ms
44ms XHR
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/chat/main.css

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

641d6b447caa20c2d6f86da1bbad729c3ecb7c6183a809631a1625a386483c7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-d0bed19b0e624cd4-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.d0bed19b0e624cd4
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828017_388276638_2181814105_116_16755_22_0_219";dur=1
content-length: 2086
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 04 Apr 2024 12:02:44 GMT
etag: "0x8DC549EE600C4FD"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *

GET
H2 200 ec70f1528385f41d770aa47efbbc1655.gif
www.carmax.com/chat/dist/ 67 KB
68 KB 44ms
43ms Image
image/gif 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/chat/dist/ec70f1528385f41d770aa47efbbc1655.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1186a53d5335c7c1f812adeca7ee14e6aa3d752a6ff9b81674523e4d5ced0557

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Thu, 04 Apr 2024 11:59:16 GMT
etag: "1da868784584f7c"
x-frame-options: sameorigin
content-type: image/gif
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828017_388276638_2181814106_117_16248_22_0_146";dur=1
accept-ranges: bytes
timing-allow-origin: *
content-length: 68988
request-context: appId=cid-v1:1614b205-aa90-4548-be15-db837b4e1e5a

POST
H2 200 interact Show response
edge.adobedc.net/ee/irl1/v1/ 587 B
460 B 65ms
65ms Fetch
application/json 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/irl1/v1/interact?configId=9e009f07-799e-4cc2-8819-f948eaea115e&requestId=91570d88-f503-41af-9ff6-590936f71778

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

296ae1dd611bf3e739b18b820bcc32c0e283126a08d9d78237bc956e22639041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 91570d88-f503-41af-9ff6-590936f71778

GET
H2 200 RCc9515f72141d43bf8ba0129c8f6d4c67-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 538 B
582 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCc9515f72141d43bf8ba0129c8f6d4c67-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f425c8a2280a742c47058d385a093e9d50268faf334cb32d2895f3e3e0f11119

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 325
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-187672-9&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 01:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Apr 2024 03:38:42 GMT

GET
H2 200 RCfd61048334504a999f1b14e74a534a20-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 538 B
582 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCfd61048334504a999f1b14e74a534a20-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5921ce1ba73d528f48b33233345e2d9fa056179eb806dc4e607c37d8c5a00a52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 325
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/J90WC/v1/ 44 KB
6 KB 8ms
8ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/J90WC/v1/web
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97b9af8a0e79c25c0a3336720b2457ce4062f2fd61a73742c56265a6f8171a4d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 02:57:16 GMT
content-encoding: gzip
age: 792
x-guploader-uploadid: ABPtcPqmscUzF5aqpSiIZ1CQmnLqZoAgkN4dg_PE3_xxTSTAwPnZYvQre3xT1yv33KZWqgbUlUbvLlPxLA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5484
last-modified: Sat, 13 Apr 2024 02:56:20 GMT
server: UploadServer
etag: "b18903c01c4132d599166d899c918fa4"
x-goog-generation: 1712976980534230
x-goog-hash: crc32c=DUYH5w==, md5=sYkDwBxBMtWZFm2JnJGPpA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 5484
accept-ranges: bytes
content-type: application/json
expires: Sat, 13 Apr 2024 03:12:16 GMT

GET
H2 200 RCeb55e522682349fb97b62ccb64c155b0-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 2 KB
1009 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCeb55e522682349fb97b62ccb64c155b0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: da60692bdc1d7255a0a5945de7d2127d1cbe392c4a18ee988c62d0d2fa068721

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 752
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 639701_Edmunds_EV-Charger-Types-Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/NluSUusY0u5724sqfNiKe/a02d0c331ce8a7fd2df35fa76f68d899/ 48 KB
48 KB 89ms
31ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/NluSUusY0u5724sqfNiKe/a02d0c331ce8a7fd2df35fa76f68d899/639701_Edmunds_EV-Charger-Types-Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

0dafc626d627be5d7d44981a60c620bbcb0528886220b106fa3a4e96338c5dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17 Feb 2024 13:36:23 GMT
server: Contentful Images API
x-amz-cf-pop: IAD55-P3
etag: "e38d5ad4c7a1c1d66a81675d88266338"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1457611
server-timing: ak_p; desc="1712977828126_388276638_2181814156_1165_14152_6_0_146";dur=1
content-length: 48940
x-amz-cf-id: QWM5SP2lwqFQeoqU4Sd-FnbSJswLmY6dwTVsJbTfrVNXobPM8coYhA==

GET
H2 200 616603_Edmunds_High-Tech_Towing_Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/1gDSAoWdKDYcOSvuabHn2W/731eb917d48fc5f1741e2b74ced13892/ 102 KB
102 KB 101ms
44ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/1gDSAoWdKDYcOSvuabHn2W/731eb917d48fc5f1741e2b74ced13892/616603_Edmunds_High-Tech_Towing_Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

979aeed8ae700fb84c8226381444e079a640056e473b2f64fc8a34e03bfcdc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 10 Mar 2024 14:51:44 GMT
server: Contentful Images API
x-amz-cf-pop: ORD58-P2
etag: "ab12255c8ea76ac9aaad1617703dc885"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1681273
server-timing: ak_p; desc="1712977828130_388276638_2181814162_1747_10094_6_0_146";dur=1
content-length: 104088
x-amz-cf-id: xhHu0GYgESxkM2_xZEnk9Goig12kKx9bso8_iVX8442V5sZlXgpA3w==

GET
H2 200 504501_How_CarMax_Cars_Reach_the_Lot-Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/pyna8VeBOBJfXLUlsjFM5/e509c81492db7ca73b4464644b675b8f/ 65 KB
65 KB 94ms
36ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/pyna8VeBOBJfXLUlsjFM5/e509c81492db7ca73b4464644b675b8f/504501_How_CarMax_Cars_Reach_the_Lot-Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

ebc440a97dbab7480aeb23f673a7862a37402da6360725d8290723567ce4d273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 10 Mar 2024 05:31:04 GMT
server: Contentful Images API
x-amz-cf-pop: IAD55-P3
etag: "71c634ea21d46885b0e59517c7ac037e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1521544
server-timing: ak_p; desc="1712977828129_388276638_2181814160_1552_10619_6_0_146";dur=1
content-length: 66208
x-amz-cf-id: ANYq6xpF5RkBZVPog1WGHTvC4cvzg06U9AuoQlJ8bY-Ir7IzDFe27w==

GET
H2 200 617002_Edmunds_Dodge-Challenger-vs-ChargerHero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/5EZKw8ssy0yUcsQjKxqwNH/6583b9f8030b7c177c4677fb6ebdec88/ 67 KB
68 KB 96ms
38ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/5EZKw8ssy0yUcsQjKxqwNH/6583b9f8030b7c177c4677fb6ebdec88/617002_Edmunds_Dodge-Challenger-vs-ChargerHero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

015e4bf3f674d48cf0bb46e2ddae02af57cfa65c9f5dafa881c0a141f2a04cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Feb 2024 00:44:44 GMT
server: Contentful Images API
x-amz-cf-pop: IAD55-P3
etag: "7d1c72aecaccb816e3923f15b1937e42"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1856784
server-timing: ak_p; desc="1712977828129_388276638_2181814161_1508_10421_6_0_146";dur=1
content-length: 69004
x-amz-cf-id: pBLKkXTAcYWQKgFP8L7buqwEqLqfqDBBfABo_2UIOz5wE6QE27fIbA==

GET
H2 200 635501_HowtoBuyaUsedCar_Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/5K7qei2PTZifOlUAucbac8/7ed21e45c7cf0025e96d32b651fa4c0c/ 58 KB
59 KB 91ms
34ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/5K7qei2PTZifOlUAucbac8/7ed21e45c7cf0025e96d32b651fa4c0c/635501_HowtoBuyaUsedCar_Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

db35496f7260347c393d5cc98696b8ba9b8adfd8ab24b00e2a148da8251e53d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 11:53:23 GMT
server: Contentful Images API
x-amz-cf-pop: IAD55-P3
etag: "3e673bc455d534a601de100bd1c854ae"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1513806
server-timing: ak_p; desc="1712977828129_388276638_2181814158_1463_10592_6_0_146";dur=1
content-length: 59845
x-amz-cf-id: IkIQH_-cPg0vL1myUiCFm_e5DrAUa6cN-376Qxw70NwJGO29zDrIaA==

GET
H2 200 617103_Best-High-MPG-Cars-Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/cAcr7eAyYd4mV5Px0qs5I/9b30c5628579ad5660b507737be0d829/ 64 KB
64 KB 92ms
35ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/cAcr7eAyYd4mV5Px0qs5I/9b30c5628579ad5660b507737be0d829/617103_Best-High-MPG-Cars-Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

2472712ff79ff0f94ce5adc90beed621db7338ee5d6451fc9998959d2b006caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Feb 2024 02:07:02 GMT
server: Contentful Images API
x-amz-cf-pop: ORD51-C3
etag: "fa8bd471668c25106bc35001ee0a6209"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1107896
server-timing: ak_p; desc="1712977828129_388276638_2181814159_1529_10511_6_0_146";dur=1
content-length: 65131
x-amz-cf-id: FXtuRPS8zDZtDWw7fJgnSsqd9g2zDq3VdSQbqZYC2eylxPnhD73G7g==

GET
H2 200 616602_Edmunds_Latest-ADAS-Tech-Explained-Hero-abstract_800x600.jpg
content-images.carmax.com/qeontfmijmzv/5ux1hb1dHz5b2aiu0ocQXh/68fb7fadadcd3604021bf9c22a200ebc/ 69 KB
70 KB 22ms
20ms Image
image/jpeg 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/5ux1hb1dHz5b2aiu0ocQXh/68fb7fadadcd3604021bf9c22a200ebc/616602_Edmunds_Latest-ADAS-Tech-Explained-Hero-abstract_800x600.jpg?w=540&h=462

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

ed14d7f30b020352757fb5f992f42f571c6679fcb91664bf17deb48075f27325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21 Mar 2024 16:26:59 GMT
server: Contentful Images API
x-amz-cf-pop: IAD55-P3
etag: "441a816fe52e67b6c1e355281bf09123"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1517380
server-timing: ak_p; desc="1712977828153_388276638_2181814173_110_13631_9_0_146";dur=1
content-length: 70878
x-amz-cf-id: hoLyXSWE9whP4BpdkPO4nyUFyKE1XP-7TYWI9sAXT1jBL-kTcJJ_rQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
145 B 15ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1884349018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carmax.com%2F&ul=de-de&de=UTF-8&dt=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1330897431&gjid=1410656470&cid=877330898.1712977828&tid=UA-187672-9&_gid=869298827.1712977828&_r=1&gtm=457e44a0z8893987339za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=163627557

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1884349018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carmax.com%2F&ul=de-de&de=UTF-8&dt=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAUABAAAAACAAs~&jid=&gjid=&cid=877330898.1712977828&uid=&tid=UA-187672-9&_gid=153279359.1712977828&gtm=457e44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1176891411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 08:32:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67102
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel_59db601b Show response
www.carmax.com/akam/13/ 0
801 B 18ms
18ms XHR
text/html 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/akam/13/pixel_59db601b

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-0d0b01b7f1f04431-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.0d0b01b7f1f04431
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: sameorigin
content-type: text/html
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1712977828075_388276638_2181814126_300_8318_6_0_219";dur=1
timing-allow-origin: *
content-length: 0

GET
H2 200 sport-utilities.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
2 KB 49ms
46ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sport-utilities.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86962954c4db42289e5bbb79560d3796c2140b66b900de5b91a3cbe1b1363e69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814128_81_16621_6_0_146";dur=1
content-length: 1591
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Sun, 04 Feb 2024 19:09:35 GMT
etag: "1da554e9ebf453c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 19:08:02 GMT

GET
H2 200 pickup-trucks.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 51ms
49ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/pickup-trucks.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

346b6ada5edc21eb08d4134729c9dc672ed77b5eaffc31f1be3ab382d6730d7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1712977828088_388276638_2181814129_297_16318_6_0_146";dur=1
content-length: 1914
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Thu, 28 Mar 2024 16:19:18 GMT
etag: "1da7c742afb044e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 16:16:54 GMT

GET
H2 200 sedans.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
2 KB 52ms
50ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sedans.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa66aa90a6ab9029977793cdfb594834fd436438c2ed41a2f4c772f6b00517f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814130_90_16590_6_0_146";dur=1
content-length: 1516
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 25 Mar 2024 19:07:34 GMT
etag: "1da761fa24ef3e5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 19:07:34 GMT

GET
H2 200 crossovers.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 50ms
48ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/crossovers.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8fa7d3d93842c076fc712e9a00c048f127b37c9883e715d074279d549ec99b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814131_99_16440_6_0_146";dur=1
content-length: 1767
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Sun, 10 Mar 2024 15:09:12 GMT
etag: "1da709f6d7ee978"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Mar 2024 15:05:56 GMT

GET
H2 200 coupes.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
2 KB 47ms
45ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/coupes.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db2bdae188a52c9982e88df5507d4e65d4c4e902a9e0071b419fa7d5d9cc02f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=21, ak_p; desc="1712977828088_388276638_2181814132_2102_15987_6_0_146";dur=1
content-length: 1715
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Fri, 08 Dec 2023 17:28:53 GMT
etag: "1da21493a94b5c8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 17:28:52 GMT

GET
H2 200 convertibles.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 49ms
47ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/convertibles.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7769fbf41ecfa6814a07e9a480b962b71b819f83e7a0d15779f916a084b420ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828107_388276638_2181814137_311_13036_6_0_146";dur=1
content-length: 1885
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 20 Mar 2024 10:03:42 GMT
etag: "1da761fa24ee803"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:00:03 GMT

GET
H2 200 luxury-vehicles.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
2 KB 51ms
49ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/luxury-vehicles.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c5383e658eaf828b9598cd276e261513af1c4c08c4c46feac9424aedbdbc2c03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828105_388276638_2181814138_109_14950_6_0_146";dur=1
content-length: 1560
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 05 Feb 2024 14:48:21 GMT
etag: "1da554e9ebf4479"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 14:48:07 GMT

GET
H2 200 sports-cars.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
2 KB 52ms
51ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sports-cars.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09a4d5b507c938a5f458e8ae2816ea271d9a805c8a1115f3ffebe1273114481b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828105_388276638_2181814139_123_14906_6_0_146";dur=1
content-length: 1506
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 04 Mar 2024 06:42:54 GMT
etag: "1da6b3fbd117cfe"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:42:54 GMT

GET
H2 200 diesel-engines.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 61ms
58ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/diesel-engines.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32878be1f98374f663cfeeb73f7f6309cdb4fc1a82e3b30aeffbe3c3c2009283

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="1712977828105_388276638_2181814140_764_14465_6_0_219";dur=1
content-length: 1961
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Fri, 09 Feb 2024 16:01:32 GMT
etag: "1da554e9ebf404e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:29:55 GMT

GET
H2 200 minivans-and-vans.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 73ms
71ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/minivans-and-vans.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8b5cf591ff26c71f99fece5ac4cd93c18c25eb601738e737fb7764c9f462c8cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828125_388276638_2181814152_2139_16440_6_0_219";dur=1
content-length: 1818
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 11 Mar 2024 17:03:59 GMT
etag: "1da73c6037b8097"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Mar 2024 17:02:23 GMT

GET
H2 200 hybrids.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 72ms
70ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/hybrids.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02d54472d2261686fc98e5129f5fe5a27af53c6cbd87b083177e11d01ee3ce4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828125_388276638_2181814153_2158_16299_6_0_219";dur=1
content-length: 1827
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 11 Mar 2024 12:15:39 GMT
etag: "1da709f6d7eee24"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Mar 2024 11:23:42 GMT

GET
H2 200 wagons.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
3 KB 74ms
73ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/wagons.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adbd5008651b2f366e2206f6bd60c3563c0e80ed469e234ee886ce4fb1b552cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828126_388276638_2181814154_2158_16295_6_0_219";dur=1
content-length: 2087
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 14 Feb 2024 15:57:50 GMT
etag: "1da5df1b8379fdc"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 15:57:49 GMT

GET
H2 200 electric-cars.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
2 KB 75ms
74ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/electric-cars.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

479de19033c3a1e02fdec675dd4b89bfbc827c9ad4fcc2a5bd43cc058be6465c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828126_388276638_2181814155_2178_16014_6_0_219";dur=1
content-length: 1825
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 26 Feb 2024 12:04:51 GMT
etag: "1da5f73c9101a87"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 11:47:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 35ms
34ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8789640&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b92f4c274365acf213a8548c6700c04836d77ec7acf5bc8084031108c3f84630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 22ms
21ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ab6b4d8083d09ba5e7deb1dd776ac1eaeb6ad4e30f9366359b349092f60edd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 40ms
40ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9f77c15b9f69e0dbaf0771be6f42ebf09780d1cd600e320a2d828527ee2021b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 29ms
29ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f67b66612330e664ecf28aeb214419f0473b07f70c4fdd86058645ecba38ab68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 37ms
37ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708462047&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5a001320b4cc097b60be02a203b001e338d9aecda19fecb153b3c84e781fdd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 35ms
35ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-586870437&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f8e83b702311ae80df13b9efb15d3f109e9cfd943fdb9e32bcbf361c16110449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 28ms
27ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NTWN6LKPPS&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

efc575826bb8c0c7f8e54509414658a50080bdf90bd8e15a2a7ce3621c71a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H2 200 RCb2d41fe416ad4d5091503ce1aa624e90-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 1 KB
872 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCb2d41fe416ad4d5091503ce1aa624e90-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 54e4e159c4166c341c265eff37edea699f47836510787c43cc4cc7697fb1a998

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 615
expires: Sat, 13 Apr 2024 04:10:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-187672-9&cid=877330898.1712977828&jid=1330897431&gjid=1410656470&_gid=869298827.1712977828&npa=1&_u=YADAAUAAAAAAACAAI~&z=2020424389

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 Apr 2024 03:10:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.carmax.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 44 KB
6 KB 150ms
126ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 129b9488617427ffd16ad3692564e4a7084002451ab9186fbcd904e2e03489df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 35ms
13ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: tEQKMd5kwE2rZfIubijXtcRh+RAQL7prc3HVV7VrmcFecfjRbU+djZ9FnI5Imnv1KCcYrOByR/S/uJR4CsOPmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RCf15d42aa818c49ada875ed2ff68e09c9-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 636 B
603 B 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCf15d42aa818c49ada875ed2ff68e09c9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 94b1780a2e07291b5cd84b5ea51d49cade5a9acccdf5ef2ec7900779761b9ee7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 346
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 RC8087d5708bd3448da0c06e9b9d0704c8-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 1 KB
889 B 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC8087d5708bd3448da0c06e9b9d0704c8-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2ec16ced21758506c5dcda3454e0a637f11076940e682fbd798ef12517783d84

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 632
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 43ms
21ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=877330898.1712977828&jid=1330897431&npa=1&_u=YADAAUAAAAAAACAAI~&z=355657074

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 21ms
20ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-187672-9&cid=877330898.1712977828&jid=1330897431&npa=1&_u=YADAAUAAAAAAACAAI~&z=355657074

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC4f2114b4614a4f6aba126e74c7c5fb9a-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 3 KB
1 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC4f2114b4614a4f6aba126e74c7c5fb9a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 38254cbb943e0f12f17ab29528e46a6aa2be2d2e0c109a5e23b686bbdffa0495

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1151
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 204 tr.gif
ping.pdst.fm/ 0
47 B 192ms
129ms Image
text/plain 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
via: 1.1 google

GET
H2 200 RCa322455207a3474abce285051c2bbd6b-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 544 B
601 B 13ms
11ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCa322455207a3474abce285051c2bbd6b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9c7c21f65045771af22cf8fd225259bfaf06c22ead67a6ba41eb989cc733dfdf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 344
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 354912935_3463042773949356_6557935107469595490_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 63 KB
63 KB 49ms
26ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/354912935_3463042773949356_6557935107469595490_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=xbvc4O1fmPkAb5Es6U7&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBITM7Lb9EBqlM1lNCGbEqTQcBH-Ssn_n0alW6qUAeqgA&oe=661A6E16&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b9a9a01b23fbf6711b51490f23fac735b628d5ce2aae7081a7802b2eccd993eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=96900, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 17 Jun 2023 23:22:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2430138072
thrift_fmhk: GBDFatyP0GrjzfcwrvtpFr7AFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3194207977
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 64823

GET
H2 200 352368497_983232716139146_8617211633541799882_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 90 KB
90 KB 48ms
26ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/352368497_983232716139146_8617211633541799882_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=Ck5uq-J6VkQAb6oltNI&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfAFuDOU_878GzkbDn-_GCIxw7sZ2p6lA6WgaKx5Xgo2Iw&oe=661A689F&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a0627d4bea6b90bf27fa01dacc68912c6353cf63671334a97579db96996998c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=96900, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 07 Jun 2023 23:36:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=507943258
thrift_fmhk: GBCt8/3/tpSUfEsKnn+13AX7Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1114192723
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 91741

GET
H2 200 352830332_236966002377600_7857891598500285619_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 129 KB
130 KB 48ms
26ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/352830332_236966002377600_7857891598500285619_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=ijkoIsNSJL4Ab6W5AS_&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfAdFNowZLXre8aZ-pAe5hRWSZ0CcsO419_GX6YbirB9hw&oe=661A6BF7&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d54068d9e4a02504b5033358e7918ed7f83642905b6982bb4862af38f7123df9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=96900, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 11 Jun 2023 02:43:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=232081727
thrift_fmhk: GBCFr4AaJVFMZA2URNy1NfqXFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 517387556
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 132471

GET
H2 200 352426969_618220736941598_2888482909074173178_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 47 KB
47 KB 44ms
21ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/352426969_618220736941598_2888482909074173178_n.jpg?stp=dst-jpg_e35_s480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=ybZy2_GLhMsAb4TUlek&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBhjljBshVXcdCLbtYqDBrTN0dOItpVpK-OFJR8eA2ldA&oe=661A67E7&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d6951dc836388164379890fc8cc8ac01796617e8f8dabad014fa4cb41e91c7c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=64340, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 07 Jun 2023 21:18:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2263401519
thrift_fmhk: GBDM1AbGmd3GMDzF3pekmSUzFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2899369429
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 47820

GET
H2 200 350819522_302087898809519_7887148042006658608_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 50 KB
50 KB 43ms
21ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/350819522_302087898809519_7887148042006658608_n.jpg?stp=dst-jpg_e35_s480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=vcim-xDRIRIAb6yzvO2&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDZ5ScrxQoQzBrEHvclrFBFnm8vX3Me1AWwDvAXDpwS2A&oe=661A4E18&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cdc16884db881e6cf89f244b2bf7797dc664c4b1a0aae5907ebfecb12a207fc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=64132, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 31 May 2023 02:38:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1562470129
thrift_fmhk: GBCo8SMwIM6Me8smYNkrss38Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2568867841
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 50790

GET
H2 200 354256187_221506367425079_1819505945140674938_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 59 KB
59 KB 31ms
8ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/354256187_221506367425079_1819505945140674938_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=p41e-IsE0UgAb425Zvm&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDR2EeU3sXno-ypA5ZWMhRc4C_4J-Fc5rRwRQyPr2rUeQ&oe=661A666B&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8b2c6deb1ad6c2ccf5638533bac80e929a6b53505448d9d1247f093e93a245c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2869, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 18 Jun 2023 10:52:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4179620251
thrift_fmhk: GBCv3fXvHCns/+Mv+OynzDWQFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3357860933
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 60374

GET
H2 200 340484340_163081373013683_246624737849051976_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 129 KB
129 KB 19ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/340484340_163081373013683_246624737849051976_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=4I_b5nirzdIAb6S4IvC&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBrzGFjRiQSEsk3YeDbE68l1F4YN_9zE2zZ8KXdvroXJw&oe=661A70AF&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f219e638f85acaefe0f07b3ad4868eff7fb0e71364a99cef7909f2967d10a448

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 12 Apr 2023 01:05:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=214117416
thrift_fmhk: GBCV3RS/3qPhhafeydE2a9ohFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2344922826
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 132133

GET
H2 200 340800445_888405068896870_1795417858328030232_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 122 KB
122 KB 18ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/340800445_888405068896870_1795417858328030232_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=Q4dIDSqC2u0Ab6hCVfK&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDKpweAZFNMNU1aSVWAZBTQys5sYMt7hUklENAbPYLnVQ&oe=661A71B7&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ff165de84426cfd08334db6b920e34b231a5bd18eb16519d7693ad02ba6fa012

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 10 Apr 2023 20:06:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1270467777
thrift_fmhk: GBCWtHNQOKRtbCpfEFRV31HZFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3657844873
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 124473

GET
H2 200 340490756_1403763217090615_7896199524454284385_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 89 KB
89 KB 18ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/340490756_1403763217090615_7896199524454284385_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=THETtEWSq68Ab73Dyvh&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBpur27X0pteDblNAq9kA7_anLQDvCFbbIc7-P9sUyWEw&oe=661A6B72&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 03d1a319a22b575978c5dc2782262926199b7f9122c8e915d8cffcbb335746b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 12 Apr 2023 02:06:21 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3394781301
thrift_fmhk: GBAbtMB4U/bGYR6xhrhqcRHxFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2991392716
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 91395

GET
H2 200 340342299_1234638854083145_6567066683835859286_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 63 KB
63 KB 18ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/340342299_1234638854083145_6567066683835859286_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=TT85qwpa9xwAb46STtC&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDW4njOkRlxSycTnYpV7j2MHFiZHlgc65wSe6cMlXCf2A&oe=661A656E&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b2dbc6cfe3daebbc87983b9c79eb2dc0a3ee6a14e6afd353cbcccde68e019216

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 07 Apr 2023 02:06:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=886199992
thrift_fmhk: GBD/CQXQ15gxBAygfPP4K0spFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1451177525
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 64773

GET
H2 200 340313740_184908424346551_1864063680708109287_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 55 KB
55 KB 17ms
16ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/340313740_184908424346551_1864063680708109287_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=T0LNqaEndacAb4FopIC&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfD30LybCu2JYkXUd8QnECFbPGbhBxdjIyQay63lK1m2vQ&oe=661A4A62&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: da30e304d7302154faabdac5b3b0cc915f35bb7c135f7a495842e2d2f814e831

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 07 Apr 2023 23:56:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1561560485
thrift_fmhk: GBBdDyaOcJG1sQ9/B6j9TY5nFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1101236483
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 56386

GET
H2 200 339084701_780242730197618_4664179225842839637_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 47 KB
47 KB 17ms
16ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/339084701_780242730197618_4664179225842839637_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=1S2EeZmXwjMAb6vw6IK&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfCZ5d3sWkLuuhjcBDjudv5CgitTCOdbmOCJTLHl_BQc2Q&oe=661A6B87&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f9c69b4b4538954a224c4b7e77c2c984203c3feeca54217dc15faba20d1aa834

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 02 Apr 2023 00:24:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3966346003
thrift_fmhk: GBAn5qrUCgiovujp+l0dCgKbFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3431244565
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 47634

GET
H2 200 336064585_952805492744656_2899841514968662202_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 63 KB
63 KB 18ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/336064585_952805492744656_2899841514968662202_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=PTv-6-DjOLoAb5uXytl&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBymg9ezCz6qByS9fZncKGQDErKItv60OWULvHtpSEIWg&oe=661A4D1E&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5ecaef748e988de2037fc044417119cafca2235ce8b448411fa8156eb22b3feb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 17 Mar 2023 01:46:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=610213250
thrift_fmhk: GBAOXZAa8ihfYgDLhBJuGJO0Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3652852143
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 64238

GET
H2 200 335967269_1377212543112104_3092243144671802392_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 70 KB
70 KB 18ms
18ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/335967269_1377212543112104_3092243144671802392_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=x2TE8VGCozsAb6GFyf_&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfA5EFLnEdCxpQQoGrfYMRk_bcwCyV4DkOXGvbmGDhkwEA&oe=661A64C7&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9a697f4266a579542774151fd59434b6491bb13c8a7797c4a2be942f743a9bc0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=127, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 18 Mar 2023 19:13:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3081069915
thrift_fmhk: GBDEmdkLxfUC2vpl/fQkyCWSFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3204456876
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 71681

GET
H2 200 337832403_1251501145455557_1854166561959225238_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 68 KB
68 KB 18ms
17ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/337832403_1251501145455557_1854166561959225238_n.jpg?stp=dst-jpg_e35_p480x480&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=AZ8kRZWvRTcAb5Icvta&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBo9B5Lg7xVo5ZZGhmgkUDR1VkLSCrNxpAl5JxG2Mse3A&oe=661A49B1&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5984b810302e3083bfcf887bf9bbe17b8cdc9005a392c3be0fe32232e76f2e62

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=119, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 28 Mar 2023 13:19:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4023764913
thrift_fmhk: GBD9VwNne6KurKUOV1F7UK+zFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1529229628
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 69365

GET
H2 200 337879135_144141501926789_5944205630977978616_n.jpg
scontent.cdninstagram.com/v/t51.29350-15/ 102 KB
102 KB 18ms
18ms Image
image/jpeg 2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.29350-15/337879135_144141501926789_5944205630977978616_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=1&_nc_ohc=_pWMjHFBk24Ab642W1N&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfC3Ok38p2mmRguauCfS5M9WM2y_6lPdfyXJRqG1FlQuyA&oe=661A5A73&_nc_sid=cc8940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0e3891cd5d6550d5c064686f563ce28a9c64e91e5db2ff302cbd974d4cfd2674

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=127, mss=1294, tbw=362690, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Sat, 13 Apr 2024 03:10:28 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 28 Mar 2023 17:38:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2683512618
thrift_fmhk: GBChsVZcejR+eEeajnSErLjrFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1301378510
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 104395

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 67ms
35ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 13 Apr 2024 03:10:27 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BD3810222AC54B6E877B14F0CBB154FF Ref B: FRA31EDGE0214 Ref C: 2024-04-13T03:10:28Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/10777432239/ 3 KB
2 KB 102ms
51ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10777432239/?random=1712977828225&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10777432239&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9311b91d1f1ecbdaed6d6b8e607d48c5b0873653edfa384c9bebaf386d0a8ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1582
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1060501044/ 3 KB
2 KB 56ms
27ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1060501044/?random=1712977828251&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1060501044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

36cc8d8c74c3416a9bbb14eba27bc2910d97cbf227a9f256128b0abd8a85aa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1580
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 5 KB
5 KB 118ms
118ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 433903449ae157398dd752c1e5faca02b5ec31f74d1c69ca7fbede8f5e8ed54b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 main.js Show response
www.carmax.com/shared/interact-one/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/interact-one/main.js

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a836d2c3a76bd1288a33d2ec77c8030124a6a82d3697f675cb1b4cc0993ae44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828351_388276638_2181814271_143_15581_7_0_146";dur=1
content-length: 651
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
last-modified: Thu, 21 Mar 2024 14:49:23 GMT
etag: "0x8DC49B572CA0E96"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *

GET
H2 200 RC74b0a4df5a7b4d98ac74a1268f9762c2-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 611 B
627 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC74b0a4df5a7b4d98ac74a1268f9762c2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 617712edfda7245c2735fcc0cd264f39e5d643fe18913289d073d4758da94880

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 370
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 176869726424290 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 110ms
109ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/176869726424290?v=2.9.153&r=stable&domain=www.carmax.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b892c332405cc50fe0906a54961602e3d44125fa8dcbb9412bf3201a3218ddf0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1294, tbw=63157, tp=-1, tpl=-1, uplat=102, ullat=0
pragma: public
x-fb-debug: C94n8xJ7EksI/VpsaIpIuJmA57dLN8qQ7jkldY1tz0xu09W7pi0LQvX9K4PXq6YVWSoAWq52elaxH4erAKE67g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 4028650.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
32ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4028650.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 13 Apr 2024 03:10:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C3F7146C83146FBA682B30F695A6A38 Ref B: FRA31EDGE0214 Ref C: 2024-04-13T03:10:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 79ms
79ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4028650&Ver=2&mid=c57767c0-4587-4e72-8255-d010f321d367&sid=61308840f94311ee8b2139eca0adbd81&vid=61309c90f94311eeaf2003e710524cd3&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=CarMax%20-%20Shop%20for%20used%20cars,%20then%20buy%20online%20or%20at%20a%20store&p=https%3A%2F%2Fwww.carmax.com%2F&r=&lt=1217&evt=pageLoad&sv=1&rn=638086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Apr 2024 03:10:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FD3A0459A2A4679813FE3DF35421970 Ref B: FRA31EDGE0214 Ref C: 2024-04-13T03:10:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1060501044/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

19ms
18ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIvana15u-hQMVb4mDBx1u9A0lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqsOqlXguU9VhDub0Ew8k6TbJNC2D63Q&random=3558807922&ipr=y

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1060501044/?random=124416041&cv=11&fst=1712977828251&bg=ffffff&guid=ON&async=1&gtm=45be44a0v872296686za200&gcd=13l3lPl2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=sucuCNnvv_kDELTs1_kD&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIvana15u-hQMVb4mDBx1u9A0lMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqsOqlXguU9VhDub0Ew8k6TbJNC2D63Q&random=3558807922&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 taxesandfees Show response
www.carmax.com/home/api/ 14 KB
2 KB 151ms
151ms XHR
application/json 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/home/api/taxesandfees?state=KS

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d993749acdea97e4efed86a8c8a621230c63cd145e001b69803a1511c485af64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-b8197dfc06134b779350108c53278967-d5388e83eba24561-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.carmax.com/
Request-Id: |b8197dfc06134b779350108c53278967.d5388e83eba24561
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: public,max-age=600
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=40, ak_p; desc="1712977828427_388276638_2181814302_12495_19369_12_0_219";dur=1
timing-allow-origin: *
content-length: 1659
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389

GET
H3

200

/
www.google.de/pagead/1p-conversion/10777432239/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&...
https://www.google.de/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...

42 B
64 B

22ms
22ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIibDa15u-hQMVUKCDBx0HTwhBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkRsMozo6SP62pnuKW6i5kJ1HsqNx7A&random=1161982843&ipr=y

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10777432239/?random=813763778&cv=11&fst=1712977828225&bg=ffffff&guid=ON&async=1&gtm=45be44a0v893265671za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=ZBFpCISyovADEK-hipMo&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIibDa15u-hQMVUKCDBx0HTwhBMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSGwB7FLtqkRsMozo6SP62pnuKW6i5kJ1HsqNx7A&random=1161982843&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 47 KB
15 KB 56ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 28 Feb 2024 19:26:21 GMT
server: nginx
etag: W/"65df88dd-bc93"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Apr 2024 03:10:28 GMT

GET
H2 200 RC27dca6e9ca0f4bbd94305e45004d3e10-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 819 B
722 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC27dca6e9ca0f4bbd94305e45004d3e10-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 67d6b65b7d10111a307811aa141b9ff230d00ef28db6c5a377368f5299041950

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 465
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 24ms
8ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=J90WC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 02:14:30 GMT
content-encoding: gzip
age: 3358
x-guploader-uploadid: ABPtcPolvXqBIr2mGll3MQRFdsDOoG1CHRTTYPpfR8FD_WuONtNJ5m3GDcsOGT3GzPmw3XqxtGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11986
last-modified: Tue, 09 Apr 2024 19:11:10 GMT
server: UploadServer
etag: "dbb9be044fdb87bb792eb7b0b848a857"
x-goog-generation: 1712689870542441
x-goog-hash: crc32c=StVZlg==, md5=27m+BE/bh7t5LrewuEioVw==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11986
accept-ranges: bytes
expires: Sat, 13 Apr 2024 03:14:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=PageView&dl=https%3A%2F%2Fwww.carmax.com%2F&rl=&if=false&ts=1712977828467&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1712977828466.608201143&ler=empty&cdl=API_unavailable&it=1712977828349&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=ViewContent&dl=https%3A%2F%2Fwww.carmax.com%2F&rl=&if=false&ts=1712977828468&cd[content_category]=Homepage&sw=1600&sh=1200&v=2.9.153&r=stable&ec=1&o=4126&fbp=fb.1.1712977828466.608201143&ler=empty&cdl=API_unavailable&it=1712977828349&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176869726424290&ev=FBK_fifth_apr_pentile&dl=https%3A%2F%2Fwww.carmax.com%2F&rl=&if=false&ts=1712977828468&cd[pentile]=fourth&sw=1600&sh=1200&v=2.9.153&r=stable&ec=2&o=4126&fbp=fb.1.1712977828466.608201143&ler=empty&cdl=API_unavailable&it=1712977828349&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 25ms
25ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8789640

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2da70c58d593627f6d44d5d21e51f0e938a3c4fde5060beb792df544b0b12fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 8B09 0
0 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.carmax.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 03:10:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 329919
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
313 B 28ms
7ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 127ms
126ms Image
text/plain 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
via: 1.1 google

GET
H/1.1 200 /
d.agkn.com/pixel/9043/ 43 B
556 B 50ms
8ms Image
image/gif 3.120.52.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/9043/?abid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.52.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-52-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:27 GMT
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
103 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=13, mss=1294, tbw=3222, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RC88f82ef592b248a0bc8b9e226922a7b3-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 810 B
680 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC88f82ef592b248a0bc8b9e226922a7b3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 88347584ee0aee3605f4eae2a12323bbc9709dfb7626024c7b1bf6a3636dfbb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 423
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 RC3a651b78e6df4bc280a5d94385f280d0-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 629 B
643 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC3a651b78e6df4bc280a5d94385f280d0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb9053069419a91ea628d9ea6a4db912d03b796bd02120adffa8279e4e78b7e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 386
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 70ms
24ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=35257

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c5db3ac4f402fd3be53df99a5bdff4b7129bb7f4988e801b7096dbc3ae93786c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 RCa6a8d2abe9d64c50b3ef45dcd592cc16-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 819 B
722 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RCa6a8d2abe9d64c50b3ef45dcd592cc16-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 607c7abb3a332ddabddae41a98e7d00cf8b3b2d8e2f805acdc633c78833def86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 465
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 200 sport-utilities.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
0 0ms
0ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sport-utilities.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86962954c4db42289e5bbb79560d3796c2140b66b900de5b91a3cbe1b1363e69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814128_81_16621_6_0_146";dur=1
content-length: 1591
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Sun, 04 Feb 2024 19:09:35 GMT
etag: "1da554e9ebf453c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 19:08:02 GMT

GET
H2 200 pickup-trucks.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 2ms
2ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/pickup-trucks.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

346b6ada5edc21eb08d4134729c9dc672ed77b5eaffc31f1be3ab382d6730d7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1712977828088_388276638_2181814129_297_16318_6_0_146";dur=1
content-length: 1914
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Thu, 28 Mar 2024 16:19:18 GMT
etag: "1da7c742afb044e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 16:16:54 GMT

GET
H2 200 sedans.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
0 3ms
3ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sedans.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa66aa90a6ab9029977793cdfb594834fd436438c2ed41a2f4c772f6b00517f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814130_90_16590_6_0_146";dur=1
content-length: 1516
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 25 Mar 2024 19:07:34 GMT
etag: "1da761fa24ef3e5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 19:07:34 GMT

GET
H2 200 crossovers.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 3ms
3ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/crossovers.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8fa7d3d93842c076fc712e9a00c048f127b37c9883e715d074279d549ec99b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828088_388276638_2181814131_99_16440_6_0_146";dur=1
content-length: 1767
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Sun, 10 Mar 2024 15:09:12 GMT
etag: "1da709f6d7ee978"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Mar 2024 15:05:56 GMT

GET
H2 200 coupes.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
0 4ms
4ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/coupes.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db2bdae188a52c9982e88df5507d4e65d4c4e902a9e0071b419fa7d5d9cc02f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21, ak_p; desc="1712977828088_388276638_2181814132_2102_15987_6_0_146";dur=1
content-length: 1715
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Fri, 08 Dec 2023 17:28:53 GMT
etag: "1da21493a94b5c8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 17:28:52 GMT

GET
H2 200 convertibles.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 4ms
4ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/convertibles.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7769fbf41ecfa6814a07e9a480b962b71b819f83e7a0d15779f916a084b420ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828107_388276638_2181814137_311_13036_6_0_146";dur=1
content-length: 1885
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 20 Mar 2024 10:03:42 GMT
etag: "1da761fa24ee803"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:00:03 GMT

GET
H2 200 luxury-vehicles.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
0 5ms
5ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/luxury-vehicles.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c5383e658eaf828b9598cd276e261513af1c4c08c4c46feac9424aedbdbc2c03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828105_388276638_2181814138_109_14950_6_0_146";dur=1
content-length: 1560
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 05 Feb 2024 14:48:21 GMT
etag: "1da554e9ebf4479"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 14:48:07 GMT

GET
H2 200 sports-cars.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 4 KB
0 5ms
5ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/sports-cars.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09a4d5b507c938a5f458e8ae2816ea271d9a805c8a1115f3ffebe1273114481b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828105_388276638_2181814139_123_14906_6_0_146";dur=1
content-length: 1506
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 04 Mar 2024 06:42:54 GMT
etag: "1da6b3fbd117cfe"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:42:54 GMT

GET
H2 200 diesel-engines.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 6ms
6ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/diesel-engines.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32878be1f98374f663cfeeb73f7f6309cdb4fc1a82e3b30aeffbe3c3c2009283

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="1712977828105_388276638_2181814140_764_14465_6_0_219";dur=1
content-length: 1961
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Fri, 09 Feb 2024 16:01:32 GMT
etag: "1da554e9ebf404e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:29:55 GMT

GET
H2 200 minivans-and-vans.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 6ms
6ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/minivans-and-vans.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8b5cf591ff26c71f99fece5ac4cd93c18c25eb601738e737fb7764c9f462c8cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828125_388276638_2181814152_2139_16440_6_0_219";dur=1
content-length: 1818
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 11 Mar 2024 17:03:59 GMT
etag: "1da73c6037b8097"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Mar 2024 17:02:23 GMT

GET
H2 200 hybrids.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 7ms
7ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/hybrids.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02d54472d2261686fc98e5129f5fe5a27af53c6cbd87b083177e11d01ee3ce4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828125_388276638_2181814153_2158_16299_6_0_219";dur=1
content-length: 1827
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 11 Mar 2024 12:15:39 GMT
etag: "1da709f6d7eee24"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Mar 2024 11:23:42 GMT

GET
H2 200 wagons.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 7ms
7ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/wagons.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adbd5008651b2f366e2206f6bd60c3563c0e80ed469e234ee886ce4fb1b552cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828126_388276638_2181814154_2158_16295_6_0_219";dur=1
content-length: 2087
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Wed, 14 Feb 2024 15:57:50 GMT
etag: "1da5df1b8379fdc"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 15:57:49 GMT

GET
H2 200 electric-cars.svg
www.carmax.com/home/images/shared/icons/vehicle-types/ 5 KB
0 8ms
8ms Image
image/svg+xml 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmax.com/home/images/shared/icons/vehicle-types/electric-cars.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

479de19033c3a1e02fdec675dd4b89bfbc827c9ad4fcc2a5bd43cc058be6465c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 03:10:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712977828126_388276638_2181814155_2178_16014_6_0_219";dur=1
content-length: 1825
request-context: appId=cid-v1:27edf698-2947-4553-a2ea-de3de8da3389
last-modified: Mon, 26 Feb 2024 12:04:51 GMT
etag: "1da5f73c9101a87"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 11:47:48 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3...
https://widget.us.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3...

10 KB
5 KB

295ms
101ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE&tld=carmax.com&fu=https%253A%252F%252Fwww.carmax.com%252F&ceid=153957d0-575a-4169-8620-21e38b415b20&dtycbr=20652

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5a724195e861d2f5c50cfde44cc8dee6404d2b3dc34ad4752bf49c6646939e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10084775
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE&tld=carmax.com&fu=https%253A%252F%252Fwww.carmax.com%252F&ceid=153957d0-575a-4169-8620-21e38b415b20&dtycbr=20652
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4401273
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 TC-3665-1.gif
pt.ispot.tv/v2/ 43 B
74 B 7ms
7ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3665-1.gif?app=web&type=visit
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/home/dist/horizon-modules.f1aeda3af5a3e670f55c.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H3 200 tr
www.facebook.com/ 0
19 B 7ms
7ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4600, tp=11, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 RC75fac5ca65b94f569f270302e2e86fe2-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC75fac5ca65b94f569f270302e2e86fe2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a654c5143ae8c02f0a539733624782a3dec50e281421111431e046a0a589cb4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 879
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2

200

activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafv...
8789640.fls.doubleclick.net/ Frame B2DF
Redirect Chain

https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;ua...
https://8789640.fls.doubleclick.net/activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=5453312311739435085174...

0
0

22ms
22ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8789640.fls.doubleclick.net/activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9181631201za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.carmax.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8789640&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 03:10:28 GMT
expires: Sat, 13 Apr 2024 03:10:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 03:10:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8789640.fls.doubleclick.net/activityi;dc_pre=CJ2s9debvoUDFTEjBgAdNzAKlQ;src=8789640;type=carmax00;cat=hompg000;ord=1170783166036;npa=1;auiddc=655113459.1712977828;u11=54533123117394350851744054296653628999;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0v9181631201za200;gcd=13l3lPl2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.carmax.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/769504883/ 3 KB
2 KB 20ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/769504883/?random=1712977828652&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769504883&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e08ff2ab05dcba860934913bda5ddacc4017ab3a1e2f433ff77c257a55d33434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1578
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/768545124/ 3 KB
2 KB 24ms
24ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/768545124/?random=1712977828657&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-768545124&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2993676420f15e6a90637222f21bc416b2bb5d0e8acdabc85dbdb3610c11a7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1589
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 0
16 B 8ms
8ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=5039, tp=16, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643
https://trkn.us/pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643&ip=81.95.5.41&cuidchk=1

42 B
721 B

10ms
9ms

Image
image/gif

2.19.120.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643&ip=81.95.5.41&cuidchk=1

Protocol

HTTP/1.1

Server

2.19.120.31 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-120-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/c?ppt=519&g=HomePageLoaded&gid=4288&ord=1712977828643&ip=81.95.5.41&cuidchk=1
Date: Sat, 13 Apr 2024 03:10:28 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 impression
b.videoamp.com/d2/03637368-18dd-433d-b5f2-af9a9154b623/4961/ 42 B
312 B 286ms
91ms Image
image/gif 34.238.128.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.videoamp.com/d2/03637368-18dd-433d-b5f2-af9a9154b623/4961/impression?bwb=4961&vpxid=4961&dnt=false&cevt=SITE_VISIT&us_privacy={{US_PRIVACY_STRING}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.128.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-128-18.compute-1.amazonaws.com
Software: Beacon Server /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 13 Apr 2024 03:10:28 GMT
access-control-allow-credentials: true
server: Beacon Server
access-control-allow-headers: Content-Type
content-length: 42
content-type: image/gif

GET
H2

200

nspix
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24
https://action.media6degrees.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24

43 B
165 B

122ms
121ms

Image
image/gif

2606:4700:4400::6812:2412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24
Protocol: H2
Server: 2606:4700:4400::6812:2412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 87384367fa159bbf-FRA
content-length: 43

Redirect headers

location: https://action.media6degrees.com/orbserv/nspix?adv=cl1025216&ns=3214&nc=HP&ncv=24
access-control-allow-origin: *
date: Sat, 13 Apr 2024 03:10:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8738436579249bbf-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 204 0
bat.bing.com/action/ 0
237 B 34ms
34ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4028650&Ver=2&mid=c57767c0-4587-4e72-8255-d010f321d367&sid=61308840f94311ee8b2139eca0adbd81&vid=61309c90f94311eeaf2003e710524cd3&vids=0&msclkid=N&pagetype=home&en=Y&p=https%3A%2F%2Fwww.carmax.com%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=249965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Apr 2024 03:10:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A535F5A7602D4157BC748B4FEE124776 Ref B: FRA31EDGE0214 Ref C: 2024-04-13T03:10:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC63a5a3a7610b4e7790bd2c11d2c6c705-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 2 KB
1 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC63a5a3a7610b4e7790bd2c11d2c6c705-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e8eb88eacbf3104d9e4b26311182406d75ca33010ae48c8150525c29263207a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 910
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H2 204 tr.gif
ping.pdst.fm/ 0
36 B 458ms
457ms Image
text/plain 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.pdst.fm/tr.gif?key=93628f997a564e3bba24ca40702d9a32&a=init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
via: 1.1 google

GET
H3 200 tr
www.facebook.com/ 0
16 B 8ms
7ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=167517063839469&ev=PageView&cd[order_id]=

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5279, tp=19, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 03:10:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing
https://tags.w55c.net/rs?sccid=fc8227f6-85ff-090d-3fde-c9bc815c4124&scc=1&id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing

42 B
752 B

7ms
7ms

Image
image/gif

52.29.51.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=fc8227f6-85ff-090d-3fde-c9bc815c4124&scc=1&id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing

Protocol

HTTP/1.1

Server

52.29.51.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-51-157.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e8db69464d002a56@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e8db69464d002a56@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e8db69464d002a56@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Location: https://tags.w55c.net/rs?sccid=fc8227f6-85ff-090d-3fde-c9bc815c4124&scc=1&id=89fd8c1095744eaaade5a6da823c8bbf&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing
https://tags.w55c.net/rs?sccid=713c7d87-5c91-f91d-6c48-c98c84dc2c03&scc=1&id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing

42 B
752 B

8ms
8ms

Image
image/gif

52.29.51.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=713c7d87-5c91-f91d-6c48-c98c84dc2c03&scc=1&id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing

Protocol

HTTP/1.1

Server

52.29.51.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-51-157.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0a9a5734939f60a97@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0a9a5734939f60a97@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0f696b3092ec6e04f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Location: https://tags.w55c.net/rs?sccid=713c7d87-5c91-f91d-6c48-c98c84dc2c03&scc=1&id=b25668c94a654ffab6c488bee2b6fdc4&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
633 B 104ms
30ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10160690&he=7654852

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H2 200 52461.gif
rtb.adgrx.com/segments/URuSa24Wo3DvHl6kcLw3pHT_IFDVTgEAIFEaNa9Yb_s=/ 43 B
304 B 142ms
30ms Image
image/gif 54.217.19.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adgrx.com/segments/URuSa24Wo3DvHl6kcLw3pHT_IFDVTgEAIFEaNa9Yb_s=/52461.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.19.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-19-5.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-thinktime: 0
pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-server: delivery-euw1-dsp-prod-eu-west-1a-1
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 events
tag.tapad.com/accounts/39/tags/NmnIbOk/ 95 B
243 B 42ms
18ms Image
image/png 35.186.225.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tag.tapad.com/accounts/39/tags/NmnIbOk/events?data.Pagename=HomePage&response_type=pixel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.225.155 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

155.225.186.35.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
server: Jetty(11.0.13)
content-type: image/png
cache-control: no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2 200 RC9c74034705314db1a94dc10464e5baa4-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/ 2 KB
1 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/c129905904db/RC9c74034705314db1a94dc10464e5baa4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8f4d6484dab0a86b49b7ce8cfd582aac30873fad0cf51f6006b043ecad50c285

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 17:44:04 GMT
server: AkamaiNetStorage
etag: "108975fb0eaddcf4e5f38ad30d7dc715:1712943844.738373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 840
expires: Sat, 13 Apr 2024 04:10:28 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/769504883/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1...
https://www.google.com/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&ur...
https://www.google.de/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url...

42 B
64 B

23ms
22ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI0I_x15u-hQMV66GDBx0j-wiOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtqk_RZW2g_SL8nL0RM3vlqe-SEVOk9gjrKDWcGud5cYr7ESvVl&random=1915741559&ipr=y

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/769504883/?random=1090044697&cv=11&fst=1712977828652&bg=ffffff&guid=ON&async=1&gtm=45be44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=rPFrCILc_JwBEPPs9u4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI0I_x15u-hQMV66GDBx0j-wiOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtqk_RZW2g_SL8nL0RM3vlqe-SEVOk9gjrKDWcGud5cYr7ESvVl&random=1915741559&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 63ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bda160da46a86f9eb0c2890df804cd0bffedb20ce17a33fd33ce6e423b599fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 124518
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"26bb-Sxm1VOHmLzVpLSS8GP8yj1/NpC0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 873843657b579235-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 interact Show response
edge.adobedc.net/ee/irl1/v1/ 522 B
418 B 38ms
38ms Fetch
application/json 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/irl1/v1/interact?configId=9e009f07-799e-4cc2-8819-f948eaea115e&requestId=3621943e-a202-44e2-a212-e777ed6c6495

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/2446d130b9dd/launch-fabb7b419568.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

3cfddb999414e8c370ffa6cc4d6f5f4de78439ff30a334a6dbd947452b6ff811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.carmax.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 3621943e-a202-44e2-a212-e777ed6c6495

GET
H3

200

/
www.google.de/pagead/1p-conversion/768545124/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=syp...
https://www.google.com/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h...

42 B
64 B

21ms
21ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI8Knx15u-hQMVtI6DBx3D7QAkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtq0rn7H6Mgl_ys4CQbsNOvrwbivr5VuwQqwXeLy8gmJHjHL6xh&random=1278684123&ipr=y

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.carmax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/768545124/?random=283486507&cv=11&fst=1712977828657&bg=ffffff&guid=ON&async=1&gtm=45be44a0v892579784za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.carmax.com%2F&label=bpQUCP6D8ZgBEOSivO4C&hn=www.googleadservices.com&frm=0&tiba=CarMax%20-%20Shop%20for%20used%20cars%2C%20then%20buy%20online%20or%20at%20a%20store&gtm_ee=1&npa=1&pscdl=noapi&auid=655113459.1712977828&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI8Knx15u-hQMVtI6DBx3D7QAkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd3d3LmNhcm1heC5jb20v&is_vtc=1&cid=CAQSKQB7FLtq0rn7H6Mgl_ys4CQbsNOvrwbivr5VuwQqwXeLy8gmJHjHL6xh&random=1278684123&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.00593e070a6f1562a8b4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
21 KB 31ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 355419
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"125c9-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384365bb689235-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 14 KB
3 KB 325ms
325ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_824BpwRuzg5MXB3&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f61e1a6cb33c2cebfbac8e8288d1bcf593702b0d2bc3126300a7fc9bd7c5cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 449e9e007b6f07f4
timing-allow-origin: *
cf-ray: 87384365eb799235-FRA

POST
H2 204 /
02179914.akstat.io/ 0
226 B 63ms
55ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179914.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-type: image/gif
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Sat, 13 Apr 2024 03:10:28 GMT

POST
H2 204 /
02179914.akstat.io/ 0
226 B 66ms
66ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179914.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-type: image/gif
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Sat, 13 Apr 2024 03:10:28 GMT

POST
H2 204 /
02179914.akstat.io/ 0
226 B 54ms
54ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179914.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/G44P5-SQM6J-DDMWR-2C333-A6FEA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
content-type: image/gif
access-control-allow-origin: https://www.carmax.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Sat, 13 Apr 2024 03:10:28 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1701 170 B
409 B 59ms
23ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qHKs4-AbPPXCOpTu3n-7ygelHbk-qQ895Ov8sg&google_cm&google_hm=ay1xSEtzNC1BYlBQWENPcFR1M24tN3lnZWxIYmstcVE4OTVPdjhzZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1701 43 B
235 B 60ms
17ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-IBPB5-AbPPXCOpTu3n-7ygelHbkTWzvwK1_MLw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 03:10:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1701
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1162305206384309573

43 B
370 B

101ms
101ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1162305206384309573

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5399131
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
an-x-request-uuid: 347d514d-6fcc-4e2b-8a28-9a2d3ca19899
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1162305206384309573
x-proxy-origin: 81.95.5.41; 81.95.5.41; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 1701 57 B
814 B 166ms
104ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-o9_jQ-AbPPXCOpTu3n-7ygelHbk8wBcBBALuCw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 13 Apr 2024 03:10:29 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Sat, 13 Apr 2024 03:10:29 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1701 0
239 B 60ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xBFQeuAbPPXCOpTu3n-7ygelHbns3P_SYIsPrw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1701 43 B
163 B 52ms
13ms Image
image/gif 81.17.55.116
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-fg2o4eAbPPXCOpTu3n-7ygelHbkowwwhHtYUZg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.116 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1701 0
99 B 60ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-vfGXXuAbPPXCOpTu3n-7ygelHbljvxDy64NCZQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12543

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1701 23 B
163 B 72ms
33ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-vlYElOAbPPXCOpTu3n-7ygelHbkVkaTp8H4IsQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 13 Apr 2024 03:10:29 GMT
pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 1701 37 B
140 B 30ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-bbw4AuAbPPXCOpTu3n-7ygelHbmS38FsTUB1uw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 1701 56 B
319 B 180ms
44ms Image
image/gif 23.48.23.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-fFroluAbPPXCOpTu3n-7ygelHblc0DXd21SmDw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 13 Apr 2024 03:10:29 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Sat, 13 Apr 2024 03:10:29 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 1701 43 B
164 B 151ms
19ms Image
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
last-modified: Thu, 11 May 2023 07:59:59 GMT
server: nginx
accept-ranges: bytes
etag: "645ca07f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1701 49 B
342 B 153ms
22ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-vwUTy-AbPPXCOpTu3n-7ygelHbnDEyZdxE-dog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:28 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H3

200

rum
r.casalemedia.com/ Frame 1701
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA&C=1

43 B
719 B

21ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZVa8x9aHmkkLwRZNwDq0CJol0ztrBCnkkJ38TuDIvB8DQOLPa53uqi5eG3cn%2BxqLVnCosAQtxXV1UzhJFp4Tp0x1WkILr6Ts4uQvR%2B9wcql2H0zs47sqf%2BnYAhIAcRZoQqK"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 873843681ded65c3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db0YrMOqwJqOKKiaSdjhbgM%2BC4bv4rOrGQGrdBT5wEIEG4t%2BO6yhCYEjE2ITdAjkC4t0a%2BnM386QIyqh3dRJTHWse79YEpdUNjdPpr9cFgqhhwRJ7tIvM9Y2EGzHwDOdVehg"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-weHrUOAbPPXCOpTu3n-7ygelHbkPA7uuzPLysA&C=1
cache-control: no-cache
cf-ray: 87384367fdd965c3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

ibs:dpid=28645&dpuuid=nZpnRDbWvkmoe-WLDOQyNlaZI7vuC-_L
dpm.demdex.net/ Frame 1701
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nZpnRDbWvkmoe-WLDOQyNlaZI7vuC-_L

42 B
716 B

104ms
31ms

Image
image/gif

52.17.32.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nZpnRDbWvkmoe-WLDOQyNlaZI7vuC-_L

Protocol

Server

52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-32-208.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v060-0546384e6.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: G4ZAuKH6Q7M=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nZpnRDbWvkmoe-WLDOQyNlaZI7vuC-_L
date: Sat, 13 Apr 2024 03:10:28 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 566788
content-length: 0

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 1701 43 B
1 KB 116ms
8ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-PmTxzuAbPPXCOpTu3n-7ygelHbmSx3j6pwa4-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 13 Apr 2024 03:10:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 1701 43 B
199 B 108ms
30ms Image
image/gif 34.251.149.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-P-awluAbPPXCOpTu3n-7ygelHbk7y6tqTjUw8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.251.149.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-149-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 13 Apr 2024 03:10:29 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 1701 42 B
265 B 38ms
16ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5k4Vg-AbPPXCOpTu3n-7ygelHblf_2jVDx5yLg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:28 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 1701 0
882 B 41ms
9ms Image
text/html 18.197.235.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-r45zjeAbPPXCOpTu3n-7ygelHbk_MWb1pI6-NA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.235.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-235-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 1701 43 B
423 B 703ms
327ms Image
image/gif 35.82.86.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-MMUp4uAbPPXCOpTu3n-7ygelHbkiFFo3uQowpA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.86.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-86-30.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1701 0
218 B 356ms
86ms Image
text/plain 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ELFEkuAbPPXCOpTu3n-7ygelHbk-fq19_bfjSQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 03:10:29 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 6943f7bce1c8e2eb54498849ebbfece1
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1701 0
225 B 98ms
18ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Y8EdAeAbPPXCOpTu3n-7ygelHbm1PBmpG2mLWw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 03:10:29 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 1701 0
35 B 38ms
7ms Image
text/plain 3.121.240.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-UJr4eOAbPPXCOpTu3n-7ygelHbkGnYC8Gf-j6A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.240.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-240-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 1701 43 B
400 B 292ms
91ms Image
image/gif 2600:1f18:612b:4200:8ff1:abfb:15af:54f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-N9Vw7uAbPPXCOpTu3n-7ygelHbmZ4p8JsZFHxQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8ff1:abfb:15af:54f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 13 Apr 2024 03:10:29 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 1701 43 B
153 B 110ms
32ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-1BTT2-AbPPXCOpTu3n-7ygelHblQXQNc0mKZMQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 13 Apr 2024 03:10:29 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1701 0
235 B 41ms
16ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-tC9POeAbPPXCOpTu3n-7ygelHbnoY8kqNrJVFw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 03:10:29 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 12 Apr 2024 03:10:29 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1701 0
38 B 131ms
30ms Image
text/plain 52.48.97.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-0I00uuAbPPXCOpTu3n-7ygelHbkxS76kh86iYQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.97.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-97-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 1701 0
44 B 44ms
8ms Image
text/plain 18.197.240.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-845bduAbPPXCOpTu3n-7ygelHbm63SyR2T1PGg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.240.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-240-248.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
server: awselb/2.0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 1701
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q

35 B
599 B

21ms
21ms

Image
image/gif

37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q

Protocol

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-SCPRteAbPPXCOpTu3n-7ygelHbkkib6TQ7ha3Q
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 setuid
ib.adnxs.com/ Frame 1701 43 B
1 KB 15ms
13ms Image
image/gif 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k--NK_x-AbPPXCOpTu3n-7ygelHbnhs7bssKFNQg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 03:10:29 GMT
an-x-request-uuid: 9bea938d-60ab-4e5e-8e6d-3c046d245183
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.41; 81.95.5.41; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 24ms
24ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 355420
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"19639-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384368bc619235-FRA

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame 3CBC 260 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d2b9c1f1c9ea64eb3d4f45dc3a50504228ab0805e2065e98f4e092250d602f2e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Origin: https://www.carmax.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 02:38:56 GMT
content-encoding: br
age: 1891
x-guploader-uploadid: ABPtcPpAa3DdhqXMlaassokwSe5XfR-EkcH0UcEvXwwFmfDMI2_UY5K1Tuqcd_Mli0jbpPHKIuRgWrD1zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72574
last-modified: Wed, 10 Apr 2024 15:36:22 GMT
server: UploadServer
etag: "169e4b4b7f04067a85da188332e770aa"
vary: Accept-Encoding
x-goog-generation: 1712763382241019
x-goog-hash: crc32c=zTfkdw==, md5=Fp5LS38EBnqF2hiDMudwqg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 72574
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Apr 2024 03:38:56 GMT

GET
H2 200 7.7f92166a279ec8ccbb92.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 28ms
28ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.7f92166a279ec8ccbb92.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 355420
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"b52-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384368fc789235-FRA

GET
H2 200 1.2211346a24b96c334744.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 25ms
25ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.2211346a24b96c334744.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
URL: https://zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_824BpwRuzg5MXB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 355420
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"73f8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384368fc7b9235-FRA

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 26ms
26ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 348830
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"dd8-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384368fc7c9235-FRA

GET
H2 200 LinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 27ms
27ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/LinkModule.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.00593e070a6f1562a8b4.chunk.js?Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDID=www.carmax.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a3d1d852ae7841c2c66194de771e0bbe09fa1f00a446e38bfd1dea60ce6dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 355161
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Apr 2024 18:13:43 GMT
server: cloudflare
etag: W/"9eb-18e9addfbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87384368fc7d9235-FRA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 45ms
24ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_ah0reLCPOi4vXLv&Version=18&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b63428a0431c166d8daa06457845bbf5a51dc681695a59e87da0dbd47986f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 208614
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Apr 2024 17:13:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 873843691e169000-FRA
expires: Sat, 08 Apr 2034 17:13:35 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 329 B
350 B 46ms
27ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_aWu0ZeBRVehNneJ&Version=1&Q_InterceptID=SI_ah0reLCPOi4vXLv&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 212267
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Apr 2024 16:12:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 873843691e199000-FRA
expires: Sat, 08 Apr 2034 16:12:42 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 48ms
30ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9oDlYMwRwk31RDD&Version=6&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 205449
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Apr 2024 18:06:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 873843691e189000-FRA
expires: Sat, 08 Apr 2034 18:06:20 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 201 B
274 B 43ms
25ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_emTkxoXvaQjl7dH&Version=1&Q_InterceptID=SI_9oDlYMwRwk31RDD&Q_ORIGIN=https://www.carmax.com&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

servershortname
date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 200043
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Apr 2024 19:36:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 873843691e179000-FRA
expires: Sat, 08 Apr 2034 19:36:26 GMT

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
124 B 127ms
127ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_aWu0ZeBRVehNneJ&Q_SIID=SI_ah0reLCPOi4vXLv&Q_ASID=AS_9YzH717RdZH7sPj&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&r=1712977829330

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 14330d18facf4830
cf-ray: 873843695e2b9000-FRA

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
217 B 124ms
124ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_emTkxoXvaQjl7dH&Q_SIID=SI_9oDlYMwRwk31RDD&Q_ASID=AS_10337099&Q_CLIENTVERSION=2.4.0&Q_CLIENTTYPE=web&r=1712977829332

Requested by

Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.carmax.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 7061623243641fea
cf-ray: 873843695e2c9000-FRA

GET
H2 200 Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 2 KB
2 KB 246ms
209ms Image
image/png 95.101.149.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_20qzf8m77sY0mLX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.149.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-149-99.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition: inline; filename=Qualtrics+feedback+button
content-length: 1635
x-request-id: 5d35dbb5-4bc8-4674-9d95-ff0539f92c82
referrer-policy: strict-origin-when-cross-origin
etag: "f0fa91fd84b7d45f13e79867954223d3"
content-type: image/png
access-control-allow-origin: *
x-transaction-id: a74e3c5c-7a03-420a-a1e1-86449fb6fb88
cache-control: public, max-age=60
permissions-policy: camera=(), geolocation=(), microphone=()
x-robots-tag: noindex
expires: Sat, 13 Apr 2024 03:11:29 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 201ms
192ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=6adee1cf-d7ed-47b7-9b1c-d1f4177bddd4&SessionId=6e9132ba-b15b-4420-a06b-8bee8e836997&PageId=bd9f98ef-be31-4932-b8f8-1db81d148499&Seq=1&ClientTime=1712977830909&PageStart=1712977828326&PrevBundleTime=0&LastActivity=1529&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 200cb2f9a4cd187b144dc85aaf4f8b9715772049dfae6bd3eb99bcd6cda6d763

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sat, 13 Apr 2024 03:10:31 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 131ms
131ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=J90WC&UserId=6adee1cf-d7ed-47b7-9b1c-d1f4177bddd4&SessionId=6e9132ba-b15b-4420-a06b-8bee8e836997&PageId=bd9f98ef-be31-4932-b8f8-1db81d148499&Seq=2&ClientTime=1712977833388&PageStart=1712977828326&PrevBundleTime=1712977830971&LastActivity=4020&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: www.carmax.com
URL: https://www.carmax.com/shared/appraisals/main.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f224620bf446da8a25645d4262c4918311acf3328bceacc14bb03b3639d50bd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.carmax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.carmax.com
date: Sat, 13 Apr 2024 03:10:33 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.carmax.com/	1970-01-20 19:50:21	Name: KmxStore Value: StoreId=7173
.carmax.com/	1970-01-21 04:35:13	Name: KmxVisitor_0 Value: StoreId=7173&Zip=66204&Lat=39.0057&Lon=-94.6935&ZipConfirmed=False&ZipDate=4/13/2024 3:10:26 AM&VisitorID=da38bdc5-f753-406b-b36f-617baa41eacc&IsFirstVisit=True&UsingStoreProxy=false
.carmax.com/	1969-12-31 23:59:59	Name: KmxSession_0 Value: logOdds=0.377880171862637&modelDecile=2
.carmax.com/	1970-01-20 19:49:41	Name: AKA_A2 Value: A
.carmax.com/	1970-01-20 19:49:52	Name: bm_sz Value: 080DE78AEC4CCF7844FB5FCACC671DEA~YAAQnqEkF5FZKqaOAQAAe1Vv1Rfog0Z0sjv8+l06w0sTuGmEWbsWBqvXCL8PJE/xM6m/kkA7uS7Grq0db1Jtan4rvParj2SzoM5OMa1QEI8TrePa+xG5T/VtcSUu658e7ltz8Ucjh/Ij/tNhVg46/NXyze515CEbGqZ79mrzKtYdnK3NqeLy8Hjg7OZKXLtJyIO6FTMFACYFWUy8crcKIVr7Ofu2khDUyyQFZWMdUZ5sQac6eX0vamhFwJxLTF4IegQG2rcawuYa8JvzFGMX5Va130QeqyrdtBd7wB6lE+civpnQlYXcWJeph0ledLCBkjjeYOicIKbQf8y2OK09t9VaRKgKHcqcqC4gFl+pzTCOovxir3PBgrPyRuyLEY/bYORIrgGHJ/0vwIl6LQ==~4337970~3360070
www.carmax.com/	1970-01-21 04:35:13	Name: ai_user Value: GcdNc14IvIIQoAwLSbHrP9\|2024-04-13T03:10:27.691Z
.carmax.com/	1970-01-20 19:59:42	Name: RT Value: "z=1&dm=carmax.com&si=01ec6025-23e6-4df1-8bd3-08c9483542e3&ss=luxirq4b&sl=1&tt=xt&bcn=%2F%2F02179914.akstat.io%2F&ld=xv"
.demdex.net/	1970-01-21 00:08:49	Name: demdex Value: 51255959455000629141494043720020949704
.carmax.com/	1970-01-20 19:49:39	Name: kndctr_0C1038B35278345B0A490D4C_AdobeOrg_cluster Value: irl1
.carmax.com/	1970-01-21 05:18:25	Name: kndctr_0C1038B35278345B0A490D4C_AdobeOrg_identity Value: CiY1NDUzMzEyMzExNzM5NDM1MDg1MTc0NDA1NDI5NjY1MzYyODk5OVITCIqvvavtMRABGAEqBElSTDEwAPABiq-9q-0x
.carmax.com/	1970-01-21 05:11:13	Name: AMCV_0C1038B35278345B0A490D4C%40AdobeOrg Value: MCMID\|54533123117394350851744054296653628999
.carmax.com/	1970-01-21 04:36:21	Name: s_vnc365 Value: 1744513827790%26vn%3D1
.carmax.com/	1970-01-20 19:49:39	Name: s_ivc Value: true
.carmax.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.carmax.com/	1969-12-31 23:59:59	Name: s_tp Value: 4802
.carmax.com/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%252F%252Fwww.carmax.com%252F%2C25%2C25%2C1200%2C1%2C4
.carmax.com/	1970-01-21 04:35:13	Name: _abck Value: 8B58AB3D7B7202FD3DE6083DCF2ECF72~0~YAAQnqEkF5tZKqaOAQAAEVhv1QvreGaOnWbJCnPe+9udHjRINtJ1yZ51N65SPyMQCNRI/dvewCYv7+JKzwGm+YNmh/67B15EFrVbmd/Xm9cYP91yFbJ6rMmAoengRIdit5H++l1/Th0vubqB4nqddA8ewJZOGkhLA8KNUUaAu03u4U3X6AU3ig6SxfAruEdHwy6IN5BeRUyl/+hE3EHh1qVDbFTgx6Vws9L396uh8PnIKOhanKLAuQNVi/Tx9Z/OkuUIIAU5Hec/JKfDn0biS31dtfKKsX2L1aJcTj1ha17/k0gKAAISUDW9UJf03JIAw+gKcBEGY29lhxQSa60gCi3xQOFlcv6uytK6K/esD8UejUMvRyDJDXldZmgNCirg3XoMXjkllFqbx+O5v7PchS9x/azhH37A~-1~-1~1712981427
.carmax.com/	1969-12-31 23:59:59	Name: _ga_NTWN6LKPPS Value: GS1.1.1712977827.1.0.1712977827.60.0.0
www.carmax.com/	1970-01-20 19:49:39	Name: ai_session Value: EGYOYwV4nNNeSHMXb9v7sS\|1712977827992\|1712977827992
.carmax.com/	1970-01-21 05:25:37	Name: _ga Value: GA1.2.877330898.1712977828
.carmax.com/	1970-01-20 19:49:37	Name: _gat_gtag_UA_187672_9 Value: 1
.carmax.com/	1969-12-31 23:59:59	Name: Value: GA1.2.877330898.1712977828
.carmax.com/	1970-01-20 19:51:04	Name: _gid Value: GA1.2.153279359.1712977828
.carmax.com/	1970-01-20 19:49:45	Name: ak_bmsc Value: 32283EBDCF645E626C78649585FFBFD9~000000000000000000000000000000~YAAQnqEkF6JZKqaOAQAA9lhv1RcmSFIVJk9CiqbFy1PskKsaC2m5VEDxK6xfgC68dgVLBRWe1Y5CdIk5a1krMGvaBMVRlW8bULPeNPMOMz58ZpJV+UVvSnn6PiIp402KXOygTRo/cl0sA+Yf1jhHjKbywMXiE+fq8xifqVzbM8UZ8fFtjKMZdfz0O95mp6nOlaErfAPrIw6nEXxg6UlKTMKSxiLgzZv7oZRYlFcMulswn776HC1yadiL7ZOgJpyX8VI/1zzNm6QnNB+so3uRyna/18mpg6HKboPYpU7nPX/dwQyCZ2o2GO88wXGA7Sxt9j+uBuI9t/gzd9/B1PNTv1PqLB/tZS4mPcFkct1J7xPWxr/E1QNe9bNNLaEofsQFR7vkdqnT537Noo7cA/BRBsD274t4dCJYDzw5KxWkwSqnLlhfbXZzg/CYMgOICb1XYK1oC3HuYnIy3UF25O0=
.carmax.com/	1970-01-20 21:59:13	Name: _gcl_au Value: 1.1.655113459.1712977828
.carmax.com/	1970-01-20 19:49:39	Name: fs_lua Value: 1.1712977828325
.carmax.com/	1970-01-21 04:35:13	Name: fs_uid Value: #J90WC#6adee1cf-d7ed-47b7-9b1c-d1f4177bddd4:6e9132ba-b15b-4420-a06b-8bee8e836997:1712977828325::1#/1744513830
.bing.com/	1970-01-21 05:11:13	Name: MUID Value: 0E922740E9ED6A5E00DB3320E8666BA3
.carmax.com/	1970-01-20 21:59:13	Name: _fbp Value: fb.1.1712977828466.608201143
.criteo.com/	1970-01-21 05:11:13	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 05:11:13	Name: uid Value: 0f09cc13-53b7-4ea4-9b61-1bbb82ba3185
.ispot.tv/	1970-01-21 05:25:37	Name: pt Value: v2:474ffcd35975721dcc98e0f53a26c9065e9e98ceb0cb54921048c03d2ecf3550\|a2d1a3ecc26d44feb4bda4ae43d8d64316f73327a0c04f174ea63d14901c07f3
.agkn.com/	1970-01-21 04:35:13	Name: ab Value: 0001%3AzBss1jtf8XuRcwvgbSjZsTejK5q2zYv%2B
.agkn.com/	1970-01-21 04:35:13	Name: u Value: C\|0AAAtrLQkLay0JAAAAAAA
.carmax.com/	1970-01-21 05:19:01	Name: cto_bundle Value: 9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE
.carmax.com/	1970-01-20 19:51:04	Name: _uetsid Value: 61308840f94311ee8b2139eca0adbd81
.carmax.com/	1970-01-21 05:11:13	Name: _uetvid Value: 61309c90f94311eeaf2003e710524cd3
.carmax.com/	1970-01-20 19:49:45	Name: bm_sv Value: 8FF27AA2B12D519E912F13492AB50094~YAAQnqEkF6ZZKqaOAQAAR1tv1RfM7IJtX1FBRy+tp+qAdM/YiI82tcTb/7xBcWB71nd0fg/eGUaqlHJIKQHauVADIb+jndVRjQdMIHhYKihKmiqQHgZ4LkHrUDVOqlj82JUBzCmqcDXc1aVvpobYg07+aEAi5Mb+ycvnC9o9MKxukQPNcuHLgCzftzJwQAmMxcadGV0VyWGqjpAgEvTpcf7Y2gTLy5anxp0PQiXlVKS6A/qEp+VIcBXbLE9a+sG2~1
.bing.com/	1970-01-21 05:11:13	Name: MSPTC Value: wmZMYGwNGlvnW44Apr4hyb173exhLroTxTOwb8zfSYc
.trkn.us/	1970-01-21 04:35:13	Name: barometric[cuid] Value: cuid_6619f7a4-1f77-4130-b221-3411d13b7102
.doubleclick.net/	1970-01-21 05:11:13	Name: IDE Value: AHWqTUmyRrmGRHZFuxKWHW6sjegeA257XhMyEEDk5j_OU-YRcwwQfwf6_wiLTN7_
.w55c.net/	1970-01-21 05:19:01	Name: wfivefivec Value: WyYvEAda1RVtME2
.doubleclick.net/	1970-01-21 00:08:49	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 04:35:35	Name: A3 Value: d=AQABBKT3GWYCEFPYSS3Jv08sioicMLL7HSkFEgEBAQFJG2YjZuAKyiMA_eMAAA&S=AQAAAiFC1Y3SFY9RHyBIzCn7ci0
.adnxs.com/	1970-01-20 21:59:13	Name: XANDR_PANID Value: -N_N7FBBcL0ZKMNBNO8Su3yj3AVrgIahZzzUhyFjJVKOEksDCJuXw3rg300SQrwl6u_a6qqTGn0lvhJezI8vx9oYcr_1vAHQqLq0ZGhq3rc.
.adnxs.com/	1970-01-21 05:25:37	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:59:13	Name: uuid2 Value: 1162305206384309573
.media.net/	1970-01-21 04:35:13	Name: visitor-id Value: 3559794298173726000V10
.media.net/	1970-01-20 20:32:49	Name: data-c-ts Value: 1712977829
.media.net/	1970-01-20 20:32:49	Name: data-c Value: k-o9_jQ-AbPPXCOpTu3n-7ygelHbk8wBcBBALuCw~~3
www.carmax.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.carmax.com%2F~1712977829114
.adnxs.com/	1970-01-20 21:59:13	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E?gm^Hum!]tbPl@/D!9hy6]/Cs:%hXEo0k1jbx.QzlL.NiPL>^69:7_4<+181MO7O8oGl[dF-C!zutp<[(!bpRzqF1`*bd83+y!a.
.casalemedia.com/	1970-01-21 04:35:13	Name: CMID Value: Zhn3pVVbLb0AAHcWAhcSvAAA
.casalemedia.com/	1970-01-20 21:59:13	Name: CMPS Value: 3375
.casalemedia.com/	1970-01-20 21:59:13	Name: CMPRO Value: 3375
exchange.mediavine.com/	1970-01-20 20:09:47	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2261a67cd0-f943-11ee-b345-4149e93cc93e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 20:09:47	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2261a67cd0-f943-11ee-b345-4149e93cc93e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 20:09:47	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2261a67cd0-f943-11ee-b345-4149e93cc93e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 20:09:47	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2261a67cd0-f943-11ee-b345-4149e93cc93e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 20:09:47	Name: criteo Value: %7B%22id%22%3A%22k-r45zjeAbPPXCOpTu3n-7ygelHbk_MWb1pI6-NA%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 20:32:49	Name: ayl_visitor Value: f8451694a2927b8e342ad2386c44635b
.dpm.demdex.net/	1970-01-21 00:08:49	Name: dpm Value: 51255959455000629141494043720020949704
.adform.net/	1970-01-20 20:32:49	Name: C Value: 1
.adform.net/	1970-01-20 21:16:01	Name: uid Value: 2466571720244327245
.tremorhub.com/	1970-01-21 04:35:34	Name: tvid Value: 5650e4dd1bdc40fab4a68c34d5bb96d0
.tremorhub.com/	1970-01-20 20:32:49	Name: tv_UICR Value: k-N9Vw7uAbPPXCOpTu3n-7ygelHbmZ4p8JsZFHxQ
.postrelease.com/	1970-01-21 04:35:13	Name: opt_out Value: 1

80 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/176869726424290?v=2.9.153&r=stable&domain=www.carmax.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://sslwidget.criteo.com/event?a=35257&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd%26ui_visitorid%3D54533123117394350851744054296653628999&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=9DF89V9ka3hHN3ZmMTJuT1o2STh1JTJGWTF0TVg3b3VDZWc0TE9mbUVmOUIlMkZJWCUyRkJXRTZSMnRKQXVWSmNHMWliSlZsMmtZQzd6NTJzb0UlMkZ5NDdseGpwMjdXSjVtV0k2amdzdnhnTVZLcDZJSWhaMVZTTGJKJTJCZG5yOG04YktPUGtvc2F1TmRxeDRVZ3QyZmpYOVV3b1hNQUZjaGpBJTNEJTNE&tld=carmax.com&fu=https%253A%252F%252Fwww.carmax.com%252F&ceid=153957d0-575a-4169-8620-21e38b415b20&dtycbr=20652 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.carmax.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179914.akstat.io
8789640.fls.doubleclick.net
a.twiago.com
action.dstillery.com
action.media6degrees.com
ad.360yield.com
ad.yieldlab.net
adobedc.demdex.net
assets.adobedtm.com
b.videoamp.com
bat.bing.com
c.go-mpulse.net
c1.adform.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
content-images.carmax.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.agkn.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
edge.fullstory.com
ethn.io
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
ping.pdst.fm
pixel.rubiconproject.com
pt.ispot.tv
r.casalemedia.com
region1.analytics.google.com
rs.fullstory.com
rtb-csync.smartadserver.com
rtb.adgrx.com
s.go-mpulse.net
scontent.cdninstagram.com
simage2.pubmatic.com
siteintercept.qualtrics.com
sjc1.qualtrics.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.tapad.com
tags.w55c.net
trkn.us
visitor.omnitagjs.com
widget.us.criteo.com
www.carmax.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
zn824bpwruzg5mxb3-carmax.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
104.18.36.155
104.75.89.75
13.248.245.213
141.226.228.48
142.250.184.198
142.250.184.226
142.250.185.196
142.250.186.130
142.250.186.35
151.101.130.132
157.240.252.35
162.19.138.118
172.217.16.130
178.250.1.9
18.197.235.123
18.197.240.248
184.30.17.243
185.255.84.153
185.64.191.210
185.89.210.90
2.19.120.31
2001:4860:4802:34::36
212.82.100.181
216.58.206.72
23.48.23.21
2600:1f18:612b:4200:8ff1:abfb:15af:54f7
2606:4700:4400::6812:2412
2620:1ec:c11::237
2a00:1450:4001:80e::2013
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2008
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:1700:391::11a6
2a02:26f0:3500:591::1e80
2a02:26f0:3500:883::1c4e
2a02:26f0:7100:59a::11a6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:2880:f277:c0:face:b00c:0:43fe
3.120.52.13
3.121.240.222
34.117.157.22
34.238.128.18
34.251.149.17
35.186.194.58
35.186.225.155
35.201.112.186
35.214.149.91
35.82.86.30
37.157.5.133
37.157.6.237
52.17.32.208
52.24.153.248
52.29.51.157
52.48.97.133
54.217.19.5
63.140.62.17
64.202.112.255
69.173.144.165
74.119.117.16
81.17.55.116
85.215.5.31
95.101.148.20
95.101.149.99
015e4bf3f674d48cf0bb46e2ddae02af57cfa65c9f5dafa881c0a141f2a04cc0
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
02d54472d2261686fc98e5129f5fe5a27af53c6cbd87b083177e11d01ee3ce4e
03d1a319a22b575978c5dc2782262926199b7f9122c8e915d8cffcbb335746b5
090731b4b0f5e3e2eb96a53e8b61f53b21c19beb32f1b5723630a88bb4f7f740
09a4d5b507c938a5f458e8ae2816ea271d9a805c8a1115f3ffebe1273114481b
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0afd245d994bb7f225cc7e3dc8347e141c06eceee4d5e4de3e01ec1c48113d92
0b018d6c3eae5f22ff0f6afbab8fc560c7e3ae317309e1b2e52be76627435558
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dafc626d627be5d7d44981a60c620bbcb0528886220b106fa3a4e96338c5dfc
0e3891cd5d6550d5c064686f563ce28a9c64e91e5db2ff302cbd974d4cfd2674
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f4a0708685889841c00251c36d4dd6602d94a15fcb568f65f8c326f38ba6639
1186a53d5335c7c1f812adeca7ee14e6aa3d752a6ff9b81674523e4d5ced0557
129b9488617427ffd16ad3692564e4a7084002451ab9186fbcd904e2e03489df
168eccecfe30ff67372f483afb84c6825d7d792998ad86d541acf283973062e0
1c6911fde06de9d5fbfea9ea63ff8cdf19061e62c9cfa1b643b3be2d20032e36
1fd13e9268297ee64ad03436fb80b93cca4780cdfcc606bb5f59976faf268e22
200cb2f9a4cd187b144dc85aaf4f8b9715772049dfae6bd3eb99bcd6cda6d763
2187d3e1658333a52c71a3af9ae48d7827e7f8bc807933270f5c4e0e76d6841b
2472712ff79ff0f94ce5adc90beed621db7338ee5d6451fc9998959d2b006caa
296ae1dd611bf3e739b18b820bcc32c0e283126a08d9d78237bc956e22639041
2993676420f15e6a90637222f21bc416b2bb5d0e8acdabc85dbdb3610c11a7ff
2a0627d4bea6b90bf27fa01dacc68912c6353cf63671334a97579db96996998c
2b63428a0431c166d8daa06457845bbf5a51dc681695a59e87da0dbd47986f93
2da70c58d593627f6d44d5d21e51f0e938a3c4fde5060beb792df544b0b12fa4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec16ced21758506c5dcda3454e0a637f11076940e682fbd798ef12517783d84
32878be1f98374f663cfeeb73f7f6309cdb4fc1a82e3b30aeffbe3c3c2009283
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
346b6ada5edc21eb08d4134729c9dc672ed77b5eaffc31f1be3ab382d6730d7d
36cc8d8c74c3416a9bbb14eba27bc2910d97cbf227a9f256128b0abd8a85aa61
38254cbb943e0f12f17ab29528e46a6aa2be2d2e0c109a5e23b686bbdffa0495
39b3c4167a7536ac16ac1bdf0d7e8d3b21b5b0ee1e02151b53625a408b569eee
3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f
3cfddb999414e8c370ffa6cc4d6f5f4de78439ff30a334a6dbd947452b6ff811
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
419daf054ec9112fcdfb2172521499a5bb9a71e2f7d442f09a6a544b0673fba7
433903449ae157398dd752c1e5faca02b5ec31f74d1c69ca7fbede8f5e8ed54b
442c5f94f41f419cb2d62746624f7ed4e7d5c6481b2d741d632d4b920fc1dc8d
45a3d1d852ae7841c2c66194de771e0bbe09fa1f00a446e38bfd1dea60ce6dfe
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
479de19033c3a1e02fdec675dd4b89bfbc827c9ad4fcc2a5bd43cc058be6465c
4a654c5143ae8c02f0a539733624782a3dec50e281421111431e046a0a589cb4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5488171b3133ce94f377bf709d6ad1de1baa53afeb8f54093cd4cbc720b42407
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e4e159c4166c341c265eff37edea699f47836510787c43cc4cc7697fb1a998
55267ef5b31d1df5b122e63ed8ec64c5df17a758b97b5f6f678e6ac7f59d7f82
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
575d43f5fb231afe678a95f6a28c2d3e439416ad3f6ad8fccf9359a27777533f
5921ce1ba73d528f48b33233345e2d9fa056179eb806dc4e607c37d8c5a00a52
5984b810302e3083bfcf887bf9bbe17b8cdc9005a392c3be0fe32232e76f2e62
5a001320b4cc097b60be02a203b001e338d9aecda19fecb153b3c84e781fdd4f
5a724195e861d2f5c50cfde44cc8dee6404d2b3dc34ad4752bf49c6646939e7d
5a836d2c3a76bd1288a33d2ec77c8030124a6a82d3697f675cb1b4cc0993ae44
5c9184ee65d9365bf05a95e61c7bd848136d25c9caf0fca0a05cc301b14ca34b
5d84e6af966a5fe2f22f672eff1161e18c0575bd9e37d82b10b9bf43effbf48b
5ecaef748e988de2037fc044417119cafca2235ce8b448411fa8156eb22b3feb
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
607c7abb3a332ddabddae41a98e7d00cf8b3b2d8e2f805acdc633c78833def86
617712edfda7245c2735fcc0cd264f39e5d643fe18913289d073d4758da94880
641d6b447caa20c2d6f86da1bbad729c3ecb7c6183a809631a1625a386483c7b
67d6b65b7d10111a307811aa141b9ff230d00ef28db6c5a377368f5299041950
6bec47ad3b816bdffae4dc81c4ee5c797a6405922ce160fb0650199ba16f2d62
773476fc4041f913eb57d338efa749e0c2b63828f086c83da65c3d3aeb51fa73
7769fbf41ecfa6814a07e9a480b962b71b819f83e7a0d15779f916a084b420ad
7e9f3857d69997f59b2123925a8e73e2751009b7c56ae4ba1a0427c3a8f91a6e
7fc167d8dcafe82cecadde8269b5fdaa9b631d17fbc1216067b0d1e0940fe45f
80aed2010ecf88f43062b62a1ae31cc10ec9400ed1c50db7c9ec38e1eb3cee96
80cf2e36ce257aaed107d2832911b8a225508ab12b8890f1ab23acd748485012
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86962954c4db42289e5bbb79560d3796c2140b66b900de5b91a3cbe1b1363e69
88347584ee0aee3605f4eae2a12323bbc9709dfb7626024c7b1bf6a3636dfbb5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b2c6deb1ad6c2ccf5638533bac80e929a6b53505448d9d1247f093e93a245c3
8b49a65628195255c15ab58585a3498473b1e40d044ab6d0c7080927446aff13
8b5cf591ff26c71f99fece5ac4cd93c18c25eb601738e737fb7764c9f462c8cb
8bfc0495fc42cd9bdb47f3f624b91e0da3b7e43643d001c7bc5285e08a72f543
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f4d6484dab0a86b49b7ce8cfd582aac30873fad0cf51f6006b043ecad50c285
8fa7d3d93842c076fc712e9a00c048f127b37c9883e715d074279d549ec99b57
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9311b91d1f1ecbdaed6d6b8e607d48c5b0873653edfa384c9bebaf386d0a8ed8
9323da6eb007bdf8b1b9fa0904048ac867a27486e77ffb89e60f38376c71464e
93b0372ab328a19fd3c3878c231aefb15698be6d3ad47d8e129fcc0da601cd69
94b1780a2e07291b5cd84b5ea51d49cade5a9acccdf5ef2ec7900779761b9ee7
979aeed8ae700fb84c8226381444e079a640056e473b2f64fc8a34e03bfcdc7c
97b9af8a0e79c25c0a3336720b2457ce4062f2fd61a73742c56265a6f8171a4d
984227c0d097ac96cff8b8ae797de2a34f79a84438685db3c72a1c226fd5a23b
9a697f4266a579542774151fd59434b6491bb13c8a7797c4a2be942f743a9bc0
9c7c21f65045771af22cf8fd225259bfaf06c22ead67a6ba41eb989cc733dfdf
9f61e1a6cb33c2cebfbac8e8288d1bcf593702b0d2bc3126300a7fc9bd7c5cdc
9f77c15b9f69e0dbaf0771be6f42ebf09780d1cd600e320a2d828527ee2021b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd
a56b7d41fb8250981b7cd1166fba7d7e4197d0db4e5667700e45eaded36d9d6c
a84a16f51997d0801c9e33f59a06b3ccb2038548404727564221a302492821ad
ab6b4d8083d09ba5e7deb1dd776ac1eaeb6ad4e30f9366359b349092f60edd4b
ac06ff3870aa71c6686dee69845dfbff5ba2130053893509cdcb4a3f847e45d9
adbd5008651b2f366e2206f6bd60c3563c0e80ed469e234ee886ce4fb1b552cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dbc6cfe3daebbc87983b9c79eb2dc0a3ee6a14e6afd353cbcccde68e019216
b71cdf587bc71b4e12fd7cb0f6857f52c69a9defb88cf1f8e75a21b5cc6d5586
b892c332405cc50fe0906a54961602e3d44125fa8dcbb9412bf3201a3218ddf0
b92f4c274365acf213a8548c6700c04836d77ec7acf5bc8084031108c3f84630
b9a9a01b23fbf6711b51490f23fac735b628d5ce2aae7081a7802b2eccd993eb
ba642a3c60fe7cf0b973f7e3210b93e950956c2206352d6e0e294d6a9d1c70b2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bda160da46a86f9eb0c2890df804cd0bffedb20ce17a33fd33ce6e423b599fe1
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bdc2882f9f24e1e000deaa2bcb97f82a7b0cdbbc524bc5a9377c51f06c620525
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c500d4cc467b0194c0a7da2aeaa0e4271d12d87a724a847edb3067c65da206ac
c5383e658eaf828b9598cd276e261513af1c4c08c4c46feac9424aedbdbc2c03
c54a43934f00c217f401d679d1974e573db67a865f3d55286de9ed07a3579322
c5db3ac4f402fd3be53df99a5bdff4b7129bb7f4988e801b7096dbc3ae93786c
c96793d780adf29aa522832bdccc2df296a5600a5c840cf8ad4f55cd256d9e01
cdc16884db881e6cf89f244b2bf7797dc664c4b1a0aae5907ebfecb12a207fc4
ce40a8be71b4d72d4b8e5a8d6174692abde2b8e9e12ac53370f348ece207ca9c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2b9c1f1c9ea64eb3d4f45dc3a50504228ab0805e2065e98f4e092250d602f2e
d51518f12dea95ae512faf6c89821fbcd922bfc0a56919dd9fd8ac6b3f53d1bb
d54068d9e4a02504b5033358e7918ed7f83642905b6982bb4862af38f7123df9
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d5ff66af4c8ea2112a3a771b63782ba48e2cd2942ad6d8182989cddb39aea5bf
d6951dc836388164379890fc8cc8ac01796617e8f8dabad014fa4cb41e91c7c7
d993749acdea97e4efed86a8c8a621230c63cd145e001b69803a1511c485af64
da30e304d7302154faabdac5b3b0cc915f35bb7c135f7a495842e2d2f814e831
da60692bdc1d7255a0a5945de7d2127d1cbe392c4a18ee988c62d0d2fa068721
db2bdae188a52c9982e88df5507d4e65d4c4e902a9e0071b419fa7d5d9cc02f7
db35496f7260347c393d5cc98696b8ba9b8adfd8ab24b00e2a148da8251e53d1
dbaa822e3800eb71818a86a65dbd3b8f16f1309493d1ee3f04e3ee3827fa8891
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08ff2ab05dcba860934913bda5ddacc4017ab3a1e2f433ff77c257a55d33434
e0fd733437d95bd1c0a3044c9194ae64cf1e69e7f8f20da95a816619bdf2f2ce
e2b8e58c49dfe86a02acbced8d3ddf91c303df4af7009ab38ad9e6b89fde24ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eb88eacbf3104d9e4b26311182406d75ca33010ae48c8150525c29263207a1
eb9053069419a91ea628d9ea6a4db912d03b796bd02120adffa8279e4e78b7e4
ebc440a97dbab7480aeb23f673a7862a37402da6360725d8290723567ce4d273
ed14d7f30b020352757fb5f992f42f571c6679fcb91664bf17deb48075f27325
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc575826bb8c0c7f8e54509414658a50080bdf90bd8e15a2a7ce3621c71a308
f219e638f85acaefe0f07b3ad4868eff7fb0e71364a99cef7909f2967d10a448
f224620bf446da8a25645d4262c4918311acf3328bceacc14bb03b3639d50bd3
f425c8a2280a742c47058d385a093e9d50268faf334cb32d2895f3e3e0f11119
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f67b66612330e664ecf28aeb214419f0473b07f70c4fdd86058645ecba38ab68
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
f8e83b702311ae80df13b9efb15d3f109e9cfd943fdb9e32bcbf361c16110449
f9c69b4b4538954a224c4b7e77c2c984203c3feeca54217dc15faba20d1aa834
fa66aa90a6ab9029977793cdfb594834fd436438c2ed41a2f4c772f6b00517f1
fd37cdd786d87b78a4c819b77c29f3bbeddbd06f4520860d51b1fd187b7d8f01
ff165de84426cfd08334db6b920e34b231a5bd18eb16519d7693ad02ba6fa012
ff977808ecabc5ed1fb744e210eeed0771992839fa55fd6c86ba47c45546ab5a

www.carmax.com Open in urlscan Pro 2a02:26f0:3500:883::1c4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

231 Requests

94 %HTTPS

26 %IPv6

57 Domains

72 Subdomains

69 IPs

9 Countries

4760 kBTransfer

11015 kBSize

67 Cookies

12 Outgoing links

Page URL History

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.carmax.com Open in urlscan Pro
2a02:26f0:3500:883::1c4e Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

94 %
HTTPS

26 %
IPv6

57
Domains

72
Subdomains

69
IPs

9
Countries

4760 kB
Transfer

11015 kB
Size

67
Cookies

231 HTTP transactions
3 data transactions