diff --git a/backend-compliance/compliance/api/agent_compliance_check_routes.py b/backend-compliance/compliance/api/agent_compliance_check_routes.py
index 7ed3edf2..27b2cedd 100644
--- a/backend-compliance/compliance/api/agent_compliance_check_routes.py
+++ b/backend-compliance/compliance/api/agent_compliance_check_routes.py
@@ -408,13 +408,17 @@ async def _fetch_text(url: str) -> str:
     1. Try consent-tester (Playwright) — handles JS-heavy SPAs
     2. Fallback: direct HTTP fetch + HTML strip — fast, works for SSR pages
     """
-    # 1. Consent-tester (Playwright-based, full JS rendering)
+    # 1. Consent-tester (Playwright-based, full JS rendering).
+    # Timeout 180s: a single dsi-discovery does self-extraction + follows up
+    # to 3 sub-links + waits for CMP JSON payloads. 60s was tight enough that
+    # cookie-policy pages on big SPAs (BMW, Daimler) timed out and fell back
+    # to the raw HTTP fetch, which returned site navigation as garbage text.
     try:
-        async with httpx.AsyncClient(timeout=60.0) as client:
+        async with httpx.AsyncClient(timeout=180.0) as client:
             resp = await client.post(
                 f"{CONSENT_TESTER_URL}/dsi-discovery",
                 json={"url": url, "max_documents": 3},
-                timeout=60.0,
+                timeout=180.0,
             )
             if resp.status_code == 200:
                 docs = resp.json().get("documents", [])