dsd-uk-staging-2.thisissecure.net Open in urlscan Pro
34.107.141.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dsd-uk-staging-2.thisissecure.net/
Submission: On December 11 via automatic, source certstream-suspicious (December 11th 2022, 11:37:55 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 34.107.141.161, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dsd-uk-staging-2.thisissecure.net.
TLS certificate: Issued by GTS CA 1D4 on December 11th 2022. Valid for: 3 months.

This is the only time dsd-uk-staging-2.thisissecure.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	34.107.141.161 34.107.141.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:170... 2a02:26f0:1700:11::b856:6786	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	83.166.167.176 83.166.167.176	31727 (NODE4-AS) (NODE4-AS)
13	4

2 34.107.141.161 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.141.107.34.bc.googleusercontent.com

dsd-uk-staging-2.thisissecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:11::b856:6786 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bmw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.166.167.176 (Burton-on-Trent, United Kingdom) 1 redirects

ASN31727 (NODE4-AS, GB)

services.codeweavers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugins.codeweavers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 380	164 KB
2	codeweavers.net 1 redirects services.codeweavers.net — Cisco Umbrella Rank: 261160 plugins.codeweavers.net — Cisco Umbrella Rank: 355557	7 KB
2	thisissecure.net dsd-uk-staging-2.thisissecure.net	32 KB
1	bmw.com www.bmw.com — Cisco Umbrella Rank: 131055	35 KB
13	4

	Domain	Requested by
9	storage.googleapis.com	dsd-uk-staging-2.thisissecure.net storage.googleapis.com
2	dsd-uk-staging-2.thisissecure.net	storage.googleapis.com
1	plugins.codeweavers.net	dsd-uk-staging-2.thisissecure.net
1	services.codeweavers.net	1 redirects
1	www.bmw.com	dsd-uk-staging-2.thisissecure.net
13	5

This site contains no links.

Subject Issuer	Validity	Valid
dsd-uk-develop.thisissecure.net GTS CA 1D4	`2022-12-11` - `2023-03-11`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bmw.com R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dsd-uk-staging-2.thisissecure.net/
Frame ID: 3EC243E35B7DF6115B300839E83C011B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Vehicle Sales

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

237 kB
Transfer

670 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://services.codeweavers.net/v3/script/BmwEretail?key=PUTsUAN5NL2v34Pwe1 HTTP 302
https://plugins.codeweavers.net/scripts/v1/bmw/customer?ApiKey=PUTsUAN5NL2v34Pwe1&SystemKey=BMW&DealerKey=&Target=

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dsd-uk-staging-2.thisissecure.net/ 31 KB
32 KB 212ms
150ms Document
text/html 34.107.141.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dsd-uk-staging-2.thisissecure.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.141.161 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.141.107.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

343b3d79ae4dbe1503b86e45d3f36c7dbf2ccf4d1ae77944e2b46a24baf2e442

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data: dsd-uk-staging-2.thisissecure.net; font-src * data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-language: en-gb
content-length: 31746
content-security-policy: default-src * 'unsafe-inline' data: dsd-uk-staging-2.thisissecure.net; font-src * data:
content-type: text/html; charset=utf-8
date: Sun, 11 Dec 2022 23:37:50 GMT
referrer-policy: same-origin
server: Google Frontend
vary: Accept-Language, Cookie
via: 1.1 google
x-cloud-trace-context: a96d64aed12e8ceb73b6ed3973a20e43
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 main.72e48c8e.css
storage.googleapis.com/dsd-staging-2/static/assets/ 131 KB
21 KB 195ms
117ms Stylesheet
text/css 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.72e48c8e.css
Requested by: Host: dsd-uk-staging-2.thisissecure.net
URL: https://dsd-uk-staging-2.thisissecure.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 72e48c8e2c25632ecf356df45d2bb514fe1a944b5999ffa34a1e6538ce08cf55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvQdGEYrBB8TsVGl7yjdWd52nrhb6QQZiawlI6BT4RhbSx_JzFMGhwAJDVUpaqGTQKTYG_GREn1oggoN1XurI4HyYx6MHo5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21252
last-modified: Fri, 09 Dec 2022 05:08:45 GMT
server: UploadServer
etag: "f4eb815632320987b0f383aeeecee341"
vary: Accept-Encoding
x-goog-generation: 1670562525360937
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=6b7HeQ==, md5=9OuBVjIyCYew84Ou7s7jQQ==
access-control-expose-headers: Content-Type
cache-control: 3600
x-goog-stored-content-length: 21252
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H2 200 epaas.js Show response
www.bmw.com/etc/clientlibs/wcmp/consentcontroller.fallback/ 105 KB
35 KB 140ms
32ms Script
application/javascript 2a02:26f0:1700:11::b856:6786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bmw.com/etc/clientlibs/wcmp/consentcontroller.fallback/epaas.js

Requested by

Host: dsd-uk-staging-2.thisissecure.net
URL: https://dsd-uk-staging-2.thisissecure.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:11::b856:6786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1679a1f25ed3655b38d33b60fe2a8ccd61b18790733e053037ee570d66762a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 107736
x-epaas-prod-domain: consentcontroller-tt
strict-transport-security: max-age=15768000
x-amzn-requestid: e97e1b23-6fa0-404a-a2ea-b4d286fdf47d
x-amzn-trace-id: Root=1-639570e1-73bfc08366c7ffa42e4dafac
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-apigw-id: c96TTGT1FiAFsEA=
content-length: 35341
expires: Mon, 12 Dec 2022 00:37:51 GMT

GET
H2

200

customer Show response
plugins.codeweavers.net/scripts/v1/bmw/
Redirect Chain

https://services.codeweavers.net/v3/script/BmwEretail?key=PUTsUAN5NL2v34Pwe1
https://plugins.codeweavers.net/scripts/v1/bmw/customer?ApiKey=PUTsUAN5NL2v34Pwe1&SystemKey=BMW&DealerKey=&Target=

31 KB
6 KB

60ms
48ms

Script
text/javascript

83.166.167.176
NODE4-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.codeweavers.net/scripts/v1/bmw/customer?ApiKey=PUTsUAN5NL2v34Pwe1&SystemKey=BMW&DealerKey=&Target=
Requested by: Host: dsd-uk-staging-2.thisissecure.net
URL: https://dsd-uk-staging-2.thisissecure.net/
Protocol: H2
Server: 83.166.167.176 Burton-on-Trent, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software: Codeweavers /
Resource Hash: aa86e05520a89a8e201b3dd6e4b905dfd5be4d658690ed690e5f3d5ea9d11cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cw-active-deploy: blue
date: Sun, 11 Dec 2022 23:37:50 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true,"success_fraction":0.0,"failure_fraction":1.0}
server: Codeweavers
x-cw-apache: apache002
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://services.codeweavers.net/api/network-error-logging/record"}],"include_subdomains":true}
content-type: text/javascript; charset=UTF-8
x-cw-host: IIS021
content-length: 6343

Redirect headers

date: Sun, 11 Dec 2022 23:37:50 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true,"success_fraction":0.0,"failure_fraction":1.0}
x-cw-apache: apache002
x-cw-host: IIS015
content-length: 206
x-cw-active-deploy: green
x-cw-requestidentifier: 4a41d9f1-9303-4a57-b8e2-f00a3401f5c4
server: Codeweavers
x-cw-authstatus: NoAuthenticationPerformed
x-cw-duration: 2.3192
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
location: https://plugins.codeweavers.net/scripts/v1/bmw/customer?ApiKey=PUTsUAN5NL2v34Pwe1&SystemKey=BMW&DealerKey=&Target=
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://services.codeweavers.net/api/network-error-logging/record"}],"include_subdomains":true}
cache-control: max-age=0, must-revalidate
x-cw-userreference: 00000000-0000-0000-0000-000000000000

GET
H3 200 main.09400691.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 263 KB
87 KB 148ms
103ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Requested by: Host: dsd-uk-staging-2.thisissecure.net
URL: https://dsd-uk-staging-2.thisissecure.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 78eb19d0fba384b57002bc0d6f4512aac1cf83d9490e9c3bf8492c05a9e8c9a4

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsGoMUEHdd5d-Gr3ZqroDpgD_ouo3uVCquRkCp629wp3Iq1u96lJWA1j6OuX58KGtcaEQgNAaPtEsbZ7o2nzCDfK69wexOo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89320
last-modified: Fri, 09 Dec 2022 05:08:45 GMT
server: UploadServer
etag: "f548e13977102dbcdeb3c3d31e4e5fe6"
vary: Accept-Encoding
x-goog-generation: 1670562525253220
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=g4kH2Q==, md5=9UjhOXcQLbzes8PTHk5f5g==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 89320
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 digital-sales-desk.4be6bb0d.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 8 KB
3 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/digital-sales-desk.4be6bb0d.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 93ead5f85ba2632b1c6104a1ff09122368eb689a9a4aca50800666cbff8647c5

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv-lRAJItlZK3PIQMO4qqvJxo3h_xfuKFQHrvEgeHt32WxphCAkCxohjB1svOS0QZN5rWDqJRWFW4yiJWz9dVnD1BkgEXMw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2534
last-modified: Fri, 09 Dec 2022 05:08:43 GMT
server: UploadServer
etag: "64ec5caa8d7d640cbebb818b8b24bab1"
vary: Accept-Encoding
x-goog-generation: 1670562523541882
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Vo/qGA==, md5=ZOxcqo19ZAy+u4GLiyS6sQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 2534
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 index.a8e4df9a.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 715 B
492 B 95ms
94ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/index.a8e4df9a.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7a893b593671f47b7b25c1237caa993772906ae0ab5f8b4370a34d96bef9f7ce

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvDsBDleq3INyUrlKsznOsD1LYg5VewTAuyI-UZyF0VJp3cFi4tAH89tAg9PyQo1Gfko6-eko4TsC5HH-XVp2IeEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 462
last-modified: Fri, 09 Dec 2022 05:08:44 GMT
server: UploadServer
etag: "584871fc54c0b955c481dfb07864079d"
vary: Accept-Encoding
x-goog-generation: 1670562524717855
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=cJRUVw==, md5=WEhx/FTAuVXEgd+weGQHnQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 462
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 Masthead.c03592df.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 68 KB
24 KB 115ms
113ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/Masthead.c03592df.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b6316ba4617ad89acfa1f1233ab0e375067105ce9a0903f557da4ffbe0d694f0

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduBnw142JLFqD3at75ZSU0yAqHxzl1Hf984zL6Dd30h0vbyTx8SWMMMlAYt0Q_yHkH3KLOaV-uAwvkfrf1uIgvcmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24318
last-modified: Fri, 09 Dec 2022 05:08:40 GMT
server: UploadServer
etag: "636f7039288f0243c707ca07bcaa3cd0"
vary: Accept-Encoding
x-goog-generation: 1670562520217123
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=G4Md8w==, md5=Y29wOSiPAkPHB8oHvKo80A==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 24318
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 Steps.7c8ae560.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 5 KB
2 KB 140ms
139ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/Steps.7c8ae560.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7702a9bd42b64505f6ee1a4e62b34e0bd86c5bea212116a38bfea1da4b9b5edf

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtzsRl8HTw7ARA95ZNenIYYee8eGTq36sfO6thYU1_NGW1Zp-zYLNDfHhvCxwR8DbOl4PDPaGbpgHsdWbKm_ALnV9kKlOd3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1947
last-modified: Fri, 09 Dec 2022 05:08:41 GMT
server: UploadServer
etag: "ec92a6d142ed9f941ea249a5a45a33f9"
vary: Accept-Encoding
x-goog-generation: 1670562521309559
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xWP/mg==, md5=7JKm0ULtn5QeokmlpFoz+Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 1947
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 Link.5081f9a2.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 2 KB
1 KB 103ms
102ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/Link.5081f9a2.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ce83c6d1c040920102b6eb75302d00bebbf9fb63f0f73e497b85c024ad983463

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtVIii87dlT6yCjM9xbpArn_b8V2pka74Hoh_d7xMj7HQKDxSFX53eliVzbUq4iV6Un0auRgc-gIEe2wrYAGgyApnLRlAOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
last-modified: Fri, 09 Dec 2022 05:08:39 GMT
server: UploadServer
etag: "f969f35250046be72640e6ef436875f2"
vary: Accept-Encoding
x-goog-generation: 1670562519859171
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=/EdGfA==, md5=+WnzUlAEa+cmQObvQ2h18g==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 1054
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H2 404 vehicle Show response
dsd-uk-staging-2.thisissecure.net/api/ 30 B
148 B 284ms
236ms XHR
application/json 34.107.141.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dsd-uk-staging-2.thisissecure.net/api/vehicle?advert_id=undefined

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/Masthead.c03592df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.141.161 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.141.107.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

29cd2c7a73bd7d09067967e03adf77c7a3d2284b86993a17f9529eeddd51caa2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' data: dsd-uk-staging-2.thisissecure.net; font-src * data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://dsd-uk-staging-2.thisissecure.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' data: dsd-uk-staging-2.thisissecure.net; font-src * data:
date: Sun, 11 Dec 2022 23:37:51 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
via: 1.1 google
server: Google Frontend
vary: Accept-Language, Cookie
allow: GET, OPTIONS
content-language: en-gb
x-frame-options: SAMEORIGIN
content-type: application/json
x-cloud-trace-context: 597fca46aed0746c28d667faac40d18e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30

GET
H3 200 ErrorContainer.f11e5e61.js Show response
storage.googleapis.com/dsd-staging-2/static/assets/ 538 B
378 B 94ms
94ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/ErrorContainer.f11e5e61.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.09400691.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b4129cd84d8f761004b2a0fc4e002e1c00b8394b553af2aa2cf975b3e38719f3

Request headers

Referer
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtjFZWQA5iCJyLxgbLrX96STknCKtklwLt4WIaKjfeYTkkeqCE71vwA4w0sOTWOFUpXE22vz574v_2vte735cRT25ckv8Yl
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 347
last-modified: Fri, 09 Dec 2022 05:08:39 GMT
server: UploadServer
etag: "b45c8855f8836b0d82108d3072a38fe0"
vary: Accept-Encoding
x-goog-generation: 1670562519478424
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=F61ohw==, md5=tFyIVfiDaw2CEI0wcqOP4A==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 347
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

GET
H3 200 bmwgroup_light-webfont.cc191b7a.woff
storage.googleapis.com/dsd-staging-2/static/assets/ 26 KB
26 KB 107ms
106ms Font
font/woff 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/dsd-staging-2/static/assets/bmwgroup_light-webfont.cc191b7a.woff
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/dsd-staging-2/static/assets/main.72e48c8e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc191b7a27f7fa25a1d4045d32470c919d904b27328e8efd36850dcd5ddc770b

Request headers

Referer: https://storage.googleapis.com/dsd-staging-2/static/assets/main.72e48c8e.css
Origin: https://dsd-uk-staging-2.thisissecure.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 23:37:51 GMT
x-guploader-uploadid: ADPycduIO78zO_Cpv6D95FLCaB1iUFJgiILukUWrh31atJwloBMVpEkXKkswjWz4qwqqK4rLbORos2q1UU5XSAoBUAVlswteQF9i
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26180
last-modified: Fri, 09 Dec 2022 05:08:42 GMT
server: UploadServer
etag: "678cbda43de484b7c482542dada8472a"
x-goog-generation: 1670562522627133
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=QyMYkQ==, md5=Z4y9pD3khLfEglQtrahHKg==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: 3600
x-goog-stored-content-length: 26180
accept-ranges: bytes
expires: Mon, 11 Dec 2023 23:37:51 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dsd-uk-staging-2.thisissecure.net/	1970-01-20 16:50:51	Name: csrftoken Value: 7pS7BAw0aJylMvDd23tiZ2brcwPBFMd9PnBwm2amb9wz8HrxKhXMIj2VuU8D7Det
			plugins.codeweavers.net/	1969-12-31 23:59:59	Name: cw_psid Value: ee049d3d-886e-4908-a734-10c2e7dcae33

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dsd-uk-staging-2.thisissecure.net/api/vehicle?advert_id=undefined Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' data: dsd-uk-staging-2.thisissecure.net; font-src * data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dsd-uk-staging-2.thisissecure.net
plugins.codeweavers.net
services.codeweavers.net
storage.googleapis.com
www.bmw.com
2a00:1450:4001:80f::2010
2a02:26f0:1700:11::b856:6786
34.107.141.161
83.166.167.176
29cd2c7a73bd7d09067967e03adf77c7a3d2284b86993a17f9529eeddd51caa2
343b3d79ae4dbe1503b86e45d3f36c7dbf2ccf4d1ae77944e2b46a24baf2e442
72e48c8e2c25632ecf356df45d2bb514fe1a944b5999ffa34a1e6538ce08cf55
7702a9bd42b64505f6ee1a4e62b34e0bd86c5bea212116a38bfea1da4b9b5edf
78eb19d0fba384b57002bc0d6f4512aac1cf83d9490e9c3bf8492c05a9e8c9a4
7a893b593671f47b7b25c1237caa993772906ae0ab5f8b4370a34d96bef9f7ce
93ead5f85ba2632b1c6104a1ff09122368eb689a9a4aca50800666cbff8647c5
aa86e05520a89a8e201b3dd6e4b905dfd5be4d658690ed690e5f3d5ea9d11cb7
b1679a1f25ed3655b38d33b60fe2a8ccd61b18790733e053037ee570d66762a6
b4129cd84d8f761004b2a0fc4e002e1c00b8394b553af2aa2cf975b3e38719f3
b6316ba4617ad89acfa1f1233ab0e375067105ce9a0903f557da4ffbe0d694f0
cc191b7a27f7fa25a1d4045d32470c919d904b27328e8efd36850dcd5ddc770b
ce83c6d1c040920102b6eb75302d00bebbf9fb63f0f73e497b85c024ad983463

dsd-uk-staging-2.thisissecure.net Open in urlscan Pro 34.107.141.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

237 kBTransfer

670 kBSize

2 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

dsd-uk-staging-2.thisissecure.net Open in urlscan Pro
34.107.141.161 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

237 kB
Transfer

670 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions