URL: https://origin1.qa.auth.harley-davidson.com/
Submission: On November 02 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 5 HTTP transactions. The main IP is 198.212.64.143, located in United States and belongs to TMC1, US. The main domain is origin1.qa.auth.harley-davidson.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 2nd 2022. Valid for: a year.
This is the only time origin1.qa.auth.harley-davidson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.212.64.143 26131 (TMC1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2
Apex Domain
Subdomains
Transfer
5 harley-davidson.com
origin1.qa.auth.harley-davidson.com
www.harley-davidson.com — Cisco Umbrella Rank: 181823
15 KB
5 1
Domain Requested by
4 www.harley-davidson.com origin1.qa.auth.harley-davidson.com
1 origin1.qa.auth.harley-davidson.com
5 2

This site contains no links.

Subject Issuer Validity Valid
origin1.qa.auth.harley-davidson.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-02 -
2023-12-03
a year crt.sh
www.harley-davidson.com
GeoTrust RSA CA 2018
2022-01-29 -
2023-01-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://origin1.qa.auth.harley-davidson.com/
Frame ID: 70890A17F33321244B971CC36C6C5506
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Harley-Davidson QA.Auth Login

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

15 kB
Transfer

12 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
origin1.qa.auth.harley-davidson.com/
5 KB
6 KB
Document
General
Full URL
https://origin1.qa.auth.harley-davidson.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.212.64.143 , United States, ASN26131 (TMC1, US),
Reverse DNS
Software
WebSEAL/10.0.4.0 /
Resource Hash
3a8965105eae99c67a4a3574b4d16cfc9c468e071808a4683dc9c7df4547a754
Security Headers
Name Value
Strict-Transport-Security
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

X-Frame-Options
DENY
cache-control
no-store
content-length
5436
content-type
text/html
date
Wed, 02 Nov 2022 20:20:13 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
server
WebSEAL/10.0.4.0
strict-transport-security
logo_BarAndShield.png
www.harley-davidson.com/app-content/webseal-login/
4 KB
5 KB
Image
General
Full URL
https://www.harley-davidson.com/app-content/webseal-login/logo_BarAndShield.png
Requested by
Host: origin1.qa.auth.harley-davidson.com
URL: https://origin1.qa.auth.harley-davidson.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8e7f1ecae4f19550b926289cbd0788949c803b7922689f27127e2860e0726e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin1.qa.auth.harley-davidson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 20:20:13 GMT
last-modified
Tue, 11 Oct 2022 01:49:30 GMT
server
Akamai Image Manager
etag
"d227a9b923db71cf7e95d1f916a3ffe8:1396720614"
access-control-max-age
3600
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/webp
access-control-allow-origin
https://origin1.qa.auth.harley-davidson.com
cache-control
private, no-transform, max-age=43200
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=9
access-control-allow-headers
x-requested-with,content-type
content-length
4398
expires
Thu, 03 Nov 2022 08:20:13 GMT
btnSignIn.png
www.harley-davidson.com/app-content/webseal-login/
854 B
1 KB
Image
General
Full URL
https://www.harley-davidson.com/app-content/webseal-login/btnSignIn.png
Requested by
Host: origin1.qa.auth.harley-davidson.com
URL: https://origin1.qa.auth.harley-davidson.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cd6c14dc7af9125d409323ccdbd4a8cca2668ace1448361c8298d1088383c25f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin1.qa.auth.harley-davidson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 20:20:13 GMT
last-modified
Mon, 17 Oct 2022 12:32:10 GMT
server
Akamai Image Manager
etag
"2e35f8135879d78825a63e5ba5500935:1396720613"
access-control-max-age
3600
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/webp
access-control-allow-origin
https://origin1.qa.auth.harley-davidson.com
cache-control
private, no-transform, max-age=43200
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=28
access-control-allow-headers
x-requested-with,content-type
content-length
854
expires
Thu, 03 Nov 2022 08:20:13 GMT
sign-in-bg.png
www.harley-davidson.com/app-content/webseal-login/
2 KB
2 KB
Image
General
Full URL
https://www.harley-davidson.com/app-content/webseal-login/sign-in-bg.png
Requested by
Host: origin1.qa.auth.harley-davidson.com
URL: https://origin1.qa.auth.harley-davidson.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0b6040a254df805b96cdd5a9ed9df9114458a1730ec90c4f5f899456234afb11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin1.qa.auth.harley-davidson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 20:20:13 GMT
last-modified
Mon, 24 Oct 2022 08:57:03 GMT
server
Akamai Image Manager
etag
"8ae264b31a8d2959cb55464c1ab85c79:1396720614"
access-control-max-age
3600
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/webp
access-control-allow-origin
https://origin1.qa.auth.harley-davidson.com
cache-control
private, no-transform, max-age=43200
access-control-allow-credentials
true
server-timing
cdn-cache; desc=HIT, edge; dur=17
access-control-allow-headers
x-requested-with,content-type
content-length
1698
expires
Thu, 03 Nov 2022 08:20:13 GMT
txtFieldBkgd.png
www.harley-davidson.com/app-content/webseal-login/
130 B
655 B
Image
General
Full URL
https://www.harley-davidson.com/app-content/webseal-login/txtFieldBkgd.png
Requested by
Host: origin1.qa.auth.harley-davidson.com
URL: https://origin1.qa.auth.harley-davidson.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
34c3e3d351ead7a760e05e87d7c31f09ae8b3f416d0af9e887437e4704b75234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origin1.qa.auth.harley-davidson.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 20:20:13 GMT
x-check-cacheable
YES
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
130
last-modified
Mon, 24 Oct 2022 08:57:04 GMT
x-serial
187
server
Akamai Image Manager
etag
"2f74528fa998a798938a00e96e916573:1396720615"
access-control-max-age
3600
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/webp
access-control-allow-origin
https://origin1.qa.auth.harley-davidson.com
cache-control
private, no-transform, max-age=43200
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,content-type
expires
Thu, 03 Nov 2022 08:20:13 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| warningString function| submitLogin

3 Cookies

Domain/Path Name / Value
origin1.qa.auth.harley-davidson.com/ Name: PD-H-SESSION-ID-CQ
Value: 1_4_0_tw9gy3ObYIBDDspTm+hzOlsMQHiCUG3H99YGyzro78YioOMC
origin1.qa.auth.harley-davidson.com/ Name: HDMC-COOKIE
Value: !NL+QIJAPDaqvNcyfeQfUDxpeSpPrHIv+kmfxv/LlD73QHH5pbUrXxavIB1Hch8YkhGG7Yo40srmjNA==
.harley-davidson.com/ Name: extendedCountry
Value: de_RS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security
X-Frame-Options DENY