urlscan.io logo urlscan.io
SecurityTrails logo

fake-retailer.test.mip.bdk-bank.de Open in urlscan Pro
18.158.11.4  Public Scan

Go To Rescan Add Verdict Report
URL: https://fake-retailer.test.mip.bdk-bank.de/
Submission: On October 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 18.158.11.4, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is fake-retailer.test.mip.bdk-bank.de.
TLS certificate: Issued by R3 on October 15th 2021. Valid for: 3 months.
This is the only time fake-retailer.test.mip.bdk-bank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 18.158.11.4 16509 (AMAZON-02)
12 1
Apex Domain
Subdomains		 Transfer
12 bdk-bank.de
fake-retailer.test.mip.bdk-bank.de
153 KB
12 1
Domain Requested by
12 fake-retailer.test.mip.bdk-bank.de fake-retailer.test.mip.bdk-bank.de
12 1

This site contains no links.

Subject Issuer Validity Valid
fake-retailer.test.mip.bdk-bank.de
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fake-retailer.test.mip.bdk-bank.de/
Frame ID: 5646F9D812AAE11AA22049E43666ACA8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fake Retailer 24 Standalone - Ohne Fahrzeug

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

153 kB
Transfer

522 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fake-retailer.test.mip.bdk-bank.de/ 		1 KB
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
616bdf5feb63bdb2da04a27c21df2f2b58bec468605dfd6953ea10623e76fb64
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
fake-retailer.test.mip.bdk-bank.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 06:59:00 GMT
content-type
text/html
last-modified
Mon, 05 Jul 2021 14:02:00 GMT
vary
Accept-Encoding
etag
W/"60e310d8-47f"
expires
Fri, 15 Oct 2021 06:58:59 GMT
cache-control
no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
retailerId.js
fake-retailer.test.mip.bdk-bank.de/retailerId/ 		57 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/retailerId/retailerId.js
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
693c6299f163bf16667a8f346cbe752bf97856c07dbc9e8738f871fc0347ce84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/retailerId/retailerId.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fake-retailer.test.mip.bdk-bank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:00 GMT
last-modified
Fri, 24 Sep 2021 12:01:25 GMT
etag
"614dbe15-39"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
content-length
57
expires
Fri, 15 Oct 2021 06:58:59 GMT
index.css
fake-retailer.test.mip.bdk-bank.de/ 		56 B
352 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/index.css
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cdd9bf11c71ac3e1269e62c50bf73e81f1d9645777fb18600e8f2302aace27d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/index.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fake-retailer.test.mip.bdk-bank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:00 GMT
last-modified
Mon, 05 Jul 2021 14:02:00 GMT
etag
"60e310d8-38"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
cache-control
no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
content-length
56
expires
Fri, 15 Oct 2021 06:58:59 GMT
bdk-leads.js
fake-retailer.test.mip.bdk-bank.de/backend/ 		514 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
555f9288edcb321a55f16c521b991a7b64cd9551fe24fbd8c8c257db4d1a2788
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fake-retailer.test.mip.bdk-bank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 06:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Oct 2021 05:35:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
max-age=300, must-revalidate, public
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-xss-protection
1; mode=block
config
fake-retailer.test.mip.bdk-bank.de/v1/retailer/ 		2 KB
937 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/retailer/config?manufacturer=undefined&model=undefined
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
75fddae384ab4d2ffe08d7458e5b6997dfd29fd950201bcf9dba84d1d6cf075f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/v1/retailer/config?manufacturer=undefined&model=undefined
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
environment
fake-retailer.test.mip.bdk-bank.de/ 		91 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/environment
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2b52f46b46352bc366556866886ca5aa41d94625507af74bff6a5861dd1b802
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/environment
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
liabilityText
fake-retailer.test.mip.bdk-bank.de/v1/ 		756 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/liabilityText
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5ea1a04132dc6098d2387aa52ee4e9d454c9bca50436c8b6eadb85442a478a26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/v1/liabilityText
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
terms
fake-retailer.test.mip.bdk-bank.de/v1/financing/ 		57 B
405 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/financing/terms
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fd1a2f09771d66c577678cf3eb31058973992af862c514f12dc1faa2ee78795f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/v1/financing/terms
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
additional-product-groups
fake-retailer.test.mip.bdk-bank.de/v1/financing/ 		2 KB
893 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/financing/additional-product-groups
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
851ff3c7216106e0a392d9b02c56f65a7de0fc5cad0a9ab68d610c1dea5603b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/v1/financing/additional-product-groups
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
additional-products
fake-retailer.test.mip.bdk-bank.de/v1/financing/ 		1 KB
813 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/financing/additional-products?purchasePrice=25000&term=12
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3577a55893ccdbcda9adafa12699e1a496d7406c950996c5cc5e70649b72d9b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
:path
/v1/financing/additional-products?purchasePrice=25000&term=12
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
balloonValues
fake-retailer.test.mip.bdk-bank.de/v1/financing/ 		60 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/financing/balloonValues
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e650d6f866807024093096ddb12d2c10eeb884c0919db32adbd07ef1135663b3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://fake-retailer.test.mip.bdk-bank.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
content-length
49
:path
/v1/financing/balloonValues
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0
calculate
fake-retailer.test.mip.bdk-bank.de/v1/financing/ 		684 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fake-retailer.test.mip.bdk-bank.de/v1/financing/calculate
Requested by
Host: fake-retailer.test.mip.bdk-bank.de
URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.158.11.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-11-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
36c3d8d022f039f3ad02b42e85bb7ccb8b582f825a4971a5f2654104cab0ac82
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://fake-retailer.test.mip.bdk-bank.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
content-length
179
:path
/v1/financing/calculate
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
accept
*/*
cache-control
no-cache
:authority
fake-retailer.test.mip.bdk-bank.de
referer
https://fake-retailer.test.mip.bdk-bank.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
bdk-retailer-id
0c004375-ccbf-4a27-9fc6-dd5b596c2d53
Referer
https://fake-retailer.test.mip.bdk-bank.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 06:59:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
x-xss-protection
1; mode=block
expires
0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| retailerId object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __core-js_shared__ object| bdk-leads

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains