mfe.carmaxauctions.com Open in urlscan Pro
2a02:26f0:3500:883::1c4e  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848;epver=2;~oref=https%3A%2F%2Fmfe.carmaxauctions.com%2F HTTP 302
• https://8789640.fls.doubleclick.net/activityi;dc_pre=CO_vm47KsYkDFY06VQgdmTkqWA;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848;epver=2;~oref=https%3A%2F%2Fmfe.carmaxauctions.com%2F

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mfe.carmaxauctions.com/	3 KB 3 KB	517ms 323ms	Document text/html	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fd94861021e25a3ff25ceac440c6ebeaabf7827f4ea5b99d04fa57a64f883e7b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Length 1385 Content-Type text/html Date Mon, 28 Oct 2024 17:16:38 GMT ETag "78932086" Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Referrer-Policy same-origin Server-Timing ak_p; desc="1730135798185_388276615_317236827_26632_16479_38_104_-";dur=1 Strict-Transport-Security max-age=31536000 Vary Accept-Encoding X-Akamai-Transformed 9 1436 0 pmb=mTOE,2 X-Content-Type-Options nosniff X-DNS-Prefetch-Control off X-XSS-Protection 1; mode=block
GET H2	200	lato-v16-latin-regular.woff2 www.carmax.com/shared/fonts/	23 KB 23 KB	193ms 58ms	Font font/woff2	2a02:26f0:3500:89a::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers strict-transport-security max-age=31536000 ; includeSubDomains content-security-policy upgrade-insecure-requests cache-control max-age=31536000 timing-allow-origin * etag "0x8DCF7653C39EEA1" x-content-type-options nosniff request-context appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730135798682_388276615_317238274_51_17705_38_80_219";dur=1 access-control-allow-origin * content-length 23484 date Mon, 28 Oct 2024 17:16:38 GMT content-type font/woff2 last-modified Mon, 28 Oct 2024 15:28:55 GMT x-frame-options sameorigin
GET H2	200	CarMaxSharpSansDisp-Bold.woff2 www.carmax.com/shared/fonts/	51 KB 51 KB	232ms 97ms	Font font/woff2	2a02:26f0:3500:89a::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers strict-transport-security max-age=31536000 ; includeSubDomains content-security-policy upgrade-insecure-requests cache-control max-age=31536000 timing-allow-origin * etag "0x8DCF7653957D43F" x-content-type-options nosniff request-context appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730135798763_388276615_317238276_52_17653_38_0_219";dur=1 access-control-allow-origin * content-length 52120 date Mon, 28 Oct 2024 17:16:38 GMT content-type font/woff2 last-modified Mon, 28 Oct 2024 15:28:50 GMT x-frame-options sameorigin
GET H2	200	launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Show response assets.adobedtm.com/85b02176ad5a/87db5ab25e53/	459 KB 128 KB	152ms 42ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 469a0a54dbf66974d4fa100f1db52559891ab613042cfd51f29a6e4943f97776 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "34e17a1d7df500f9f911b6198219c434:1725454886.676415" expires Mon, 28 Oct 2024 18:16:38 GMT accept-ranges bytes content-length 131066 date Mon, 28 Oct 2024 17:16:38 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 13:01:26 GMT server AkamaiNetStorage vary Accept-Encoding
GET H/1.1	200 OK	main.80f2db04ee51bd73976a.js Show response mfe.carmaxauctions.com/	2 MB 730 KB	308ms 308ms	Script text/javascript	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0a25ba075045cf8dbc075d28215a3d37da0534ca574c2137949a257016ad6a83 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-DNS-Prefetch-Control off Content-Encoding gzip ETag "78932086" Connection keep-alive, Transfer-Encoding X-Content-Type-Options nosniff Referrer-Policy same-origin Server-Timing ak_p; desc="1730135798647_388276615_317237682_24719_13496_38_0_-";dur=1 X-XSS-Protection 1; mode=block Date Mon, 28 Oct 2024 17:16:38 GMT Content-Type text/javascript Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Vary Accept-Encoding
GET H/1.1	200 OK	6f176e6c Show response mfe.carmaxauctions.com/akam/13/	26 KB 10 KB	238ms 156ms	Script application/javascript	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/akam/13/6f176e6c Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6e648a4f1b84569caecb5b85e63f4f08aeef45504bc5274990e1122c538c1996 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Strict-Transport-Security max-age=31536000 Cache-Control max-age=21600 Content-Encoding gzip ETag "b3af394091694bf6acb63eea6793d1411a74dca3ab28f0e9c0ea0a0947be9134" Pragma no-cache Connection keep-alive Expires Mon, 28 Oct 2024 17:16:38 GMT Server-Timing ak_p; desc="1730135798689_388276615_317238199_10605_9311_41_40_-";dur=1 Content-Length 8775 Date Mon, 28 Oct 2024 17:16:38 GMT Stored-Attribute-Sha-Checksum 6e648a4f1b84569caecb5b85e63f4f08aeef45504bc5274990e1122c538c1996 Last-Modified Thu, 22 Feb 2024 19:52:39 GMT Content-Type application/javascript Vary Accept-Encoding
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	128ms 39ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 6624 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Mon, 28 Oct 2024 17:26:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 15:26:15 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/	35 KB 13 KB	40ms 40ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache timing-allow-origin * content-encoding gzip etag "d8232f86c8016a8e0acaa7ecfdf72b3e:1722493571.189276" expires Mon, 28 Oct 2024 18:16:38 GMT accept-ranges bytes content-length 13012 date Mon, 28 Oct 2024 17:16:38 GMT content-type application/x-javascript last-modified Thu, 01 Aug 2024 06:26:11 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/	3 KB 2 KB	42ms 42ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache timing-allow-origin * content-encoding gzip etag "bb4b6453e3ab80111a2b227318d22efb:1722493571.614634" expires Mon, 28 Oct 2024 18:16:38 GMT accept-ranges bytes content-length 1597 date Mon, 28 Oct 2024 17:16:38 GMT content-type application/x-javascript last-modified Thu, 01 Aug 2024 06:26:11 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	328 KB 110 KB	164ms 71ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f0e2b5541681da9f2f171ed93c07234c0b332eae46bfd4d40c708d71f862db4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 28 Oct 2024 17:16:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 111935 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect region1.analytics.google.com/g/	0 0	141ms 49ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8WTZ9XR7TK&gtm=45je4ao0v895393762za200&_p=1730135799227&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1112928159.1730135799&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730135799&sct=1&seg=0&dl=https%3A%2F%2Fmfe.carmaxauctions.com%2F&dt=CarMax%20Auctions&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1173 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mfe.carmaxauctions.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:39 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 558 B	147ms 48ms	Ping text/plain	2a00:1450:400c:c1d::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8WTZ9XR7TK&cid=1112928159.1730135799&gtm=45je4ao0v895393762za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mfe.carmaxauctions.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:39 GMT content-type text/plain server Golfe2
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	296ms 245ms	Image image/gif	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8WTZ9XR7TK&cid=1112928159.1730135799&gtm=45je4ao0v895393762za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=1452650819 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 28 Oct 2024 17:16:39 GMT x-xss-protection 0 content-type image/gif server cafe
GET H/1.1	200 OK	335.c989d1e1006e7cbb710f.js Show response mfe.carmaxauctions.com/	351 KB 115 KB	174ms 174ms	Script text/javascript	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/335.c989d1e1006e7cbb710f.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bd271f747416c1f1e647dd0080a298b82cbaee972feb350693f1ba07146399d8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-DNS-Prefetch-Control off Content-Encoding gzip ETag "78932086" Connection keep-alive, Transfer-Encoding X-Content-Type-Options nosniff Referrer-Policy same-origin Server-Timing ak_p; desc="1730135799324_388276615_317239840_11834_14482_38_0_-";dur=1 X-XSS-Protection 1; mode=block Date Mon, 28 Oct 2024 17:16:39 GMT Content-Type text/javascript Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Vary Accept-Encoding
GET H/1.1	200 OK	970.0de9f2371c87185d5d5c.css mfe.carmaxauctions.com/	13 KB 5 KB	247ms 247ms	Stylesheet text/css	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/970.0de9f2371c87185d5d5c.css Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5277dfcecdf7cb3cdca70912b41c01268460a8e695c35ee098719d03e7bbc37b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Strict-Transport-Security max-age=31536000 X-DNS-Prefetch-Control off Content-Encoding gzip ETag "78932086" Connection keep-alive X-Content-Type-Options nosniff Referrer-Policy same-origin Server-Timing ak_p; desc="1730135799326_388276615_317238579_19439_12680_39_0_-";dur=1 Content-Length 4003 X-XSS-Protection 1; mode=block Date Mon, 28 Oct 2024 17:16:39 GMT Content-Type text/css Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Vary Accept-Encoding
GET H/1.1	200 OK	970.d45df6e7074f32c413f4.js Show response mfe.carmaxauctions.com/	137 KB 51 KB	245ms 166ms	Script text/javascript	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/970.d45df6e7074f32c413f4.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f148638de9e83d716c0a3e5bea445964f74add866feed2a8d8bff00334387458 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Strict-Transport-Security max-age=31536000 X-DNS-Prefetch-Control off Content-Encoding gzip ETag "78932086" Connection keep-alive X-Content-Type-Options nosniff Referrer-Policy same-origin Server-Timing ak_p; desc="1730135799365_388276615_317240254_11213_14110_38_40_-";dur=1 Content-Length 51365 X-XSS-Protection 1; mode=block Date Mon, 28 Oct 2024 17:16:39 GMT Content-Type text/javascript Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Vary Accept-Encoding
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	/ Show response zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/	10 KB 5 KB	128ms 44ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c4f52cf82d388b07a7650f5e4e4dd0c97f2ae0e782b3c37ac882e81b66c7d13 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"26a8-i/4bXCsPnS9mSKU3vtK2lifVRYc" age 1741 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:39 GMT edge-control max-age=604800 content-type application/javascript; charset=utf-8 vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=3600, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932cffaae50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	RC6bdcefbefd764af495f95cf3ad8ed5bb-source.min.js Show response assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/	403 B 497 B	53ms 52ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RC6bdcefbefd764af495f95cf3ad8ed5bb-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 5bed91c21d1c1a41931ee37c6bc103b768bb34d2e3801a335ab46503c55afadc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781" expires Mon, 28 Oct 2024 18:16:39 GMT accept-ranges bytes content-length 262 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 13:01:30 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	200	lato-v16-latin-700.woff2 www.carmax.com/shared/fonts/	22 KB 23 KB	59ms 59ms	Font font/woff2	2a02:26f0:3500:89a::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/970.0de9f2371c87185d5d5c.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers strict-transport-security max-age=31536000 ; includeSubDomains content-security-policy upgrade-insecure-requests cache-control max-age=31536000 timing-allow-origin * etag "0x8DCF7653B7D7100" x-content-type-options nosniff request-context appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730135799766_388276615_317241401_41_18840_38_0_255";dur=1 access-control-allow-origin * content-length 22992 date Mon, 28 Oct 2024 17:16:39 GMT content-type font/woff2 last-modified Mon, 28 Oct 2024 15:28:54 GMT x-frame-options sameorigin
GET H2	200	fs.js Show response edge.fullstory.com/s/	285 KB 77 KB	130ms 41ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers x-goog-metageneration 1 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace content-encoding br x-goog-hash crc32c=QJy1Rg==, md5=e0O2bwAxyh7l77Qm2MDHwg== etag "7b43b66f0031ca1ee5efb426d8c0c7c2" age 2857 x-goog-stored-content-encoding br expires Mon, 28 Oct 2024 17:29:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 78625 date Mon, 28 Oct 2024 16:29:02 GMT last-modified Tue, 22 Oct 2024 14:26:14 GMT content-type application/javascript vary Accept-Encoding x-guploader-uploadid AHmUCY3E2OFpcrSW5Ldd9W9XJucXdk8uPF2MUW6wtt3VEJS80WTkY4HjdnXChK7LKVa0N8X15EtxKTe7ZQ cache-control public, max-age=3600,no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1729607174161927 content-length 78625 server UploadServer
OPTIONS H2	200	Remote:Home auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/ Frame	0 0	628ms 449ms	Preflight	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/Remote:Home Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers cache-control Access-Control-Request-Method GET Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 0 date Mon, 28 Oct 2024 17:16:40 GMT request-context appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb x-azure-ref 20241028T171639Z-er1787bdbf4j7znfkpm016vkuw00000003kg0000000122zh x-cache CONFIG_NOCACHE
OPTIONS H2	200	63b74ffbe4f956124ca58727 app.launchdarkly.com/sdk/goals/ Frame	0 0	129ms 40ms	Preflight	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/63b74ffbe4f956124ca58727 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method GET Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 age 0 allow GET, OPTIONS, HEAD content-encoding gzip content-length 23 date Mon, 28 Oct 2024 17:16:39 GMT ld-region us-east-1 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-fra-etou8220108-FRA x-timer S1730135800.896770,VS0,VE1
OPTIONS H2	204	63b74ffbe4f956124ca58727 events.launchdarkly.com/events/diagnostic/ Frame	0 0	360ms 118ms	Preflight	3.225.166.233 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/63b74ffbe4f956124ca58727 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-166-233.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method POST Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Mon, 28 Oct 2024 17:16:40 GMT strict-transport-security max-age=31536000; includeSubDomains
GET		Remote:Home auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/	0 0
GET H2	200	63b74ffbe4f956124ca58727 Show response app.launchdarkly.com/sdk/goals/	2 B 179 B	42ms 41ms	XHR application/json	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/63b74ffbe4f956124ca58727 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers X-LaunchDarkly-Wrapper react-client-sdk/3.0.4 Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-LaunchDarkly-User-Agent JSClient/3.1.4 Response headers content-md5 d751713988987e9331980363e24189ce access-control-max-age 300 content-encoding gzip etag "d751713988987e9331980363e24189ce" age 0 access-control-allow-methods GET, OPTIONS, HEAD x-cache HIT date Mon, 28 Oct 2024 17:16:39 GMT content-type application/json x-served-by cache-fra-etou8220108-FRA x-cache-hits 1 access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding cache-control max-age=0 x-timer S1730135800.938168,VS0,VE1 ld-region us-east-1 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 26
POST H2	202	63b74ffbe4f956124ca58727 Show response events.launchdarkly.com/events/diagnostic/	0 358 B	134ms 133ms	XHR application/json	3.225.166.233 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/63b74ffbe4f956124ca58727 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-166-233.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers X-LaunchDarkly-Wrapper react-client-sdk/3.0.4 Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-LaunchDarkly-User-Agent JSClient/3.1.4 Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 300 access-control-expose-headers Date access-control-allow-methods POST,OPTIONS access-control-allow-origin * content-length 0 date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
GET H/1.1	200 OK	favicon.ico mfe.carmaxauctions.com/	4 KB 1 KB	153ms 152ms	Other image/vnd.microsoft.icon	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 83396571b62e0b62acad3e8747db9c0ae00863fe92d47818ccbaf03fc0c66b84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://mfe.carmaxauctions.com/ Response headers Strict-Transport-Security max-age=31536000 X-DNS-Prefetch-Control off Content-Encoding gzip ETag "78932086" Connection keep-alive X-Content-Type-Options nosniff Referrer-Policy same-origin Server-Timing ak_p; desc="1730135799809_388276615_317240622_9771_14226_39_0_-";dur=1 Content-Length 700 X-XSS-Protection 1; mode=block Date Mon, 28 Oct 2024 17:16:39 GMT Content-Type image/vnd.microsoft.icon Last-Modified Wed, 16 Oct 2024 20:22:50 GMT Vary Accept-Encoding
GET H2	200	eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiNjUxOWQ5ZDAtOTU1MC0xMWVmLTkwNDQtYTdlZGYzNmI0NjcyIn0 clientstream.launchdarkly.com/eval/63b74ffbe4f956124ca58727/	5 KB 0	224ms 95ms	EventSource text/event-stream	13.248.151.210 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientstream.launchdarkly.com/eval/63b74ffbe4f956124ca58727/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiNjUxOWQ5ZDAtOTU1MC0xMWVmLTkwNDQtYTdlZGYzNmI0NjcyIn0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.151.210 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a1370dc23e25e46ce.awsglobalaccelerator.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Cache-Control no-cache Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept text/event-stream Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 300 cache-control no-cache, no-store, must-revalidate ld-region eu-west-1 access-control-allow-methods GET,OPTIONS accept-ranges bytes access-control-allow-origin * date Mon, 28 Oct 2024 17:16:39 GMT content-type text/event-stream; charset=utf-8 access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
GET		entries auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/	0 0
OPTIONS H2	200	entries auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ Frame	0 0	578ms 442ms	Preflight	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-contentful-user-agent,x-correlation-id Access-Control-Request-Method GET Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 0 date Mon, 28 Oct 2024 17:16:40 GMT request-context appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb x-azure-ref 20241028T171639Z-er1787bdbf4j7znfkpm016vkuw00000003kg0000000122zk x-cache CONFIG_NOCACHE
GET H2	200	destination Show response www.googletagmanager.com/gtag/	234 KB 84 KB	58ms 57ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-8789640&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 425006ef1867fa25f5a360629796ec6ec204ab831f55fada4ea421e57164d59c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Mon, 28 Oct 2024 17:16:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 28 Oct 2024 16:29:15 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 85220 x-xss-protection 0 server Google Tag Manager
GET H2	200	RCdc1b8e0d7f654543be60dd5e9730e0c5-source.min.js Show response assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/	623 B 616 B	41ms 40ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RCdc1b8e0d7f654543be60dd5e9730e0c5-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 8b52a69ab2067f6f2c386e185345f265d50805bc3c92858f9179bb510b2251d5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781" expires Mon, 28 Oct 2024 18:16:39 GMT accept-ranges bytes content-length 380 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 13:01:30 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	200	FiraCode-v5-Regular.woff2 www.carmax.com/shared/fonts/	69 KB 69 KB	59ms 59ms	Font font/woff2	2a02:26f0:3500:89a::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.carmax.com/shared/fonts/FiraCode-v5-Regular.woff2 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 14a2a2d05cc4a2a515743cb82360e03a7c968106da99ac665b9d1175b065fdf0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers strict-transport-security max-age=31536000 ; includeSubDomains content-security-policy upgrade-insecure-requests cache-control max-age=31536000 timing-allow-origin * etag "0x8DCF7653AC4EA73" x-content-type-options nosniff request-context appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730135799836_388276615_317241602_51_19266_38_0_255";dur=1 access-control-allow-origin * content-length 70600 date Mon, 28 Oct 2024 17:16:39 GMT content-type font/woff2 last-modified Mon, 28 Oct 2024 15:28:52 GMT x-frame-options sameorigin
POST H/1.1	200 OK	pixel_6f176e6c Show response mfe.carmaxauctions.com/akam/13/	0 903 B	58ms 56ms	XHR text/html	2a02:26f0:3500:883::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfe.carmaxauctions.com/akam/13/pixel_6f176e6c Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Request-Id |b7206cc12bfd4843b0848a2e451cba3c.feb0103eccdc42e3 traceparent 00-b7206cc12bfd4843b0848a2e451cba3c-feb0103eccdc42e3-01 Referer https://mfe.carmaxauctions.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Strict-Transport-Security max-age=31536000 Server-Timing ak_p; desc="1730135799861_388276615_317240673_1728_11048_38_0_-";dur=1 Content-Length 0 Date Mon, 28 Oct 2024 17:16:39 GMT Content-Type text/html Connection keep-alive
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 87 KB	59ms 58ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1020392687 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1e3ac7ec43083f7dd9596bd501ac1efadda207bbed980dd1b3958a3719877d98 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 28 Oct 2024 17:16:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 28 Oct 2024 16:29:15 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89371 x-xss-protection 0 server Google Tag Manager
GET H2	200	RC61362f7ca12b434b9e189bd714d278da-source.min.js Show response assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/	1 KB 856 B	40ms 40ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RC61362f7ca12b434b9e189bd714d278da-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b3774594679b4e55772a5b4f16fa376ace8044da76c88828a3f67ae08b5fe828 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781" expires Mon, 28 Oct 2024 18:16:39 GMT accept-ranges bytes content-length 621 date Mon, 28 Oct 2024 17:16:39 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 13:01:30 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	200	10.38aeed0d11906619d785.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	75 KB 21 KB	46ms 39ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=mfe.carmaxauctions.com Requested by Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a35569fbded218fc0e3f2a5b6c204d358d59d5ab7ac18b95882f7be058912766 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"12a92-192b0535bd0" age 190279 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:39 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932d5919e50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	activityi;dc_pre=CO_vm47KsYkDFY06VQgdmTkqWA;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw... 8789640.fls.doubleclick.net/ Frame 154D Redirect Chain https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... https://8789640.fls.doubleclick.net/activityi;dc_pre=CO_vm47KsYkDFY06VQgdmTkqWA;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;ua...	0 0	67ms 66ms	Document text/html	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8789640.fls.doubleclick.net/activityi;dc_pre=CO_vm47KsYkDFY06VQgdmTkqWA;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848;epver=2;~oref=https%3A%2F%2Fmfe.carmaxauctions.com%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-8789640&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 360 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 28 Oct 2024 17:16:40 GMT expires Mon, 28 Oct 2024 17:16:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 28 Oct 2024 17:16:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8789640.fls.doubleclick.net/activityi;dc_pre=CO_vm47KsYkDFY06VQgdmTkqWA;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848;epver=2;~oref=https%3A%2F%2Fmfe.carmaxauctions.com%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activity;register_conversion=1;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap... ad.doubleclick.net/	0 23 B	158ms 76ms	Image image/png	142.250.74.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;register_conversion=1;src=8789640;type=carmax00;cat=carma0;ord=1907648827428;npa=1;auiddc=290378373.1730135800;ps=1;pcor=1334403731;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848;epver=2;~oref=https%3A%2F%2Fmfe.carmaxauctions.com%2F? Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Mon, 28 Oct 2024 17:16:40 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"15027722634973779045"}],"aggregatable_trigger_data":[{"filters":[{"14":["13552906"]}],"key_piece":"0xbb9f6dd826f2b394","source_keys":["12","13","14","15","16","17","18","19","20","21","20511848","20511849","20511850","20511851","24796100","24796101","24796102","24796103","628736424","628736425","628736426","628736427","628738392","628738393","628738394","628738395","628749340","628749341","628749342","628749343","628843948","628843949","628843950","628843951"]},{"key_piece":"0x3611372df87288b3","not_filters":{"14":["13552906"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20511848","20511849","20511850","20511851","24796100","24796101","24796102","24796103","628736424","628736425","628736426","628736427","628738392","628738393","628738394","628738395","628749340","628749341","628749342","628749343","628843948","628843949","628843950","628843951"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20511848":40,"20511849":40,"20511850":40,"20511851":3973,"21":6356,"24796100":36,"24796101":36,"24796102":36,"24796103":3530,"628736424":32,"628736425":32,"628736426":32,"628736427":3177,"628738392":32,"628738393":32,"628738394":32,"628738395":3177,"628749340":32,"628749341":32,"628749342":32,"628749343":3177,"628843948":32,"628843949":32,"628843950":32,"628843951":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"8704572312442530545","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15027722634973779045","filters":[{"14":["13552906"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15027722634973779045","filters":[{"14":["13552906"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15027722634973779045","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15027722634973779045","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8789640"]}} content-type image/png x-xss-protection 0 server cafe
GET H2	200	FiraCode-v5-Bold.woff2 www.carmax.com/shared/fonts/	68 KB 68 KB	63ms 62ms	Font font/woff2	2a02:26f0:3500:89a::1c4e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.carmax.com/shared/fonts/FiraCode-v5-Bold.woff2 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 3403b9288b6fc27aa9ad56ba8a43781e4834742c970197d7d2799eb35e67d234 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers strict-transport-security max-age=31536000 ; includeSubDomains content-security-policy upgrade-insecure-requests cache-control max-age=31536000 timing-allow-origin * etag "0x8DCF7653A1033D4" x-content-type-options nosniff request-context appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730135799965_388276615_317242013_57_21812_38_0_255";dur=1 access-control-allow-origin * content-length 69452 date Mon, 28 Oct 2024 17:16:39 GMT content-type font/woff2 last-modified Mon, 28 Oct 2024 15:28:51 GMT x-frame-options sameorigin
GET H2	200	RCac6b68f4dcc5416bb6621d2135ee6281-source.min.js Show response assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/	755 B 700 B	99ms 98ms	Script application/x-javascript	2a02:26f0:7100:481::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RCac6b68f4dcc5416bb6621d2135ee6281-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:481::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash f9afcd35c7f7b06b154770b63c09a94c935db8e2721563519114a2925f577f44 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781" expires Mon, 28 Oct 2024 18:16:40 GMT accept-ranges bytes content-length 464 date Mon, 28 Oct 2024 17:16:40 GMT content-type application/x-javascript last-modified Wed, 04 Sep 2024 13:01:30 GMT server AkamaiNetStorage vary Accept-Encoding
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	3 KB 2 KB	150ms 148ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_57m59OKChrnJ9Hv&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7ff093b5960a0b4cbd3065760b27de98bd47d1239442ea1787dfd4c1944bafd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer Response headers content-encoding gzip cf-cache-status DYNAMIC x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * trace-id 4a5a4ac9b39524f3 access-control-allow-credentials true referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932dcb5fe50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin https://mfe.carmaxauctions.com server cloudflare
POST H3	200	collect www.google.com/ccm/	0 0	136ms 52ms	Ping text/html	142.250.186.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fmfe.carmaxauctions.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=137724642.1730135800&auid=290378373.1730135800&npa=1&gtm=45be4ao0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101925628&tft=1730135799969&tfd=1888&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1020392687 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers
GET H3	200	conversion.js Show response www.googleadservices.com/pagead/	57 KB 20 KB	117ms 59ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 54d5275c2a5d35517ec9ee07334a9d8fe5227bb5d8006e35e7758d82eae574e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 7984964252860712406 x-content-type-options nosniff expires Mon, 28 Oct 2024 17:16:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 28 Oct 2024 17:16:40 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 20935 x-xss-protection 0 server cafe
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame 9DB7	0 0	134ms 48ms	Document text/html	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmfe.carmaxauctions.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1020392687 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Mon, 28 Oct 2024 17:16:40 GMT expires Tue, 28 Oct 2025 17:16:40 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	web Show response edge.fullstory.com/s/settings/17AD5K/v1/	12 KB 3 KB	201ms 200ms	XHR application/json	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/settings/17AD5K/v1/web Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash c07dfb9827c82b43c06141c091c6aaa43d4f2563484a99208fccc458df096618 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-goog-metageneration 1 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace content-encoding gzip x-goog-hash crc32c=Qq6h4g==, md5=DdE71UaD4CeXx1idmT/s5g== etag "0dd13bd54683e02797c7589d993fece6" x-goog-stored-content-encoding gzip expires Mon, 28 Oct 2024 17:31:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 2510 date Mon, 28 Oct 2024 17:16:40 GMT last-modified Mon, 28 Oct 2024 17:16:13 GMT content-type application/json x-guploader-uploadid AHmUCY3bsuN6AKoB3QlslhOq7VtHV6laihjW36N2kEbeJ3D5dmUc375qchXimoNZlyVXceTf5DkhTEBABg cache-control public,max-age=900,no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1730135773571459 content-length 2510 server UploadServer
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 425 B	49ms 48ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=987345358&t=pageview&_s=1&dl=https%3A%2F%2Fmfe.carmaxauctions.com%2F&ul=de-de&de=UTF-8&dt=CarMax%20Auctions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABBAAAACAAI~&jid=1696719204&gjid=546745142&cid=1112928159.1730135799&tid=UA-187672-5&_gid=530468247.1730135799&_r=1&_slc=1&z=1833680196 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:40 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://mfe.carmaxauctions.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	102 KB 30 KB	36ms 36ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=mfe.carmaxauctions.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fda81996ae46179a6850577b035cc1bb1149edc2051c225215b93774a867857 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"197ee-192b0535bd0" age 190279 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932ecf65e50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1020392687/	43 B 62 B	146ms 63ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020392687/?random=1730135800145&cv=9&fst=1730135800145&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmfe.carmaxauctions.com%2F&tiba=CarMax%20Auctions&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 37 date Mon, 28 Oct 2024 17:16:40 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	bat.js Show response bat.bing.com/	50 KB 15 KB	193ms 62ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "028e0691d20db1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D55189287FFC4CFD95DC83D9AB8D297A Ref B: FRA31EDGE0809 Ref C: 2024-10-28T17:16:40Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14570 date Mon, 28 Oct 2024 17:16:40 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 22:47:44 GMT vary Accept-Encoding
GET H2	200	5.c9af7b501c84271e535b.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	3 KB 1 KB	42ms 41ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/5.c9af7b501c84271e535b.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax Requested by Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aff40dc879a8465871e1f6fcb08a79d9154b735dd7635b224331e1f2c9b08b2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"b55-192b0535bd0" age 318802 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f18d6e50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	1.a77e4e41b6b3512a0cb4.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	29 KB 7 KB	38ms 37ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.a77e4e41b6b3512a0cb4.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax Requested by Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ac659d27db2b9fc7c61a31ea5ee2fdea9ba88f34f10d67c379822e693929bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"741f-192b0535bd0" age 190280 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f18dbe50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	FeedbackLinkModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	3 KB 2 KB	41ms 40ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=mfe.carmaxauctions.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b5e7a50cbce2d1bbba7083013c688f5b8154f23f295668d4ac03aec44e10a7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"dd9-192b0535bd0" age 318693 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f18e1e50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	EmbeddedTargetModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	8 KB 3 KB	40ms 40ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=mfe.carmaxauctions.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eadb13ac81f132cfe53a0cb2918537a832d03d402339db8c8f44d79fbee8854 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag W/"2129-192b0535bd0" age 196751 x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/javascript last-modified Mon, 21 Oct 2024 18:25:06 GMT vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f18e5e50b-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	3 KB 1 KB	810ms 744ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_e55XkVLyZXPgKKF&Version=4&Q_ORIGIN=https://mfe.carmaxauctions.com&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e684fbff557805e1f6a1d0816027f5818dcdda2aa51bac633567076b19114066 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-request-id b45b0baf-a1cf-4c52-a538-4e8af0361c63 x-transaction-id 21100f06-8f90-48fd-8733-70f0b2723dc2 content-encoding gzip cf-cache-status MISS etag W/"add-2znJolVCG0e1yh9xbhM+g3+j4a0" x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/json; charset=utf-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f8edde523-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	332 B 837 B	236ms 171ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_abBlHwlX36yAtQ9&Version=1&Q_InterceptID=SI_e55XkVLyZXPgKKF&Q_ORIGIN=https://mfe.carmaxauctions.com&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28e5bdded672dfc093d57a42d95db92a03913c81e0700a6049a766b223b8b652 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-request-id 788a6e15-2d9c-4ed3-bb76-d3672af0dad0 x-transaction-id a9f04b39-fc45-4f11-8a7b-818eb8cfa9c9 content-encoding br cf-cache-status MISS etag W/"14c-BplV/Jprm/9A27+DXJ3aFqvNpH8" x-content-type-options nosniff date Mon, 28 Oct 2024 17:16:40 GMT edge-control max-age=604800 content-type application/json; charset=utf-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=604800 referrer-policy strict-origin-when-cross-origin content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report cf-ray 8d9c932f8ee4e523-TXL permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * server cloudflare
OPTIONS H2	204	track eastus-8.in.applicationinsights.azure.com//v2/ Frame	0 0	659ms 242ms	Preflight	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Mon, 28 Oct 2024 17:16:40 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	track Show response eastus-8.in.applicationinsights.azure.com//v2/	62 B 120 B	127ms 123ms	XHR application/json	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e4fa1df5a5a536fe568b31a0d4916ce5b432cc7b480e5ce6edc0967aaee5e231 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/json Referer Response headers strict-transport-security max-age=31536000 access-control-allow-origin * date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json; charset=utf-8 server Microsoft-HTTPAPI/2.0 x-content-type-options nosniff
POST H2	200	page Show response rs.fullstory.com/rec/	1 KB 839 B	256ms 166ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash 51c71808d27d60862ae5e34ac9bb1a6e22ac23cd2e09717c07d021c2f4a62016 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer Response headers content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://mfe.carmaxauctions.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 654 date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json; charset=utf-8
POST H2	200	track Show response eastus-8.in.applicationinsights.azure.com//v2/	62 B 166 B	124ms 122ms	XHR application/json	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash c81e0192ba8effd8a330480a50503c9d559fb277a7411ec2ed4ddfe2123f03e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/json Referer Response headers strict-transport-security max-age=31536000 access-control-allow-origin * date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json; charset=utf-8 server Microsoft-HTTPAPI/2.0 x-content-type-options nosniff
OPTIONS H2	204	track eastus-8.in.applicationinsights.azure.com//v2/ Frame	0 0	557ms 242ms	Preflight	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Mon, 28 Oct 2024 17:16:40 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
GET H2	200	26011893.js Show response bat.bing.com/p/action/	370 B 421 B	63ms 62ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/26011893.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B8E58C313ADC4BC39657BDD75C73528B Ref B: FRA31EDGE0809 Ref C: 2024-10-28T17:16:40Z x-cache CONFIG_NOCACHE date Mon, 28 Oct 2024 17:16:40 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
POST H2	204	0 bat.bing.net/actionp/	0 346 B	211ms 79ms	Ping text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.net/actionp/0?ti=26011893&Ver=2&mid=c38aba2d-4e39-415f-904e-ed1851c2e4ac&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E1E4F5F87C76457EA150931D63DF9DA4 Ref B: FRA31EDGE0217 Ref C: 2024-10-28T17:16:40Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Mon, 28 Oct 2024 17:16:39 GMT
GET H2	204	0 bat.bing.net/action/	0 120 B	209ms 78ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.net/action/0?ti=26011893&Ver=2&mid=c38aba2d-4e39-415f-904e-ed1851c2e4ac&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=CarMax%20Auctions&p=https%3A%2F%2Fmfe.carmaxauctions.com%2F&r=&lt=1659&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=56865 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1FEB80DDA21845398C5EE26A6A6FCB8C Ref B: FRA31EDGE0217 Ref C: 2024-10-28T17:16:40Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Mon, 28 Oct 2024 17:16:39 GMT
OPTIONS H2	204	track eastus-8.in.applicationinsights.azure.com//v2/ Frame	0 0	372ms 242ms	Preflight	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Mon, 28 Oct 2024 17:16:40 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	track Show response eastus-8.in.applicationinsights.azure.com//v2/	62 B 120 B	244ms 240ms	XHR application/json	52.179.73.34 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://eastus-8.in.applicationinsights.azure.com//v2/track Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash b77934d05bdd2a58f476814325af7edfccad6f36b47247c3f10c6250891bafd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/json Referer Response headers strict-transport-security max-age=31536000 access-control-allow-origin * date Mon, 28 Oct 2024 17:16:40 GMT content-type application/json; charset=utf-8 server Microsoft-HTTPAPI/2.0 x-content-type-options nosniff
GET H2	200	fs.js Show response edge.fullstory.com/s/ Frame C6D1	285 KB 0	130ms 41ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: edge.fullstory.com URL: https://edge.fullstory.com/s/fs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://mfe.carmaxauctions.com Referer Response headers x-goog-metageneration 1 access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace content-encoding br x-goog-hash crc32c=QJy1Rg==, md5=e0O2bwAxyh7l77Qm2MDHwg== etag "7b43b66f0031ca1ee5efb426d8c0c7c2" age 2857 x-goog-stored-content-encoding br expires Mon, 28 Oct 2024 17:29:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 78625 date Mon, 28 Oct 2024 16:29:02 GMT last-modified Tue, 22 Oct 2024 14:26:14 GMT content-type application/javascript vary Accept-Encoding x-guploader-uploadid AHmUCY3E2OFpcrSW5Ldd9W9XJucXdk8uPF2MUW6wtt3VEJS80WTkY4HjdnXChK7LKVa0N8X15EtxKTe7ZQ cache-control public, max-age=3600,no-transform x-goog-storage-class MULTI_REGIONAL accept-ranges bytes access-control-allow-origin * x-goog-generation 1729607174161927 content-length 78625 server UploadServer
POST H2	202	63b74ffbe4f956124ca58727 Show response events.launchdarkly.com/events/bulk/	0 358 B	119ms 117ms	XHR application/json	3.225.166.233 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/63b74ffbe4f956124ca58727 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-166-233.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers X-LaunchDarkly-Wrapper react-client-sdk/3.0.4 X-LaunchDarkly-Event-Schema 4 Referer X-LaunchDarkly-Payload-ID 664b2de0-9550-11ef-9044-a7edf36b4672 X-LaunchDarkly-User-Agent JSClient/3.1.4 Content-Type application/json User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 300 access-control-expose-headers Date access-control-allow-methods POST,OPTIONS access-control-allow-origin * content-length 0 date Mon, 28 Oct 2024 17:16:41 GMT content-type application/json access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
OPTIONS H2	204	63b74ffbe4f956124ca58727 events.launchdarkly.com/events/bulk/ Frame	0 0	117ms 117ms	Preflight	3.225.166.233 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/63b74ffbe4f956124ca58727 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-166-233.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method POST Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Mon, 28 Oct 2024 17:16:41 GMT strict-transport-security max-age=31536000; includeSubDomains
GET		entries auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/	0 0
OPTIONS H2	200	entries auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ Frame	0 0	126ms 126ms	Preflight	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-contentful-user-agent,x-correlation-id Access-Control-Request-Method GET Origin https://mfe.carmaxauctions.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 0 date Mon, 28 Oct 2024 17:16:42 GMT request-context appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb x-azure-ref 20241028T171642Z-er1787bdbf4j7znfkpm016vkuw00000003kg00000001237r x-cache CONFIG_NOCACHE
POST H2	200	v2 Show response rs.fullstory.com/rec/bundle/	29 B 82 B	247ms 241ms	XHR application/json	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/bundle/v2?OrgId=17AD5K&UserId=829fedf1-aea9-4a4d-b419-84933c173233&SessionId=257efb9f-844f-4f01-bd02-6bf7e32e12c8&PageId=284340ed-04ff-4a6d-b1fc-2a9fedb5a73a&Seq=1&ClientTime=1730135803056&PageStart=1730135800521&PrevBundleTime=0&LastActivity=2312&IsNewSession=true&ContentEncoding=gzip Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash b6b7709a353b19f93cc3ee71eb4612db34f67a21967f393c2f39498fff7348f5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer Response headers via 1.1 google access-control-allow-origin https://mfe.carmaxauctions.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 date Mon, 28 Oct 2024 17:16:43 GMT content-type application/json; charset=utf-8 access-control-allow-credentials true
POST H2	204	collect Show response region1.analytics.google.com/g/	0 57 B	49ms 47ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8WTZ9XR7TK&gtm=45je4ao0v895393762za200&_p=1730135799227&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1112928159.1730135799&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730135799&sct=1&seg=0&dl=https%3A%2F%2Fmfe.carmaxauctions.com%2F&dt=CarMax%20Auctions&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6180 Requested by Host: mfe.carmaxauctions.com URL: https://mfe.carmaxauctions.com/main.80f2db04ee51bd73976a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mfe.carmaxauctions.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 28 Oct 2024 17:16:44 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

auctions-microfrontend-apim-prod-fd.azurefd.net

URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/Remote:Home

Domain

auctions-microfrontend-apim-prod-fd.azurefd.net

URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2

Domain

auctions-microfrontend-apim-prod-fd.azurefd.net

URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2