wwwuat.carmaxauctions.com Open in urlscan Pro
2a02:26f0:3500:89a::1c4e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wwwuat.carmaxauctions.com/
Submission Tags: falconsandbox
Submission: On October 28 via api (October 28th 2024, 4:47:45 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 107 HTTP transactions. The main IP is 2a02:26f0:3500:89a::1c4e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is wwwuat.carmaxauctions.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 13th 2024. Valid for: a year.

This is the only time wwwuat.carmaxauctions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2a02:26f0:350... 2a02:26f0:3500:89a::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:350... 2a02:26f0:3500:883::1c4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:480... 2a02:26f0:480:f9c::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
4	34.226.129.80 34.226.129.80	14618 (AMAZON-AES) (AMAZON-AES)
10	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	52.188.247.148 52.188.247.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33:3... 2620:1ec:33:3::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	76.223.37.127 76.223.37.127	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
107	26

38 2a02:26f0:3500:89a::1c4e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

wwwuat.carmaxauctions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.carmaxauctions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-images.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:883::1c4e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.carmax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f9c::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auctions-microfrontend-apim-prod-fd.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.226.129.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-129-80.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

8789640.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.188.247.148 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-8.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.37.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: a53ca0d409b301261.awsglobalaccelerator.com

ethn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	carmaxauctions.com wwwuat.carmaxauctions.com www.carmaxauctions.com	2 MB
17	carmax.com www.carmax.com — Cisco Umbrella Rank: 51731 content-images.carmax.com — Cisco Umbrella Rank: 115714	1009 KB
10	qualtrics.com zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 835	72 KB
8	azurefd.net auctions-microfrontend-apim-prod-fd.azurefd.net	9 KB
7	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 767 clientstream.launchdarkly.com — Cisco Umbrella Rank: 989 events.launchdarkly.com — Cisco Umbrella Rank: 884	902 B
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	146 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1985 rs.fullstory.com — Cisco Umbrella Rank: 2089	81 KB
5	azure.com eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 6132	406 B
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 8789640.fls.doubleclick.net — Cisco Umbrella Rank: 80644 ad.doubleclick.net — Cisco Umbrella Rank: 150 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	281 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401 www.google.com — Cisco Umbrella Rank: 3	48 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	465 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
1	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 4007	1 KB
1	ethn.io ethn.io — Cisco Umbrella Rank: 44576	488 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
107	18

	Domain	Requested by
18	www.carmaxauctions.com	wwwuat.carmaxauctions.com www.carmaxauctions.com
12	content-images.carmax.com
9	siteintercept.qualtrics.com	zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com wwwuat.carmaxauctions.com siteintercept.qualtrics.com
8	auctions-microfrontend-apim-prod-fd.azurefd.net	wwwuat.carmaxauctions.com
8	wwwuat.carmaxauctions.com	wwwuat.carmaxauctions.com
7	assets.adobedtm.com	wwwuat.carmaxauctions.com assets.adobedtm.com
5	eastus-8.in.applicationinsights.azure.com	wwwuat.carmaxauctions.com
5	www.carmax.com	wwwuat.carmaxauctions.com
4	events.launchdarkly.com	wwwuat.carmaxauctions.com
4	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	rs.fullstory.com	wwwuat.carmaxauctions.com
3	edge.fullstory.com	wwwuat.carmaxauctions.com edge.fullstory.com
2	bat.bing.net	bat.bing.com
2	bat.bing.com	wwwuat.carmaxauctions.com bat.bing.com
2	8789640.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	app.launchdarkly.com	wwwuat.carmaxauctions.com
2	region1.analytics.google.com	www.googletagmanager.com wwwuat.carmaxauctions.com
2	www.google-analytics.com	assets.adobedtm.com wwwuat.carmaxauctions.com
1	adobedc.demdex.net	assets.adobedtm.com
1	ethn.io	www.carmaxauctions.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	assets.adobedtm.com
1	www.google.com	www.googletagmanager.com
1	ad.doubleclick.net
1	zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com	wwwuat.carmaxauctions.com
1	clientstream.launchdarkly.com	wwwuat.carmaxauctions.com
1	www.google.de	wwwuat.carmaxauctions.com
1	stats.g.doubleclick.net	www.googletagmanager.com
107	28

This site contains links to these domains. Also see Links.

Domain
wcs.carmax.com
play.google.com
apps.apple.com
player.vimeo.com
www.kineticadvantage.com
www.carmaxauctions.com
content-assets.carmax.com
image.email-carmax.com
kmxaucteaststorage.blob.core.windows.net

Subject Issuer	Validity	Valid
www.carmax.com GeoTrust RSA CA 2018	`2024-09-13` - `2025-09-15`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
edge.fullstory.com WR3	`2024-10-20` - `2025-01-18`	3 months	crt.sh
*.azurefd.net Microsoft Azure RSA TLS Issuing CA 07	`2024-08-05` - `2025-07-31`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2024-07-16` - `2025-08-14`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
rs.fullstory.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-09-16` - `2025-09-11`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
ethn.io Amazon RSA 2048 M02	`2023-12-11` - `2025-01-09`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-11-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://wwwuat.carmaxauctions.com/
Frame ID: 0A33C694104DAE91D0C81FDD1107F890
Requests: 98 HTTP requests in this frame

Frame: https://8789640.fls.doubleclick.net/activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F
Frame ID: E3F5EFF2DF11E01A6C67DE352110B160
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwwwuat.carmaxauctions.com
Frame ID: 593D6DFB5A05950FB37731844FEA4DC8
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 17484ECC90D95C400E5AB963A499C6D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CarMax Auctions

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

107
Requests

100 %
HTTPS

40 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

3706 kB
Transfer

7597 kB
Size

19
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://wcs.carmax.com/register
Title: CREATE ACCOUNT

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.velocicast.mobile.carmax&hl=en
Title: Google Play

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/carmax-auctions/id6479819758
Title: App Store

Search URL Search Domain Scan URL

URL: https://player.vimeo.com/video/987325970?h=cbe89c793e&badge=0&autopause=0&player_id=0&app_id=58479
Title: Check out a video about the app to learn more.

Search URL Search Domain Scan URL

URL: https://www.kineticadvantage.com/carmax/
Title: Apply for floorplan financing with Kinetic Advantage

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/search
Title: Search inventory now

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/location
Title: View our nationwide auction locations and schedules

Search URL Search Domain Scan URL

URL: https://wcs.carmax.com/register?_ga=2.56424171.1598820914.1728503176-1007832031.1728503176
Title: Register for CarMax Auctions today

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/policy
Title: CarMax Auction policies

Search URL Search Domain Scan URL

URL: https://content-assets.carmax.com/qeontfmijmzv/11Ywr6lRBuh7DbtEWd2UTF/2ee745f7a19624ba1f2844709b3e82c5/549302_ArbX_Flyer_7-Day_Update_FINAL.pdf?_ga=2.82482197.2055149766.1728249164-35503681.1717016802
Title: Learn more about free 7-day arbitration

Search URL Search Domain Scan URL

URL: https://image.email-carmax.com/lib/fe5015707c6303747213/m/1/0531dcbc-f006-41a7-8206-c229f775bb70.pdf
Title: Learn how you can bid with confidence with this flyer

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/bidding
Title: Learn more about the benefits of bidding early

Search URL Search Domain Scan URL

URL: https://kmxaucteaststorage.blob.core.windows.net/xml-cms/assets/auctions-policies/8E9F118F.pdf
Title: click here

Search URL Search Domain Scan URL

URL: http://image.email-carmax.com/lib/fe5015707c6303747213/m/1/35c1e29d-b258-4ee7-b287-53a0008553f3.pdf?_ga=2.188196456.1540349731.1610463021-1241735853.1603985127
Title: click here

Search URL Search Domain Scan URL

URL: https://wcs.carmax.com/Register
Title: Registering online

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/paperregister.aspx
Title: click here

Search URL Search Domain Scan URL

URL: https://www.carmaxauctions.com/contactus.aspx
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F HTTP 302
https://8789640.fls.doubleclick.net/activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F

107 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wwwuat.carmaxauctions.com/ 3 KB
2 KB 494ms
325ms Document
text/html 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ad20b98f7e90cbfde5bf7b431aa4bed78742ef100a6da78fd8f398485a4ec461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 1389
content-type: text/html
date: Mon, 28 Oct 2024 16:47:36 GMT
etag: "52603281"
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
referrer-policy: same-origin
server-timing: ak_p; desc="1730134055863_388276615_312692434_27114_13208_39_102_255";dur=1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-akamai-transformed: 9 1436 0 pmb=mTOE,2
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 lato-v16-latin-regular.woff2
www.carmax.com/shared/fonts/ 23 KB
23 KB 194ms
65ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-regular.woff2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: max-age=31536000
timing-allow-origin: *
etag: "0x8DCF7653C39EEA1"
x-content-type-options: nosniff
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730134056345_388276638_1142615786_58_20757_38_0_219";dur=1
access-control-allow-origin: *
content-length: 23484
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 15:28:55 GMT
x-frame-options: sameorigin

GET
H2 200 CarMaxSharpSansDisp-Bold.woff2
www.carmax.com/shared/fonts/ 51 KB
51 KB 216ms
87ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/CarMaxSharpSansDisp-Bold.woff2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: max-age=31536000
timing-allow-origin: *
etag: "0x8DCF7653957D43F"
x-content-type-options: nosniff
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730134056426_388276638_1142615787_51_20679_38_80_219";dur=1
access-control-allow-origin: *
content-length: 52120
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 15:28:50 GMT
x-frame-options: sameorigin

GET
H2 200 launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js Show response
assets.adobedtm.com/85b02176ad5a/87db5ab25e53/ 459 KB
128 KB 132ms
41ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 469a0a54dbf66974d4fa100f1db52559891ab613042cfd51f29a6e4943f97776

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "34e17a1d7df500f9f911b6198219c434:1725454886.676415"
expires: Mon, 28 Oct 2024 17:47:36 GMT
accept-ranges: bytes
content-length: 131066
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Sep 2024 13:01:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 main.80f2db04ee51bd73976a.js Show response
wwwuat.carmaxauctions.com/ 2 MB
729 KB 321ms
321ms Script
text/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a25ba075045cf8dbc075d28215a3d37da0534ca574c2137949a257016ad6a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
x-dns-prefetch-control: off
content-encoding: gzip
etag: "52603281"
x-content-type-options: nosniff
referrer-policy: same-origin
server-timing: ak_p; desc="1730134056322_388276615_312693090_26448_11646_39_0_146";dur=1
x-xss-protection: 1; mode=block
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
vary: Accept-Encoding

GET
H2 200 6f176c9d Show response
wwwuat.carmaxauctions.com/akam/13/ 26 KB
9 KB 372ms
371ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/akam/13/6f176c9d

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

13c99e8833ec32344765ff16d1c1fe0a0afe2c774a50bff29ec6c564645403d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=21600
content-encoding: gzip
etag: "ae93a047cee182497f181381f541451e29a63dd93c685288792f280531f09dad"
pragma: no-cache
expires: Mon, 28 Oct 2024 16:47:36 GMT
server-timing: ak_p; desc="1730134056338_388276615_312693113_27738_7134_39_0_146";dur=1
content-length: 8769
date: Mon, 28 Oct 2024 16:47:36 GMT
stored-attribute-sha-checksum: 13c99e8833ec32344765ff16d1c1fe0a0afe2c774a50bff29ec6c564645403d8
last-modified: Thu, 22 Feb 2024 19:38:20 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 141ms
42ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 4647
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 17:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 15:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 35 KB
13 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "d8232f86c8016a8e0acaa7ecfdf72b3e:1722493571.189276"
expires: Mon, 28 Oct 2024 17:47:36 GMT
accept-ranges: bytes
content-length: 13012
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 3 KB
2 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "bb4b6453e3ab80111a2b227318d22efb:1722493571.614634"
expires: Mon, 28 Oct 2024 17:47:36 GMT
accept-ranges: bytes
content-length: 1597
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
110 KB 169ms
70ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ff3ef8e255723f349a1b00aaa311f1e92f339013b84681583fdd0d9514b2ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 28 Oct 2024 16:47:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111931
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 143ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8WTZ9XR7TK&gtm=45je4ao0v895393762za200&_p=1730134056892&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1896872101.1730134057&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730134056&sct=1&seg=0&dl=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&dt=CarMax%20Auctions&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwuat.carmaxauctions.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
561 B 151ms
49ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8WTZ9XR7TK&cid=1896872101.1730134057&gtm=45je4ao0v895393762za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwuat.carmaxauctions.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 127ms
76ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8WTZ9XR7TK&cid=1896872101.1730134057&gtm=45je4ao0v895393762za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848&tag_exp=101533421~101823848&z=1911029032

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 28 Oct 2024 16:47:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 335.c989d1e1006e7cbb710f.js Show response
wwwuat.carmaxauctions.com/ 351 KB
114 KB 239ms
238ms Script
text/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/335.c989d1e1006e7cbb710f.js

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bd271f747416c1f1e647dd0080a298b82cbaee972feb350693f1ba07146399d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
x-dns-prefetch-control: off
content-encoding: gzip
etag: "52603281"
x-content-type-options: nosniff
referrer-policy: same-origin
server-timing: ak_p; desc="1730134057147_388276615_312694697_13652_12139_40_0_146";dur=1
x-xss-protection: 1; mode=block
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
vary: Accept-Encoding

GET
H2 200 970.0de9f2371c87185d5d5c.css
wwwuat.carmaxauctions.com/ 13 KB
5 KB 333ms
332ms Stylesheet
text/css 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/970.0de9f2371c87185d5d5c.css

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5277dfcecdf7cb3cdca70912b41c01268460a8e695c35ee098719d03e7bbc37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
x-dns-prefetch-control: off
content-encoding: gzip
etag: "52603281"
x-content-type-options: nosniff
referrer-policy: same-origin
server-timing: ak_p; desc="1730134057147_388276615_312694698_24339_12069_39_0_255";dur=1
content-length: 4003
x-xss-protection: 1; mode=block
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
vary: Accept-Encoding

GET
H2 200 970.d45df6e7074f32c413f4.js Show response
wwwuat.carmaxauctions.com/ 137 KB
51 KB 387ms
387ms Script
text/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/970.d45df6e7074f32c413f4.js

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f148638de9e83d716c0a3e5bea445964f74add866feed2a8d8bff00334387458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
x-dns-prefetch-control: off
content-encoding: gzip
etag: "52603281"
x-content-type-options: nosniff
referrer-policy: same-origin
server-timing: ak_p; desc="1730134057147_388276615_312694699_31565_12093_38_0_146";dur=1
content-length: 51365
x-xss-protection: 1; mode=block
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 lato-v16-latin-700.woff2
www.carmax.com/shared/fonts/ 22 KB
23 KB 60ms
60ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/lato-v16-latin-700.woff2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/970.0de9f2371c87185d5d5c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: max-age=31536000
timing-allow-origin: *
etag: "0x8DCF7653B7D7100"
x-content-type-options: nosniff
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730134057640_388276638_1142618259_44_18988_46_0_255";dur=1
access-control-allow-origin: *
content-length: 22992
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 15:28:54 GMT
x-frame-options: sameorigin

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 285 KB
77 KB 132ms
43ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=QJy1Rg==, md5=e0O2bwAxyh7l77Qm2MDHwg==
etag: "7b43b66f0031ca1ee5efb426d8c0c7c2"
age: 395
x-goog-stored-content-encoding: br
expires: Mon, 28 Oct 2024 17:41:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 78625
date: Mon, 28 Oct 2024 16:41:02 GMT
last-modified: Tue, 22 Oct 2024 14:26:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1gExjyqDN7nEaZaxNYQw_uSuNwcp5l2yZhTn4DrmccfMg3JH1giz38SwMGsUcYTYOJyGpGZguENw
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729607174161927
content-length: 78625
server: UploadServer

POST
H2 200 pixel_6f176c9d Show response
wwwuat.carmaxauctions.com/akam/13/ 0
658 B 62ms
60ms XHR
text/html 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/akam/13/pixel_6f176c9d

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Request-Id: |2cc16699ce88437fb7d57ab07d664ef4.b3204b7ea9814b2a
traceparent: 00-2cc16699ce88437fb7d57ab07d664ef4-b3204b7ea9814b2a-01
Referer: https://wwwuat.carmaxauctions.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
server-timing: ak_p; desc="1730134057643_388276615_312695996_609_10041_38_0_219";dur=1
content-length: 0
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/html

OPTIONS
H2 200 Remote:Home
auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/ Frame 0
0 562ms
398ms Preflight 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/Remote:Home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: cache-control
access-control-allow-methods: GET
access-control-allow-origin: https://wwwuat.carmaxauctions.com
access-control-max-age: 300
content-length: 0
date: Mon, 28 Oct 2024 16:47:38 GMT
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
vary: Origin
x-azure-ref: 20241028T164737Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxkz
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 63b74ffbe4f956124ca58727
app.launchdarkly.com/sdk/goals/ Frame 0
0 237ms
136ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63b74ffbe4f956124ca58727

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 28 Oct 2024 16:47:37 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220021-FRA
x-timer: S1730134058.771650,VS0,VE94

GET
H2 200 Remote:Home Show response
auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/ 286 B
1 KB 306ms
305ms XHR
application/vnd.microsoft.appconfig.kv+json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/config/kv/Remote:Home

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d1de1a13cfb2ef99f89e93cb5f34773f8e01152965a88fa61f29dc46d295b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

cache-control: must-revalidate
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

access-control-expose-headers: Transfer-Encoding,Connection,Sync-Token,x-ms-request-id,x-ms-correlation-request-id,Strict-Transport-Security,Vary,Date,ETag
etag: "1lZs60fTndA5zb762DT9zxlKOTP21iYbrksE0Uz_k88"
expires: Mon, 28 Oct 2024 16:47:38 GMT
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/vnd.microsoft.appconfig.kv+json; charset=utf-8
last-modified: Wed, 21 Aug 2024 16:08:06 GMT
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-ms-correlation-request-id: 36eab65b-5cdd-4d65-af76-14749e244f23
cache-control: no-store, no-cache
sync-token: zAJw6V16=NToxOSMzMTE0Mjk0Mg==;sn=31142942
pragma: no-cache
access-control-allow-credentials: true
x-ms-request-id: 36eab65b-5cdd-4d65-af76-14749e244f23
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
access-control-allow-origin: https://wwwuat.carmaxauctions.com
x-azure-ref: 20241028T164738Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxn7

GET
H2 200 63b74ffbe4f956124ca58727 Show response
app.launchdarkly.com/sdk/goals/ 2 B
186 B 47ms
45ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63b74ffbe4f956124ca58727

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4

Response headers

content-md5: d751713988987e9331980363e24189ce
access-control-max-age: 300
content-encoding: gzip
etag: "d751713988987e9331980363e24189ce"
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/json
x-served-by: cache-fra-etou8220021-FRA
x-cache-hits: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: max-age=0
x-timer: S1730134058.910359,VS0,VE1
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiNTZiNGIwMzAtOTU0Yy0xMWVmLWE0YmUtODU5Y2UyZjM4YjhhIn0
clientstream.launchdarkly.com/eval/63b74ffbe4f956124ca58727/ 5 KB
0 219ms
89ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/63b74ffbe4f956124ca58727/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiNTZiNGIwMzAtOTU0Yy0xMWVmLWE0YmUtODU5Y2UyZjM4YjhhIn0

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Cache-Control: no-cache
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
cache-control: no-cache, no-store, must-revalidate
ld-region: eu-west-1
access-control-allow-methods: GET,OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: text/event-stream; charset=utf-8
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

OPTIONS
H2 200 entries
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ Frame 0
0 541ms
407ms Preflight 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent,x-correlation-id
Access-Control-Request-Method: GET
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-contentful-user-agent,x-correlation-id
access-control-allow-methods: GET
access-control-allow-origin: https://wwwuat.carmaxauctions.com
access-control-max-age: 300
content-length: 0
date: Mon, 28 Oct 2024 16:47:38 GMT
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
vary: Origin
x-azure-ref: 20241028T164737Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxm0
x-cache: CONFIG_NOCACHE

GET
H2 200 entries Show response
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ 67 B
1 KB 150ms
150ms XHR
application/vnd.contentful.delivery.v1+json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsBroadcastBanner&include=2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9722795b0fd43e5bca13c18ddf0dbefa6472c8ef38ab27b7b7d62d40804f04d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer 123
Referer
X-Correlation-ID: 24beaba1-ffdb-4a22-83e0-7635eb4627b4
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Contentful-User-Agent: sdk contentful.js/10.8.9; platform browser; os Linux;

Response headers

cf-environment-id: master
x-contentful-region: us-east-1
cf-environment-uuid: 1edfab8a-0ead-4640-8ca5-ba83860b2690
access-control-expose-headers: Connection,Age,cf-space-id,cf-environment-id,cf-environment-uuid,cf-organization-id,x-contentful-route,X-Content-Type-Options,Contentful-Api,X-Contentful-Region,Vary,X-Served-By,X-Cache-Hits,X-Timer,X-Cache,x-contentful-request-id,Request-Context,x-azure-ref,Accept-Ranges,Content-Length,Date,ETag,Via
etag: "422329452801459101"
age: 7202
cf-organization-id: 3TiJbMH77WxOd2vMhoQrQt
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 16:47:38 GMT
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:38 GMT
cf-space-id: qeontfmijmzv
content-type: application/vnd.contentful.delivery.v1+json
vary: Origin
x-served-by: cache-ewr-kewr1740055-EWR
x-cache-hits: 2
x-contentful-route: /spaces/:space/environments/:environment/entries
cache-control: no-store, no-cache
contentful-api: cda
pragma: no-cache
x-timer: S1730133623.863439,VS0,VE0
access-control-allow-credentials: true
via: 1.1 varnish
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
accept-ranges: bytes
access-control-allow-origin: https://wwwuat.carmaxauctions.com
content-length: 67
x-contentful-request-id: f8553ae1-9e71-436c-9f9f-01b8cafa3f2a
x-azure-ref: 20241028T164738Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxn9

GET
H2 200 FiraCode-v5-Regular.woff2
www.carmax.com/shared/fonts/ 69 KB
69 KB 63ms
63ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/FiraCode-v5-Regular.woff2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

14a2a2d05cc4a2a515743cb82360e03a7c968106da99ac665b9d1175b065fdf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: max-age=31536000
timing-allow-origin: *
etag: "0x8DCF7653AC4EA73"
x-content-type-options: nosniff
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730134057716_388276638_1142618375_68_20697_38_0_255";dur=1
access-control-allow-origin: *
content-length: 70600
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 15:28:52 GMT
x-frame-options: sameorigin

GET
H2 200 FiraCode-v5-Bold.woff2
www.carmax.com/shared/fonts/ 68 KB
68 KB 99ms
99ms Font
font/woff2 2a02:26f0:3500:883::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmax.com/shared/fonts/FiraCode-v5-Bold.woff2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3403b9288b6fc27aa9ad56ba8a43781e4834742c970197d7d2799eb35e67d234

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
content-security-policy: upgrade-insecure-requests
cache-control: max-age=31536000
timing-allow-origin: *
etag: "0x8DCF7653A1033D4"
x-content-type-options: nosniff
request-context: appId=cid-v1:10145438-aa4e-4870-8785-9a64ffe121ad
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1730134057819_388276638_1142618532_395_16580_39_0_255";dur=1
access-control-allow-origin: *
content-length: 69452
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 15:28:51 GMT
x-frame-options: sameorigin

GET
H2 200 web Show response
edge.fullstory.com/s/settings/17AD5K/v1/ 12 KB
3 KB 196ms
195ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/17AD5K/v1/web
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5b5088fd425a311c8ecfd5347104fc6a7df3e5ef78b48640fc38c5527f2d680b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=XPD4iA==, md5=JqdZ21QfgWbIksVlzDXHvA==
etag: "26a759db541f8166c892c565cc35c7bc"
x-goog-stored-content-encoding: gzip
expires: Mon, 28 Oct 2024 17:02:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2507
date: Mon, 28 Oct 2024 16:47:37 GMT
last-modified: Mon, 28 Oct 2024 16:46:13 GMT
content-type: application/json
x-guploader-uploadid: AHmUCY0PlTh4Z4gmA9_rdXxZmje8A82HrowN1-pMV3-RP6hmXc1lxCwaRDHkqaUk94yn896Ybos
cache-control: public,max-age=900,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730133973559078
content-length: 2507
server: UploadServer

OPTIONS
H2 204 63b74ffbe4f956124ca58727
events.launchdarkly.com/events/diagnostic/ Frame 0
0 360ms
117ms Preflight 34.226.129.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63b74ffbe4f956124ca58727

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-129-80.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 28 Oct 2024 16:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 150ms
67ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4f52cf82d388b07a7650f5e4e4dd0c97f2ae0e782b3c37ac882e81b66c7d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26a8-i/4bXCsPnS9mSKU3vtK2lifVRYc"
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a67d00e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 RC6bdcefbefd764af495f95cf3ad8ed5bb-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/ 403 B
497 B 40ms
40ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RC6bdcefbefd764af495f95cf3ad8ed5bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5bed91c21d1c1a41931ee37c6bc103b768bb34d2e3801a335ab46503c55afadc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781"
expires: Mon, 28 Oct 2024 17:47:37 GMT
accept-ranges: bytes
content-length: 262
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Sep 2024 13:01:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

POST
H2 202 63b74ffbe4f956124ca58727 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 120ms
119ms XHR
application/json 34.226.129.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63b74ffbe4f956124ca58727

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-129-80.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

GET
H2 200 favicon.ico
wwwuat.carmaxauctions.com/ 4 KB
1003 B 219ms
219ms Other
image/vnd.microsoft.icon 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwuat.carmaxauctions.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

83396571b62e0b62acad3e8747db9c0ae00863fe92d47818ccbaf03fc0c66b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000
x-dns-prefetch-control: off
content-encoding: gzip
etag: "52603281"
x-content-type-options: nosniff
referrer-policy: same-origin
server-timing: ak_p; desc="1730134057933_388276615_312696511_13296_14457_39_0_219";dur=1
content-length: 700
x-xss-protection: 1; mode=block
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 16 Oct 2024 19:57:10 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8789640&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8WTZ9XR7TK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfb3aeef9a4385b4b63c1ce2a2a1871d19c2417f9408e2138a0876b949825308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 28 Oct 2024 16:47:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85117
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 RCdc1b8e0d7f654543be60dd5e9730e0c5-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/ 623 B
616 B 40ms
40ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RCdc1b8e0d7f654543be60dd5e9730e0c5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8b52a69ab2067f6f2c386e185345f265d50805bc3c92858f9179bb510b2251d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781"
expires: Mon, 28 Oct 2024 17:47:37 GMT
accept-ranges: bytes
content-length: 380
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Sep 2024 13:01:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1020392687

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d36343d31ae81862cc6a475d734855bbe3b169b434db8ab2918e4ee652d6b652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 28 Oct 2024 16:47:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 16:29:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89369
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 RC61362f7ca12b434b9e189bd714d278da-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/ 1 KB
856 B 41ms
40ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RC61362f7ca12b434b9e189bd714d278da-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b3774594679b4e55772a5b4f16fa376ace8044da76c88828a3f67ae08b5fe828

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781"
expires: Mon, 28 Oct 2024 17:47:38 GMT
accept-ranges: bytes
content-length: 621
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Sep 2024 13:01:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2

200

activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
8789640.fls.doubleclick.net/ Frame E3F5
Redirect Chain

https://8789640.fls.doubleclick.net/activityi;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
https://8789640.fls.doubleclick.net/activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab...

0
0

63ms
62ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8789640.fls.doubleclick.net/activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8789640&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Oct 2024 16:47:38 GMT
expires: Mon, 28 Oct 2024 16:47:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Oct 2024 16:47:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8789640.fls.doubleclick.net/activityi;dc_pre=CJipz8_DsYkDFQ-Jgwcd1p4kKA;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
23 B 133ms
77ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=8789640;type=carmax00;cat=carma0;ord=8239804652693;npa=1;auiddc=738570723.1730134058;ps=1;pcor=308712878;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9181631201za200zb895393762;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 28 Oct 2024 16:47:38 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3939616634502358322"}],"aggregatable_trigger_data":[{"filters":[{"14":["13552906"]}],"key_piece":"0xbb9f6dd826f2b394","source_keys":["12","13","14","15","16","17","18","19","20","21","20511848","20511849","20511850","20511851","24796100","24796101","24796102","24796103","628736424","628736425","628736426","628736427","628738392","628738393","628738394","628738395","628749340","628749341","628749342","628749343","628843948","628843949","628843950","628843951"]},{"key_piece":"0x3611372df87288b3","not_filters":{"14":["13552906"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20511848","20511849","20511850","20511851","24796100","24796101","24796102","24796103","628736424","628736425","628736426","628736427","628738392","628738393","628738394","628738395","628749340","628749341","628749342","628749343","628843948","628843949","628843950","628843951"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20511848":40,"20511849":40,"20511850":40,"20511851":3973,"21":6356,"24796100":36,"24796101":36,"24796102":36,"24796103":3530,"628736424":32,"628736425":32,"628736426":32,"628736427":3177,"628738392":32,"628738393":32,"628738394":32,"628738395":3177,"628749340":32,"628749341":32,"628749342":32,"628749343":3177,"628843948":32,"628843949":32,"628843950":32,"628843951":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"957994925029405028","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3939616634502358322","filters":[{"14":["13552906"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3939616634502358322","filters":[{"14":["13552906"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3939616634502358322","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3939616634502358322","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8789640"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 RCac6b68f4dcc5416bb6621d2135ee6281-source.min.js Show response
assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/ 755 B
700 B 41ms
39ms Script
application/x-javascript 2a02:26f0:480:f9c::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/a812eaa292c7/RCac6b68f4dcc5416bb6621d2135ee6281-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f9afcd35c7f7b06b154770b63c09a94c935db8e2721563519114a2925f577f44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "bdf366022aacb73bb719fad0f7c07e0e:1725454890.561781"
expires: Mon, 28 Oct 2024 17:47:38 GMT
accept-ranges: bytes
content-length: 464
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/x-javascript
last-modified: Wed, 04 Sep 2024 13:01:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 10.38aeed0d11906619d785.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 75 KB
21 KB 55ms
49ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=wwwuat.carmaxauctions.com

Requested by

Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com
URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35569fbded218fc0e3f2a5b6c204d358d59d5ab7ac18b95882f7be058912766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12a92-192b0535bd0"
age: 188538
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a70f84e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
843 B 267ms
170ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 08ff68222b63e5bd3b414d7b6b76271291500735d29f09d3fbce0f3482ba650b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://wwwuat.carmaxauctions.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 655
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/json; charset=utf-8

POST
H3 200 collect
www.google.com/ccm/ 0
0 132ms
50ms Ping
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=426738475.1730134058&auid=738570723.1730134058&npa=1&gtm=45be4ao0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&tft=1730134058086&tfd=2309&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1020392687
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s65-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
20 KB 112ms
52ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

54d5275c2a5d35517ec9ee07334a9d8fe5227bb5d8006e35e7758d82eae574e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 7984964252860712406
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 16:47:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20935
x-xss-protection: 0
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 593D 0
0 134ms
47ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwwwuat.carmaxauctions.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1020392687

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Oct 2024 16:47:38 GMT
expires: Tue, 28 Oct 2025 16:47:38 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 track
eastus-8.in.applicationinsights.azure.com//v2/ Frame 0
0 659ms
239ms Preflight 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Mon, 28 Oct 2024 16:47:38 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com//v2/ 62 B
120 B 126ms
122ms XHR
application/json 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e4fa1df5a5a536fe568b31a0d4916ce5b432cc7b480e5ce6edc0967aaee5e231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
428 B 49ms
49ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=323892978&t=pageview&_s=1&dl=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&ul=de-de&de=UTF-8&dt=CarMax%20Auctions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABBAAAACAAI~&jid=1218820837&gjid=1945553455&cid=1896872101.1730134057&tid=UA-187672-5&_gid=448575262.1730134057&_r=1&_slc=1&z=878459117

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://wwwuat.carmaxauctions.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 151ms
150ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_57m59OKChrnJ9Hv&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459eb8a8bec6f1f33cda728b0b1d17a2dcaa03702bd7829cbfe30896f14b503e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 7b03c3869164fb58
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a76912e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://wwwuat.carmaxauctions.com
server: cloudflare

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com//v2/ 62 B
166 B 125ms
122ms XHR
application/json 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c81e0192ba8effd8a330480a50503c9d559fb277a7411ec2ed4ddfe2123f03e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Mon, 28 Oct 2024 16:47:38 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

OPTIONS
H2 204 track
eastus-8.in.applicationinsights.azure.com//v2/ Frame 0
0 557ms
240ms Preflight 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Mon, 28 Oct 2024 16:47:38 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1020392687/ 43 B
62 B 159ms
60ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020392687/?random=1730134058220&cv=9&fst=1730134058220&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&tiba=CarMax%20Auctions&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Mon, 28 Oct 2024 16:47:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 224ms
60ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9968F9AE8A345628A7FA8B47EE40128 Ref B: LON212050705021 Ref C: 2024-10-28T16:47:38Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 38ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.38aeed0d11906619d785.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=wwwuat.carmaxauctions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fda81996ae46179a6850577b035cc1bb1149edc2051c225215b93774a867857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"197ee-192b0535bd0"
age: 188537
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a85e04e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 5.c9af7b501c84271e535b.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 40ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.c9af7b501c84271e535b.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com
URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff40dc879a8465871e1f6fcb08a79d9154b735dd7635b224331e1f2c9b08b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b55-192b0535bd0"
age: 317060
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a8bfa2e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1.a77e4e41b6b3512a0cb4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 48ms
46ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.a77e4e41b6b3512a0cb4.chunk.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Host: zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com
URL: https://zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_57m59OKChrnJ9Hv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88ac659d27db2b9fc7c61a31ea5ee2fdea9ba88f34f10d67c379822e693929bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"741f-192b0535bd0"
age: 188538
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a8bfa9e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 FeedbackLinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 46ms
44ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5e7a50cbce2d1bbba7083013c688f5b8154f23f295668d4ac03aec44e10a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"dd9-192b0535bd0"
age: 316951
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a8bfade50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 EmbeddedTargetModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 8 KB
3 KB 42ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BRANDID=carmax

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eadb13ac81f132cfe53a0cb2918537a832d03d402339db8c8f44d79fbee8854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2129-192b0535bd0"
age: 195009
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:25:06 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a8bfb3e50a-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 242ms
177ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_e55XkVLyZXPgKKF&Version=4&Q_ORIGIN=https://wwwuat.carmaxauctions.com&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e684fbff557805e1f6a1d0816027f5818dcdda2aa51bac633567076b19114066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 75feaaf2-1fd9-463d-b4c4-84b52c0c2df5
x-transaction-id: bd6bb913-f2cf-44bc-ba92-dad990eb5551
content-encoding: gzip
cf-cache-status: MISS
etag: W/"add-2znJolVCG0e1yh9xbhM+g3+j4a0"
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a9187fe525-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 332 B
837 B 233ms
168ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_abBlHwlX36yAtQ9&Version=1&Q_InterceptID=SI_e55XkVLyZXPgKKF&Q_ORIGIN=https://wwwuat.carmaxauctions.com&Q_CLIENTVERSION=2.18.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=pdx1

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28e5bdded672dfc093d57a42d95db92a03913c81e0700a6049a766b223b8b652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: c07eed88-3ba9-457c-9a39-d20d680b4145
x-transaction-id: bece885c-e711-443e-a09f-3ecc896a737f
content-encoding: br
cf-cache-status: MISS
etag: W/"14c-BplV/Jprm/9A27+DXJ3aFqvNpH8"
x-content-type-options: nosniff
date: Mon, 28 Oct 2024 16:47:38 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8d9c68a91886e525-TXL
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame 1748 285 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wwwuat.carmaxauctions.com
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=QJy1Rg==, md5=e0O2bwAxyh7l77Qm2MDHwg==
etag: "7b43b66f0031ca1ee5efb426d8c0c7c2"
age: 395
x-goog-stored-content-encoding: br
expires: Mon, 28 Oct 2024 17:41:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 78625
date: Mon, 28 Oct 2024 16:41:02 GMT
last-modified: Tue, 22 Oct 2024 14:26:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1gExjyqDN7nEaZaxNYQw_uSuNwcp5l2yZhTn4DrmccfMg3JH1giz38SwMGsUcYTYOJyGpGZguENw
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729607174161927
content-length: 78625
server: UploadServer

GET
H2 200 26011893.js Show response
bat.bing.com/p/action/ 370 B
430 B 64ms
64ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26011893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 191245406EC84AC998C29DBFD57BE887 Ref B: LON212050705021 Ref C: 2024-10-28T16:47:38Z
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 remote.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 17 KB
6 KB 899ms
854ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

fe0d9e4b18b7407792dc21f1eb71f315ccb3201244918130dfa3542ea242c0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: nikx6CaW0E9Us5Grcqbkyw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7705A25B
content-encoding: gzip
x-ms-request-id: 1f4c2d36-e01e-00dd-0e59-29b9bd000000
server-timing: cdn-cache; desc=MISS, edge; dur=709, origin; dur=69, ak_p; desc="1730134058591_388276615_312697966_79353_15553_39_0_146";dur=1
content-length: 5980
date: Mon, 28 Oct 2024 16:47:39 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

POST
H2 204 0
bat.bing.net/actionp/ 0
120 B 206ms
79ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=26011893&Ver=2&mid=285d2a27-a6a2-4f1d-812a-e33f18b8863f&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F89DD4A41294EDE97137BAC7DAF30A4 Ref B: FRA31EDGE0408 Ref C: 2024-10-28T16:47:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:37 GMT

GET
H2 204 0
bat.bing.net/action/ 0
345 B 205ms
79ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=26011893&Ver=2&mid=285d2a27-a6a2-4f1d-812a-e33f18b8863f&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=CarMax%20Auctions&p=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&r=&lt=2126&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=99430
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B62AD84CF61451CA2086800CBA98565 Ref B: FRA31EDGE0408 Ref C: 2024-10-28T16:47:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:37 GMT

GET
H2 200 2346.50dd6093e6cce6664f5b.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 22 KB
8 KB 653ms
652ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/2346.50dd6093e6cce6664f5b.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

68319b92757ac5a2c19774ed376f8cef04a25398eaf21ed8f0c3588444a9b3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: EVqgkWChZovJBKkltWBIFQ==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7721FFB4
content-encoding: gzip
x-ms-request-id: 07c947ed-601e-00ec-7a59-2958ae000000
server-timing: cdn-cache; desc=MISS, edge; dur=572, origin; dur=15, ak_p; desc="1730134059439_388276615_312699775_58796_13043_39_0_146";dur=1
content-length: 7792
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 7718.9ed8ddd02162b706ca5c.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 44 KB
14 KB 202ms
200ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/7718.9ed8ddd02162b706ca5c.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

0ab2831dd7d58711fda3c973b794f13a64028e84b5b0e6a5a03f8ac11016d124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 782NZDzj0wEN6AhIcG5SCg==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE778CE684
content-encoding: gzip
x-ms-request-id: cc34934e-501e-00c8-0559-29ae0e000000
server-timing: cdn-cache; desc=MISS, edge; dur=120, origin; dur=13, ak_p; desc="1730134059438_388276615_312699776_13329_13701_38_0_146";dur=1
content-length: 13479
date: Mon, 28 Oct 2024 16:47:39 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:13 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 2612.a3d8efb83976c1a4c871.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 14 KB
6 KB 1241ms
1240ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/2612.a3d8efb83976c1a4c871.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

887e5e8eca7a418ebbae9ceae7f2c51b85ddc081e7614e8e38eaa134a36ebc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: WVXhGMX+V9Pa8wy3iEhDOw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7829AB4E
content-encoding: gzip
x-ms-request-id: 262e2be6-101e-0084-6959-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=1169, origin; dur=12, ak_p; desc="1730134059438_388276615_312699777_118061_15147_39_0_146";dur=1
content-length: 5504
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:14 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 2839.c29012dd35b41b12e04a.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 63 KB
17 KB 769ms
768ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/2839.c29012dd35b41b12e04a.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

2210c170db2cbd65561d2ab35d4dc66c81858bdc4a235f31cfb6412cbea75f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 0xwReY1/wQjK1TkGXl+GAw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE784656C3
content-encoding: gzip
x-ms-request-id: 07c947fd-601e-00ec-0859-2958ae000000
server-timing: cdn-cache; desc=MISS, edge; dur=634, origin; dur=12, ak_p; desc="1730134059439_388276615_312699778_64679_13153_39_0_146";dur=1
content-length: 16935
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:14 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 3540.740c144520611a528db5.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 10 KB
3 KB 576ms
575ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/3540.740c144520611a528db5.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

97affe078323b47f79922731c7c5d453022eb3284e26cc0febdda6b61034ee66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 0d1jlP3HFwYdUWQqwFhTUw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE78F763CE
content-encoding: gzip
x-ms-request-id: 262e2a86-101e-0084-3459-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=502, origin; dur=16, ak_p; desc="1730134059438_388276615_312699779_51822_13647_38_0_146";dur=1
content-length: 2912
date: Mon, 28 Oct 2024 16:47:39 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:15 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 4563.04761e21b9542f2c0772.css
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 462 KB
49 KB 1137ms
1137ms Stylesheet
text/css 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/4563.04761e21b9542f2c0772.css

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

bee00260079c4ca6bfe86a43429fb8c783c1997dd632cfbeb1f6a8bd1f0cdf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Cy79NMZ3VDidRNnOOpYX5A==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE77845C4D
content-encoding: gzip
x-ms-request-id: 262e2acf-101e-0084-7459-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=647, origin; dur=16, ak_p; desc="1730134059438_388276615_312699780_66376_13733_42_0_255";dur=1
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: text/css
last-modified: Wed, 21 Aug 2024 14:35:13 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 4563.3cfb5108bd17bf44cf70.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 60 KB
16 KB 527ms
527ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/4563.3cfb5108bd17bf44cf70.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

fcdc3d78d72bd80540e50bd394f6cd1e52c80d544cb14efccde86deba07869b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Oo25HdtaNQwekxRh1hiMKA==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE78F4F335
content-encoding: gzip
x-ms-request-id: 262e2ab0-101e-0084-5859-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=385, origin; dur=12, ak_p; desc="1730134059638_388276615_312700223_39685_17365_39_0_146";dur=1
content-length: 16375
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:15 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 7643.e2d55d84fa2f2bde2120.js Show response
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 4 KB
2 KB 352ms
351ms Script
application/javascript 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/7643.e2d55d84fa2f2bde2120.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/remote.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

3a69a3523c0bab36bb82f57b2937571a79b4dca963519fa3a6b52fd30e22baa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: k6e3/OOpisbUbWdby7ZFjg==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7822CE85
content-encoding: gzip
x-ms-request-id: 262e2b43-101e-0084-5c59-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=281, origin; dur=11, ak_p; desc="1730134060014_388276615_312700974_29209_14458_44_0_146";dur=1
content-length: 1827
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 14:35:14 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

OPTIONS
H2 204 63b74ffbe4f956124ca58727
events.launchdarkly.com/events/bulk/ Frame 0
0 120ms
120ms Preflight 34.226.129.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63b74ffbe4f956124ca58727

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-129-80.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 28 Oct 2024 16:47:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 63b74ffbe4f956124ca58727 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 121ms
120ms XHR
application/json 34.226.129.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63b74ffbe4f956124ca58727

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-129-80.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
X-LaunchDarkly-Event-Schema: 4
Referer
X-LaunchDarkly-Payload-ID: 580c50f0-954c-11ef-a4be-859ce2f38b8a
X-LaunchDarkly-User-Agent: JSClient/3.1.4
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

GET
H2 200 Register.7c0aaa7eeff474139ba1.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 4 KB
2 KB 166ms
164ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/Register.7c0aaa7eeff474139ba1.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

cb18b8abc5ea60225076a526ca3fc5a29f8eb18aa9bf1d691937a1a1ff1ed21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: RqV/9U+7BdT693SWK4XkPw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE77186437
content-encoding: gzip
x-ms-request-id: 262e2c3e-101e-0084-3a59-293e3e000000
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=11, ak_p; desc="1730134060694_388276615_312702303_10655_12999_39_0_146";dur=1
content-length: 1290
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Learn.8cb06bde3a4c3224bdf7.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 3 KB
1 KB 235ms
234ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/Learn.8cb06bde3a4c3224bdf7.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

8e785fc295e8cf0be6e5f2c7ad5c6b01a198112d2f2784a49d6fd79890d61f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: LdTozRtf1eUkGl7ZTvg4hw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE76FBB8BC
content-encoding: gzip
x-ms-request-id: 611fd73e-601e-008e-3a59-299a89000000
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=59, ak_p; desc="1730134060695_388276615_312702304_16407_12399_39_0_219";dur=1
content-length: 901
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Bid.a3901b107578ba976cc1.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 3 KB
1 KB 711ms
710ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/Bid.a3901b107578ba976cc1.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

95a38f1367ea53193147ada132d6f65a8c158ca516abc264b460a004762a4aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: jB7Etjv6Mu7RQXnVZtZF0g==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE77249763
content-encoding: gzip
x-ms-request-id: 611fd875-601e-008e-5359-299a89000000
server-timing: cdn-cache; desc=MISS, edge; dur=641, origin; dur=11, ak_p; desc="1730134060694_388276615_312702305_65158_12990_39_0_146";dur=1
content-length: 913
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 OpenBidding.520ab9762242df87b098.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 1 KB
1021 B 540ms
539ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/OpenBidding.520ab9762242df87b098.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ac869f8163b2df17347465bc23408d85d34f9d35275dc05b8d2e6a11626a4224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: KckvKX+HABxTXhuv15UBbQ==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE77369616
content-encoding: gzip
x-ms-request-id: 611fd7e5-601e-008e-4f59-299a89000000
server-timing: cdn-cache; desc=MISS, edge; dur=435, origin; dur=12, ak_p; desc="1730134060694_388276615_312702306_44693_13000_41_0_146";dur=1
content-length: 559
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 DealerOnly.5f599a18973cf8908229.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 2 KB
1 KB 169ms
168ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/DealerOnly.5f599a18973cf8908229.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

1f9a9e1d6f163ac251dcb893d7b503c012690edc8ee8010c517ae3492ad77b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: eYi2x/rke96wDW0vtSBAWw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7743DA89
content-encoding: gzip
x-ms-request-id: 07c94990-601e-00ec-6e59-2958ae000000
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=11, ak_p; desc="1730134060694_388276615_312702307_11182_12989_39_0_146";dur=1
content-length: 896
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 SellThrough.181edee5ba0d6e7c931d.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 3 KB
1 KB 711ms
710ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/SellThrough.181edee5ba0d6e7c931d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

6dc7dfac82e7821687767f06224d07a699b6d38f010f45df7de3f3b74606c61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: o5JdbmsoZG8EVThH8Cs6Og==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE774E8745
content-encoding: gzip
x-ms-request-id: 611fd867-601e-008e-4559-299a89000000
server-timing: cdn-cache; desc=MISS, edge; dur=620, origin; dur=12, ak_p; desc="1730134060695_388276615_312702309_63208_12959_39_0_146";dur=1
content-length: 1070
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Virtual.9ff76d3070e4016df9ab.svg
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 5 KB
3 KB 592ms
592ms Image
image/svg+xml 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/Virtual.9ff76d3070e4016df9ab.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ab884b6ba9c61ee0e7836b7db0c4552bc442dac250b0624145745425553f6ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 0JyldIi1n1pcFkb6+9vCAw==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE77313FAB
content-encoding: gzip
x-ms-request-id: 07c94aea-601e-00ec-2e59-2958ae000000
server-timing: cdn-cache; desc=MISS, edge; dur=521, origin; dur=11, ak_p; desc="1730134060866_388276615_312702597_53215_15721_39_0_146";dur=1
content-length: 2476
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin, Accept-Encoding
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

OPTIONS
H2 200 entries
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ Frame 0
0 132ms
132ms Preflight 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsPromotionGroup&include=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent,x-correlation-id
Access-Control-Request-Method: GET
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-contentful-user-agent,x-correlation-id
access-control-allow-methods: GET
access-control-allow-origin: https://wwwuat.carmaxauctions.com
access-control-max-age: 300
content-length: 0
date: Mon, 28 Oct 2024 16:47:40 GMT
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
vary: Origin
x-azure-ref: 20241028T164740Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxv4
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 entries
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ Frame 0
0 131ms
131ms Preflight 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsNewFeatureModal&include=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent,x-correlation-id
Access-Control-Request-Method: GET
Origin: https://wwwuat.carmaxauctions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-contentful-user-agent,x-correlation-id
access-control-allow-methods: GET
access-control-allow-origin: https://wwwuat.carmaxauctions.com
access-control-max-age: 300
content-length: 0
date: Mon, 28 Oct 2024 16:47:40 GMT
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
vary: Origin
x-azure-ref: 20241028T164740Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxv5
x-cache: CONFIG_NOCACHE

GET
H2 200 88885.js Show response
ethn.io/ 0
488 B 522ms
194ms Script
text/javascript 76.223.37.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ethn.io/88885.js

Requested by

Host: www.carmaxauctions.com
URL: https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/4563.3cfb5108bd17bf44cf70.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.37.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a53ca0d409b301261.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=0;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=0;
x-request-id: 60f98840-fdc3-44a8-b8e8-530a352f8370
content-security-policy: default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data: blob:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
cache-control: no-cache
referrer-policy: no-referrer-when-downgrade
x-download-options: noopen
content-length: 0
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: text/javascript
feature-policy: camera 'none'; geolocation 'none', microphone *
server: nginx
x-runtime: 0.005026

GET
H2 200 entries Show response
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ 24 KB
6 KB 129ms
129ms XHR
application/vnd.contentful.delivery.v1+json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsPromotionGroup&include=2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d51301020d6917890e56f3ffa9718894bec520087cf5d157e205001caaaeffdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer 123
Referer
X-Correlation-ID: 88eaf275-1f5f-4fc2-b0be-9f5a858d4f15
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Contentful-User-Agent: sdk contentful.js/10.8.9; platform browser; os Linux;

Response headers

cf-environment-id: master
x-contentful-region: us-east-1
cf-environment-uuid: 1edfab8a-0ead-4640-8ca5-ba83860b2690
content-encoding: gzip
access-control-expose-headers: Connection,Content-Encoding,Age,cf-space-id,cf-environment-id,cf-environment-uuid,cf-organization-id,x-contentful-route,X-Content-Type-Options,Contentful-Api,X-Contentful-Region,Vary,X-Served-By,X-Cache-Hits,X-Timer,X-Cache,x-contentful-request-id,Request-Context,x-azure-ref,Accept-Ranges,Content-Length,Date,ETag,Via
etag: W/"3661925176338471600"
age: 259063
cf-organization-id: 3TiJbMH77WxOd2vMhoQrQt
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 16:47:40 GMT
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:40 GMT
cf-space-id: qeontfmijmzv
content-type: application/vnd.contentful.delivery.v1+json
vary: Origin
x-served-by: cache-ewr-kewr1740059-EWR
x-cache-hits: 0
x-contentful-route: /spaces/:space/environments/:environment/entries
cache-control: no-store, no-cache
contentful-api: cda
pragma: no-cache
x-timer: S1730132015.930067,VS0,VE1
access-control-allow-credentials: true
via: 1.1 varnish
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
accept-ranges: bytes
access-control-allow-origin: https://wwwuat.carmaxauctions.com
content-length: 4639
x-contentful-request-id: 938fb3dd-b46c-4219-a14b-d2a201513096
x-azure-ref: 20241028T164740Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxvy

GET
H2 200 entries Show response
auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/ 67 B
1 KB 134ms
134ms XHR
application/vnd.contentful.delivery.v1+json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auctions-microfrontend-apim-prod-fd.azurefd.net/contentful/spaces/qeontfmijmzv/environments/master/entries?content_type=auctionsNewFeatureModal&include=2

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9722795b0fd43e5bca13c18ddf0dbefa6472c8ef38ab27b7b7d62d40804f04d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer 123
Referer
X-Correlation-ID: 1169b505-0f41-41f9-90ce-5863ca1e66d4
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Contentful-User-Agent: sdk contentful.js/10.8.9; platform browser; os Linux;

Response headers

cf-environment-id: master
x-contentful-region: us-east-1
cf-environment-uuid: 1edfab8a-0ead-4640-8ca5-ba83860b2690
access-control-expose-headers: Connection,Age,cf-space-id,cf-environment-id,cf-environment-uuid,cf-organization-id,x-contentful-route,X-Content-Type-Options,Contentful-Api,X-Contentful-Region,Vary,X-Served-By,X-Cache-Hits,X-Timer,X-Cache,x-contentful-request-id,Request-Context,x-azure-ref,Accept-Ranges,Content-Length,Date,ETag,Via
etag: "422329452801459101"
age: 6353
cf-organization-id: 3TiJbMH77WxOd2vMhoQrQt
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 16:47:40 GMT
x-cache: CONFIG_NOCACHE
date: Mon, 28 Oct 2024 16:47:40 GMT
cf-space-id: qeontfmijmzv
content-type: application/vnd.contentful.delivery.v1+json
vary: Origin
x-served-by: cache-ewr-kewr1740059-EWR
x-cache-hits: 0
x-contentful-route: /spaces/:space/environments/:environment/entries
cache-control: no-store, no-cache
contentful-api: cda
pragma: no-cache
x-timer: S1730132065.226918,VS0,VE1
access-control-allow-credentials: true
via: 1.1 varnish
request-context: appId=cid-v1:788ef110-0b50-4e69-9ee3-42406ccb5feb
accept-ranges: bytes
access-control-allow-origin: https://wwwuat.carmaxauctions.com
content-length: 67
x-contentful-request-id: a5b53cde-c4ec-4fec-a5cb-8752c08f53e0
x-azure-ref: 20241028T164740Z-r1687d95c99pfbjwhxvfyh7yu000000005dg00000001dxvx

GET
H2 200 early-bird-large.0bd3a3cbfd759cc5db2f.png
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 191 KB
191 KB 165ms
164ms Image
image/png 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/early-bird-large.0bd3a3cbfd759cc5db2f.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

87d048b59d3e2b402bcef787cdbca418b67ddf041f819d5cd428645d25f50633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wwwuat.carmaxauctions.com/

Response headers

content-md5: +yHg5epnMFjOSXIIMFsn4Q==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE7760AD0F
x-ms-request-id: 07c9499d-601e-00ec-7a59-2958ae000000
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=13, ak_p; desc="1730134060714_388276615_312702341_10767_14846_39_0_219";dur=1
content-length: 195173
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: image/png
last-modified: Wed, 21 Aug 2024 14:35:12 GMT
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 2 KB
1 KB 225ms
96ms Fetch
application/json 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=8eaffaee-ee40-4cd9-b4a6-735ad2a8ef35&requestId=2983d348-72df-453e-9b23-e14bbd273cd6

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/85b02176ad5a/87db5ab25e53/launch-ENb4ebf1266b1c4227874dda7a593acbd3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

2bafe6d264c8e76a21d801ab3da3b998b08516d8b760c8c62d194fd396de11af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://wwwuat.carmaxauctions.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 2983d348-72df-453e-9b23-e14bbd273cd6
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://wwwuat.carmaxauctions.com
date: Mon, 28 Oct 2024 16:47:40 GMT
x-xss-protection: 1; mode=block
x-konductor: 24.10.92:30b4dc275
vary: Origin
server: jag
content-type: application/json;charset=utf-8

GET
H2 200 auction.location.736d2a212a221722547b.png
www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/ 810 KB
811 KB 421ms
421ms Image
image/png 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carmaxauctions.com/remotes/home/1-0-0_20240820-1-65d995d52babedc35f332ed87e11de9ba333f73f/auction.location.736d2a212a221722547b.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ec3d3b42bc9f78965423d9ba05d5a1e287956e2a2557641336974d0ff0b0166f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 7yxlYOT8NQxttbErIJDwBg==
strict-transport-security: max-age=31536000
x-ms-blob-type: BlockBlob
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DCC1EE780D26E1
x-ms-request-id: ba212b3b-d01e-00c6-7b59-2987be000000
server-timing: cdn-cache; desc=MISS, edge; dur=297, origin; dur=70, ak_p; desc="1730134060932_388276615_312702726_36676_13325_40_0_146";dur=1
content-length: 829826
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/png
last-modified: Wed, 21 Aug 2024 14:35:14 GMT
vary: Origin
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
DATA 200
OK truncated
/ 272 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2c609738239812cf5c65a66840453160eaee5e3f7362d89f8ed1f39dce2e94b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com//v2/ 62 B
120 B 125ms
122ms XHR
application/json 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Requested by

Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

323ebafe581ab19f8546f3875491b28f43acd1633d461513b54fef195fbfb7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Mon, 28 Oct 2024 16:47:40 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 234ms
226ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=17AD5K&UserId=f7d42dfb-877f-4d99-9012-8a7f86359795&SessionId=f33a86c4-7ac9-4f75-8fcd-ffdcc9351012&PageId=c67bd8a5-4d59-4547-b8ca-eaf3959fcca8&Seq=1&ClientTime=1730134060869&PageStart=1730134058341&PrevBundleTime=0&LastActivity=2279&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 624630ba4ff5cb41773ad7773205da946fef17f9091cb5a7af18412a51b97e58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

via: 1.1 google
access-control-allow-origin: https://wwwuat.carmaxauctions.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 Promo_1_2_comingSoon.png
content-images.carmax.com/qeontfmijmzv/781aA8q2Yn1HS74pFIsAVx/098c6cd02e1d30f2259b42b652086bd2/ 11 KB
12 KB 353ms
302ms Image
image/png 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/781aA8q2Yn1HS74pFIsAVx/098c6cd02e1d30f2259b42b652086bd2/Promo_1_2_comingSoon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

df14c02c8e3eba5dfee676f3c3ef8e6abfce1590c8bcef3fe36d4454265b0533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1574122
etag: "14b5b3392223a3361b68198a6b073cbf"
access-control-allow-origin: *
content-length: 11625
x-amz-cf-id: wXtae6Q8v6KC3kcZrjADIQhQ2sU7oGouj8hJIa5emUTkEX3mjMelOA==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/png
last-modified: Fri, 19 Jul 2024 16:08:37 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Kinetic_location_page_image.jpg
content-images.carmax.com/qeontfmijmzv/ipVSqDEcW15vWSN7zd1Jb/b0ecf15e8a0b083154ec02852d69a740/ 36 KB
36 KB 112ms
61ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/ipVSqDEcW15vWSN7zd1Jb/b0ecf15e8a0b083154ec02852d69a740/Kinetic_location_page_image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

29b4fd23ff7529dc0798fdc0982a3a3a0696050a6ff2d5e3767c11a4358a6d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2411917
etag: "064379533b521ff45a1c68256261f556"
access-control-allow-origin: *
content-length: 36994
x-amz-cf-id: Qe7l862qhWBsHLc49IerR8PT_69rtI_cXN1kaIF_qdTdYckzIBgUxw==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Sat, 18 May 2024 00:26:46 GMT
server: Contentful Images API
x-amz-cf-pop: PHL51-P1

GET
H2 200 Dealer_Web_Promos_2_dedicated_support.jpg
content-images.carmax.com/qeontfmijmzv/13Mjpi1rboQn6yyxgXqn4q/69e4569e460b27a8a147747434683a8c/ 68 KB
68 KB 483ms
432ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/13Mjpi1rboQn6yyxgXqn4q/69e4569e460b27a8a147747434683a8c/Dealer_Web_Promos_2_dedicated_support.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

2d61adda0dd9d746981ab145069241c9d910d26f6bc0340cd37ac54e6ca33783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313100
etag: "250f28310c26be721a72f5f7da377ed4"
access-control-allow-origin: *
content-length: 69488
x-amz-cf-id: moMTFPW_YDax1uKe2dV4f3E--KGyqPZXDgqTAIPFyXv7-W9yhEl43g==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 20:14:57 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_free_veh_history.jpg
content-images.carmax.com/qeontfmijmzv/6asyAn4BNngHLAXakpQKaz/6406bf6357ecba4969390424526f21cc/ 64 KB
64 KB 155ms
103ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/6asyAn4BNngHLAXakpQKaz/6406bf6357ecba4969390424526f21cc/Dealer_Web_Promos_2_free_veh_history.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

ab35ec3a465eb99625b73a38951742c9f391a93bb5d36dc3e22f4b3a588ed7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=967307
etag: "661d17fb48ec0d8a8973cee1fb0085a6"
access-control-allow-origin: *
content-length: 65600
x-amz-cf-id: ZONI_6HG7jw1NAt5gRUWWmhIoo5xwq8KRdehzwUPwHR8kJlCte4HCg==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 21:01:30 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_online_auctions.jpg
content-images.carmax.com/qeontfmijmzv/3a1sdAMkiVdvYpZceICEuH/bff3a11ec03fcc3574548f2d1f645a57/ 77 KB
77 KB 549ms
498ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/3a1sdAMkiVdvYpZceICEuH/bff3a11ec03fcc3574548f2d1f645a57/Dealer_Web_Promos_2_online_auctions.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

89b3036daf90e7d78e24aacee78a4a849b06efee2f582542e5d050139021ec47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313079
etag: "40847908b0d23c5c1674b12b4e2e97e0"
access-control-allow-origin: *
content-length: 78485
x-amz-cf-id: yQykbh2LtO4uoIuoZJeGc3m0OAN3vaArIOBt9HyMrcO-o4dAx888YA==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 19:52:31 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_sell_thru_rate.jpg
content-images.carmax.com/qeontfmijmzv/OXumGBdf6PZmXQBlgzf2g/48e3bafab194939d1d3bf3bbdf1b1d36/ 67 KB
67 KB 366ms
366ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/OXumGBdf6PZmXQBlgzf2g/48e3bafab194939d1d3bf3bbdf1b1d36/Dealer_Web_Promos_2_sell_thru_rate.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

2e331099b89686016fbc83e37d1e773d7e5b771009993f37b1e643244c355ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=963287
etag: "da8466dfa1faac2a4f016d46baf51b1b"
access-control-allow-origin: *
content-length: 68117
x-amz-cf-id: 8q74hUwF3q5i78DcuA4UL4ANQfTvM1Brn6BgjxHqBXQsvctPobS5DQ==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 19:45:15 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_7-day_arb.jpg
content-images.carmax.com/qeontfmijmzv/6jtTAQcYvywpmKBNdXJJtK/daa3ec52da4c26d9b11751ea655946c0/ 70 KB
70 KB 437ms
436ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/6jtTAQcYvywpmKBNdXJJtK/daa3ec52da4c26d9b11751ea655946c0/Dealer_Web_Promos_2_7-day_arb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

451816d20e8a1b6be3aeaf0f9d5ccdaade3d57ac8abf8dde9d0d41c22b3c8414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313121
etag: "6ddb743b45bd4d9c941a8b2a8adffed0"
access-control-allow-origin: *
content-length: 71599
x-amz-cf-id: He0JsvNbCasfC_akbWFgw89Tq8tX_4EODAX5gXUkucv0IFVRg-Y5Fw==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 19:49:03 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_upfront_announcements.jpg
content-images.carmax.com/qeontfmijmzv/74XjwZMv2A0xrotLRcRqbx/0c70750549ee64d4927bb92a91a13a86/ 66 KB
66 KB 374ms
374ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/74XjwZMv2A0xrotLRcRqbx/0c70750549ee64d4927bb92a91a13a86/Dealer_Web_Promos_2_upfront_announcements.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

21295be32081c0259d529372e00d4b39d75c984ab2dce2b6a612e62073c7086b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313120
etag: "322844847dd16056c7fe0d49abc2fa4d"
access-control-allow-origin: *
content-length: 67311
x-amz-cf-id: xanKgR_HGtOE0IX0fax6GB4PPyew-fVPVxH4QCipX_zwoiIJzHms5Q==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 19:55:13 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_wide_selection.jpg
content-images.carmax.com/qeontfmijmzv/2B4sS2Mf96ztmhKpmo9lUg/0f8590f27cb9d2f918c047532493d305/ 92 KB
92 KB 505ms
505ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/2B4sS2Mf96ztmhKpmo9lUg/0f8590f27cb9d2f918c047532493d305/Dealer_Web_Promos_2_wide_selection.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

dbc34131cadf1edcd9c28b99a2d2322284f0f6d5cda96831e943c87406823871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313103
etag: "beac96016b538a3e940ed6be3c280cbd"
access-control-allow-origin: *
content-length: 93821
x-amz-cf-id: BphYUEh0mqCd1qVbP1YOrKzg1uyrabPnv0VOlqakV5JXbhXWMudeIQ==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 20:09:03 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_damage_indicators.jpg
content-images.carmax.com/qeontfmijmzv/5uy6Sduvuew6AhBdq5Mo55/da559164544f68d77a8a7b29ea26db5b/ 82 KB
82 KB 219ms
219ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/5uy6Sduvuew6AhBdq5Mo55/da559164544f68d77a8a7b29ea26db5b/Dealer_Web_Promos_2_damage_indicators.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

c66a6f320d539537030487636cccc0b3b29e9b1cb15160fc4db8daef3b589995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1040242
etag: "034e60602b1a7583eeead6d4d50c1fc6"
access-control-allow-origin: *
content-length: 83773
x-amz-cf-id: N2ayo-HL3cYRkHyYTU7qbstEQy7759qU6Li0muGzHNBsgRZvvhcgkw==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 22 May 2024 02:50:39 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_Vehicle_previews.jpg
content-images.carmax.com/qeontfmijmzv/5dTzNPEOm6UY2boa2bz07I/c655f69a52feabd504085f2fef678efe/ 82 KB
82 KB 176ms
176ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/5dTzNPEOm6UY2boa2bz07I/c655f69a52feabd504085f2fef678efe/Dealer_Web_Promos_2_Vehicle_previews.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

501716bfe01148074d5e3d80e11fd199624d53c14deca88d305d413709c3c899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1313154
etag: "6a54fdac17f05d51f6b67d40ff094c0c"
access-control-allow-origin: *
content-length: 83924
x-amz-cf-id: Fl5kpJXij4--RzoL3k4N6OeS7oqZgYvEf0ykxoCjsgnfnIZ6H8UEcQ==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 20:06:58 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

GET
H2 200 Dealer_Web_Promos_2_early_bidding.jpg
content-images.carmax.com/qeontfmijmzv/VE0QjrNdeVrH21tq0jbeu/67bd8c0e6a95753f17d00e444464c61a/ 57 KB
57 KB 66ms
66ms Image
image/jpeg 2a02:26f0:3500:89a::1c4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-images.carmax.com/qeontfmijmzv/VE0QjrNdeVrH21tq0jbeu/67bd8c0e6a95753f17d00e444464c61a/Dealer_Web_Promos_2_early_bidding.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::1c4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Contentful Images API /

Resource Hash

6cfe877289259299a78a4e156ffa9e1967a38aec3afb41cd8afebca61996fc7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=1312998
etag: "263e5e2498619c6f87a481f5ba3aa3b5"
access-control-allow-origin: *
content-length: 58455
x-amz-cf-id: OHZaWrOZfF2WZtAM98mUlUFLxWS-Jv5cvJZF4J5iFCwzqNODkK509A==
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 Oct 2024 20:11:20 GMT
server: Contentful Images API
x-amz-cf-pop: JFK50-P3

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
48 B 49ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8WTZ9XR7TK&gtm=45je4ao0v895393762za200&_p=1730134056892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1896872101.1730134057&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730134056&sct=1&seg=0&dl=https%3A%2F%2Fwwwuat.carmaxauctions.com%2F&dt=CarMax%20Auctions&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6149
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wwwuat.carmaxauctions.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 16:47:41 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 171ms
169ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=17AD5K&UserId=f7d42dfb-877f-4d99-9012-8a7f86359795&SessionId=f33a86c4-7ac9-4f75-8fcd-ffdcc9351012&PageId=c67bd8a5-4d59-4547-b8ca-eaf3959fcca8&Seq=2&ClientTime=1730134063358&PageStart=1730134058341&PrevBundleTime=1730134060947&LastActivity=4771&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: wwwuat.carmaxauctions.com
URL: https://wwwuat.carmaxauctions.com/main.80f2db04ee51bd73976a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fb1746f624164668090acb1ed0ef51ad9902040e985f99f53858592bd2ca875b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

via: 1.1 google
access-control-allow-origin: https://wwwuat.carmaxauctions.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Mon, 28 Oct 2024 16:47:43 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.carmaxauctions.com/	1970-01-21 00:37:00	Name: _gid Value: GA1.2.448575262.1730134057
.carmaxauctions.com/	1970-01-21 10:11:34	Name: _ga Value: GA1.1.1896872101.1730134057
.carmaxauctions.com/	1970-01-21 10:11:34	Name: _ga_8WTZ9XR7TK Value: GS1.1.1730134056.1.0.1730134056.60.0.0
wwwuat.carmaxauctions.com/	1970-01-21 09:21:10	Name: ai_user Value: dkmr4uePEAYlClZRlTSF3r\|2024-10-28T16:47:37.594Z
wwwuat.carmaxauctions.com/	1970-01-21 00:35:35	Name: ai_session Value: 6K7DZMMDqM4TXTni/3EPdH\|1730134057641\|1730134057641
.carmaxauctions.com/	1970-01-21 00:35:35	Name: mbox Value: session#0d08e7d1ebe24eae8ab93874073c8bb7#1730135918
.carmaxauctions.com/	1970-01-21 00:35:41	Name: ak_bmsc Value: CDF09EF0570B77C7913B78E85D2DE1F8~000000000000000000000000000000~YAAQh6EkF2w3EsSSAQAAu6IG1BmdazuslrTnZCMdX7YobQS3kO9njZXoJSXbeHTFaEN5+Xr+PoCWmv4Mv1O74xI5jEP+uVGEDIr+XeQIa7D2b4BfgeYPMGVt4Rll30t2nBH9l1V3EmB6XGH4ns8ZziJxYvhTYsezUM1qWiHt+mhjl+prBuTkVavVVenNjpCXscp2ChUekrsC4PypR4+6PtslQoErJfP66NZgn7NMtv7mv0C8eKWnxun6F46atrhaYTI1VJu/rEQMvIoVeuc+8zQTWpAhUfEXujbQfWaK/lfqyDjD0zKdf/C1KG1+YnAyxftoK6qbQTbMO1PZs0pjti4bznKZQGXqJ9ACKTX96TkY16Y/OxRtM3x6KyoD0ISiOkBtOoTG0TIDekVanm1Mi6R3rvmKTROgF63Vo6YisTtTuivIXbMxwrX7BxNGsfhRD+Fqsz259SoK48L92PGykwTeVqJE0GqJB5So
.carmaxauctions.com/	1970-01-21 02:45:10	Name: _gcl_au Value: 1.1.738570723.1730134058
.carmaxauctions.com/	1970-01-21 00:35:34	Name: _gat_2d7891068d8244408b7ed52806d9dad5 Value: 1
.doubleclick.net/	1970-01-21 01:18:46	Name: ar_debug Value: 1
wwwuat.carmaxauctions.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwwwuat.carmaxauctions.com%2F~1730134058280
.doubleclick.net/	1970-01-21 04:54:46	Name: receive-cookie-deprecation Value: 1
.carmaxauctions.com/	1970-01-21 00:35:35	Name: fs_lua Value: 1.1730134058067
.carmaxauctions.com/	1970-01-21 09:21:10	Name: fs_uid Value: #17AD5K#f7d42dfb-877f-4d99-9012-8a7f86359795:f33a86c4-7ac9-4f75-8fcd-ffdcc9351012:1730134058067::1#/1761670059
.doubleclick.net/	1970-01-21 09:57:10	Name: IDE Value: AHWqTUnwMlEbejwxU5uVSIM0hJnU3T8httx8bPwtoIvxN93YjoycPZf2BC9zOWqf
.demdex.net/	1970-01-21 04:54:46	Name: demdex Value: 11647405199202519884233158647153301984
.carmaxauctions.com/	1970-01-21 00:35:35	Name: kndctr_0C1038B35278345B0A490D4C_AdobeOrg_cluster Value: irl1
.carmaxauctions.com/	1970-01-21 10:04:22	Name: kndctr_0C1038B35278345B0A490D4C_AdobeOrg_identity Value: CiYyMDY0Mzk2NDc2OTkwMTc5NTQ3MzkwNDg5NzU0MTc5MDY4ODYyM1ITCLnemqCtMhABGAEqBElSTDEwAPABud6aoK0y
.carmaxauctions.com/	1970-01-21 09:57:10	Name: AMCV_0C1038B35278345B0A490D4C%40AdobeOrg Value: MCMID\|20643964769901795473904897541790688623

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://wwwuat.carmaxauctions.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A01C006C0C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8789640.fls.doubleclick.net
ad.doubleclick.net
adobedc.demdex.net
app.launchdarkly.com
assets.adobedtm.com
auctions-microfrontend-apim-prod-fd.azurefd.net
bat.bing.com
bat.bing.net
clientstream.launchdarkly.com
content-images.carmax.com
eastus-8.in.applicationinsights.azure.com
edge.fullstory.com
ethn.io
events.launchdarkly.com
googleads.g.doubleclick.net
region1.analytics.google.com
rs.fullstory.com
siteintercept.qualtrics.com
stats.g.doubleclick.net
www.carmax.com
www.carmaxauctions.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
wwwuat.carmaxauctions.com
zn57m59okchrnj9hv-carmax.siteintercept.qualtrics.com
104.17.208.240
142.250.184.194
142.250.185.67
142.250.186.166
151.101.130.217
172.217.16.196
172.217.18.2
172.217.18.6
2001:4860:4802:32::36
2001:4860:4802:38::178
2620:1ec:33:3::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:827::2008
2a00:1450:400c:c0b::9c
2a02:26f0:3500:883::1c4e
2a02:26f0:3500:89a::1c4e
2a02:26f0:480:f9c::1e80
34.226.129.80
35.186.194.58
35.201.112.186
52.188.247.148
63.140.62.222
76.223.31.44
76.223.37.127
08ff68222b63e5bd3b414d7b6b76271291500735d29f09d3fbce0f3482ba650b
0a25ba075045cf8dbc075d28215a3d37da0534ca574c2137949a257016ad6a83
0ab2831dd7d58711fda3c973b794f13a64028e84b5b0e6a5a03f8ac11016d124
13c99e8833ec32344765ff16d1c1fe0a0afe2c774a50bff29ec6c564645403d8
14a2a2d05cc4a2a515743cb82360e03a7c968106da99ac665b9d1175b065fdf0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1de1a13cfb2ef99f89e93cb5f34773f8e01152965a88fa61f29dc46d295b2d
1f9a9e1d6f163ac251dcb893d7b503c012690edc8ee8010c517ae3492ad77b50
21295be32081c0259d529372e00d4b39d75c984ab2dce2b6a612e62073c7086b
2210c170db2cbd65561d2ab35d4dc66c81858bdc4a235f31cfb6412cbea75f55
28e5bdded672dfc093d57a42d95db92a03913c81e0700a6049a766b223b8b652
29b4fd23ff7529dc0798fdc0982a3a3a0696050a6ff2d5e3767c11a4358a6d46
2bafe6d264c8e76a21d801ab3da3b998b08516d8b760c8c62d194fd396de11af
2d61adda0dd9d746981ab145069241c9d910d26f6bc0340cd37ac54e6ca33783
2e331099b89686016fbc83e37d1e773d7e5b771009993f37b1e643244c355ddf
2eadb13ac81f132cfe53a0cb2918537a832d03d402339db8c8f44d79fbee8854
323ebafe581ab19f8546f3875491b28f43acd1633d461513b54fef195fbfb7a4
3403b9288b6fc27aa9ad56ba8a43781e4834742c970197d7d2799eb35e67d234
3a69a3523c0bab36bb82f57b2937571a79b4dca963519fa3a6b52fd30e22baa9
427cd4ea0b7a5b07204ad1bb9c6d0daa38e8a3faf3565d20f1e7f9b8fa657527
451816d20e8a1b6be3aeaf0f9d5ccdaade3d57ac8abf8dde9d0d41c22b3c8414
459eb8a8bec6f1f33cda728b0b1d17a2dcaa03702bd7829cbfe30896f14b503e
469a0a54dbf66974d4fa100f1db52559891ab613042cfd51f29a6e4943f97776
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
501716bfe01148074d5e3d80e11fd199624d53c14deca88d305d413709c3c899
5277dfcecdf7cb3cdca70912b41c01268460a8e695c35ee098719d03e7bbc37b
54d5275c2a5d35517ec9ee07334a9d8fe5227bb5d8006e35e7758d82eae574e7
5b5088fd425a311c8ecfd5347104fc6a7df3e5ef78b48640fc38c5527f2d680b
5bed91c21d1c1a41931ee37c6bc103b768bb34d2e3801a335ab46503c55afadc
5c4f52cf82d388b07a7650f5e4e4dd0c97f2ae0e782b3c37ac882e81b66c7d13
624630ba4ff5cb41773ad7773205da946fef17f9091cb5a7af18412a51b97e58
68319b92757ac5a2c19774ed376f8cef04a25398eaf21ed8f0c3588444a9b3ef
6cfe877289259299a78a4e156ffa9e1967a38aec3afb41cd8afebca61996fc7d
6dc7dfac82e7821687767f06224d07a699b6d38f010f45df7de3f3b74606c61c
6ff3ef8e255723f349a1b00aaa311f1e92f339013b84681583fdd0d9514b2ce6
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7fda81996ae46179a6850577b035cc1bb1149edc2051c225215b93774a867857
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82dc710b6f7086f10a331cf559d15e05273be6bff33ef030536fe2b2d1fb9231
83396571b62e0b62acad3e8747db9c0ae00863fe92d47818ccbaf03fc0c66b84
87d048b59d3e2b402bcef787cdbca418b67ddf041f819d5cd428645d25f50633
887e5e8eca7a418ebbae9ceae7f2c51b85ddc081e7614e8e38eaa134a36ebc67
88ac659d27db2b9fc7c61a31ea5ee2fdea9ba88f34f10d67c379822e693929bf
89b3036daf90e7d78e24aacee78a4a849b06efee2f582542e5d050139021ec47
8b52a69ab2067f6f2c386e185345f265d50805bc3c92858f9179bb510b2251d5
8b5e7a50cbce2d1bbba7083013c688f5b8154f23f295668d4ac03aec44e10a7c
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e785fc295e8cf0be6e5f2c7ad5c6b01a198112d2f2784a49d6fd79890d61f52
95a38f1367ea53193147ada132d6f65a8c158ca516abc264b460a004762a4aa5
9722795b0fd43e5bca13c18ddf0dbefa6472c8ef38ab27b7b7d62d40804f04d7
97affe078323b47f79922731c7c5d453022eb3284e26cc0febdda6b61034ee66
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d
a35569fbded218fc0e3f2a5b6c204d358d59d5ab7ac18b95882f7be058912766
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab35ec3a465eb99625b73a38951742c9f391a93bb5d36dc3e22f4b3a588ed7ed
ab884b6ba9c61ee0e7836b7db0c4552bc442dac250b0624145745425553f6ff1
ac869f8163b2df17347465bc23408d85d34f9d35275dc05b8d2e6a11626a4224
ad20b98f7e90cbfde5bf7b431aa4bed78742ef100a6da78fd8f398485a4ec461
aff40dc879a8465871e1f6fcb08a79d9154b735dd7635b224331e1f2c9b08b2c
b3774594679b4e55772a5b4f16fa376ace8044da76c88828a3f67ae08b5fe828
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15
bd271f747416c1f1e647dd0080a298b82cbaee972feb350693f1ba07146399d8
bee00260079c4ca6bfe86a43429fb8c783c1997dd632cfbeb1f6a8bd1f0cdf2b
bfb3aeef9a4385b4b63c1ce2a2a1871d19c2417f9408e2138a0876b949825308
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c66a6f320d539537030487636cccc0b3b29e9b1cb15160fc4db8daef3b589995
c81e0192ba8effd8a330480a50503c9d559fb277a7411ec2ed4ddfe2123f03e1
cb18b8abc5ea60225076a526ca3fc5a29f8eb18aa9bf1d691937a1a1ff1ed21e
d36343d31ae81862cc6a475d734855bbe3b169b434db8ab2918e4ee652d6b652
d51301020d6917890e56f3ffa9718894bec520087cf5d157e205001caaaeffdb
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
dbc34131cadf1edcd9c28b99a2d2322284f0f6d5cda96831e943c87406823871
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df14c02c8e3eba5dfee676f3c3ef8e6abfce1590c8bcef3fe36d4454265b0533
e2c609738239812cf5c65a66840453160eaee5e3f7362d89f8ed1f39dce2e94b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa1df5a5a536fe568b31a0d4916ce5b432cc7b480e5ce6edc0967aaee5e231
e684fbff557805e1f6a1d0816027f5818dcdda2aa51bac633567076b19114066
ec3d3b42bc9f78965423d9ba05d5a1e287956e2a2557641336974d0ff0b0166f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f148638de9e83d716c0a3e5bea445964f74add866feed2a8d8bff00334387458
f9afcd35c7f7b06b154770b63c09a94c935db8e2721563519114a2925f577f44
fb1746f624164668090acb1ed0ef51ad9902040e985f99f53858592bd2ca875b
fcdc3d78d72bd80540e50bd394f6cd1e52c80d544cb14efccde86deba07869b3
fe0d9e4b18b7407792dc21f1eb71f315ccb3201244918130dfa3542ea242c0bb

wwwuat.carmaxauctions.com Open in urlscan Pro 2a02:26f0:3500:89a::1c4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

100 %HTTPS

40 %IPv6

18 Domains

28 Subdomains

26 IPs

4 Countries

3706 kBTransfer

7597 kBSize

19 Cookies

17 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wwwuat.carmaxauctions.com Open in urlscan Pro
2a02:26f0:3500:89a::1c4e Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

40 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

3706 kB
Transfer

7597 kB
Size

19
Cookies

107 HTTP transactions
3 data transactions