fake-retailer.test.mip.bdk-bank.de Open in urlscan Pro
18.156.12.201  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fake-retailer.test.mip.bdk-bank.de/	1 KB 945 B	100ms 32ms	Document text/html	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash 616bdf5feb63bdb2da04a27c21df2f2b58bec468605dfd6953ea10623e76fb64 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :method GET :authority fake-retailer.test.mip.bdk-bank.de :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server openresty/1.15.8.2 date Mon, 23 Nov 2020 07:44:55 GMT content-type text/html strict-transport-security max-age=15724800; includeSubDomains last-modified Thu, 19 Nov 2020 12:28:44 GMT vary Accept-Encoding etag W/"5fb664fc-47f" expires Mon, 23 Nov 2020 07:44:54 GMT cache-control no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip
GET H2	200	retailerId.js Show response fake-retailer.test.mip.bdk-bank.de/retailerId/	57 B 378 B	33ms 32ms	Script application/javascript	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/retailerId/retailerId.js Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash a051ebf439ae36f8ccf6b7a7cfab833260d0a2b1c78e4c5337cf0f857b58707a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 23 Nov 2020 07:44:55 GMT last-modified Thu, 19 Nov 2020 12:28:54 GMT server openresty/1.15.8.2 etag "5fb66506-39" strict-transport-security max-age=15724800; includeSubDomains content-type application/javascript cache-control no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes content-length 57 expires Mon, 23 Nov 2020 07:44:54 GMT
GET H2	200	index.css fake-retailer.test.mip.bdk-bank.de/	56 B 367 B	34ms 33ms	Stylesheet text/css	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/index.css Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash cdd9bf11c71ac3e1269e62c50bf73e81f1d9645777fb18600e8f2302aace27d6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 23 Nov 2020 07:44:55 GMT last-modified Thu, 19 Nov 2020 12:28:44 GMT server openresty/1.15.8.2 etag "5fb664fc-38" strict-transport-security max-age=15724800; includeSubDomains content-type text/css cache-control no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes content-length 56 expires Mon, 23 Nov 2020 07:44:54 GMT
GET H2	200	bdk-leads.js Show response fake-retailer.test.mip.bdk-bank.de/backend/	482 KB 139 KB	46ms 45ms	Script application/javascript	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003 Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash f1c9993e50e019f470afedd0c0086f159ca43b626e0655117b03c8b73a4c1e4e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains content-encoding gzip x-content-type-options nosniff last-modified Fri, 20 Nov 2020 13:52:20 GMT server openresty/1.15.8.2 date Mon, 23 Nov 2020 07:44:55 GMT vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript cache-control max-age=300, must-revalidate, public x-xss-protection 1; mode=block
GET H2	401	config fake-retailer.test.mip.bdk-bank.de/v1/retailer/	0 0	44ms 44ms	Fetch	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/v1/retailer/config?manufacturer=undefined&model=undefined Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers bdk-retailer-id 8f8106da-887b-11ea-bc55-0242ac130003 Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 23 Nov 2020 07:44:55 GMT x-content-type-options nosniff server openresty/1.15.8.2 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers cache-control no-cache, no-store, max-age=0, must-revalidate strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains content-length 0 x-xss-protection 1; mode=block expires 0
GET H2	200	environment Show response fake-retailer.test.mip.bdk-bank.de/	84 B 484 B	40ms 40ms	Fetch application/json	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/environment Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash c87c9e903d7ae61643b0d437855ea738dbc3c322d6e6ab580ede356a1ef1d828 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers bdk-retailer-id 8f8106da-887b-11ea-bc55-0242ac130003 Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains content-encoding gzip x-content-type-options nosniff server openresty/1.15.8.2 date Mon, 23 Nov 2020 07:44:55 GMT vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json cache-control no-cache, no-store, max-age=0, must-revalidate x-xss-protection 1; mode=block expires 0
GET H2	401	liabilityText fake-retailer.test.mip.bdk-bank.de/v1/	0 0	43ms 43ms	Fetch	18.156.12.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fake-retailer.test.mip.bdk-bank.de/v1/liabilityText Requested by Host: fake-retailer.test.mip.bdk-bank.de URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.156.12.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-12-201.eu-central-1.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers bdk-retailer-id 8f8106da-887b-11ea-bc55-0242ac130003 Referer https://fake-retailer.test.mip.bdk-bank.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 23 Nov 2020 07:44:55 GMT x-content-type-options nosniff server openresty/1.15.8.2 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers cache-control no-cache, no-store, max-age=0, must-revalidate strict-transport-security max-age=15724800; includeSubDomains, max-age=31536000 ; includeSubDomains content-length 0 x-xss-protection 1; mode=block expires 0

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| retailerId function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __core-js_shared__ object| bdk-leads

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003(Line 50) Message: DIGEO KuKa :: status of the lead changed to "LOADING"
console-api	log	URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003(Line 50) Message: DIGEO KuKa :: did not found provided vehicle
console-api	log	URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003(Line 50) Message: [object Response]
console-api	error	URL: https://fake-retailer.test.mip.bdk-bank.de/backend/bdk-leads.js?retailerId=8f8106da-887b-11ea-bc55-0242ac130003(Line 50) Message: DIGEO KuKa :: could not initialize due to retailer config missing

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fake-retailer.test.mip.bdk-bank.de
18.156.12.201
616bdf5feb63bdb2da04a27c21df2f2b58bec468605dfd6953ea10623e76fb64
a051ebf439ae36f8ccf6b7a7cfab833260d0a2b1c78e4c5337cf0f857b58707a
c87c9e903d7ae61643b0d437855ea738dbc3c322d6e6ab580ede356a1ef1d828
cdd9bf11c71ac3e1269e62c50bf73e81f1d9645777fb18600e8f2302aace27d6
f1c9993e50e019f470afedd0c0086f159ca43b626e0655117b03c8b73a4c1e4e