urlscan.io logo urlscan.io
SecurityTrails logo

order.mycommerce.com Open in urlscan Pro
45.60.33.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.pmelite.com/BuyItNow__EasyTaskSync.htm
Effective URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Submission Tags: falconsandbox
Submission: On August 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 14 HTTP transactions. The main IP is 45.60.33.126, located in United States and belongs to INCAPSULA, US. The main domain is order.mycommerce.com. The Cisco Umbrella rank of the primary domain is 804175.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 4th 2023. Valid for: a year.
This is the only time order.mycommerce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.180.4.132 26496 (AS-26496-...)
2 4 45.60.33.126 19551 (INCAPSULA)
7 23.53.40.50 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 63.33.186.64 16509 (AMAZON-02)
2 13.69.106.216 8075 (MICROSOFT...)
14 6
1    107.180.4.132 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 132.4.180.107.host.secureserver.net
www.pmelite.com
4    45.60.33.126 (United States)

ASN19551 (INCAPSULA, US)
www.shareit.com
redirect.mycommerce.com
order.mycommerce.com
7    23.53.40.50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-40-50.deploy.static.akamaitechnologies.com
mycommerce.akamaized.net
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
seal.digicert.com
2    13.69.106.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
7 akamaized.net
mycommerce.akamaized.net — Cisco Umbrella Rank: 621473
127 KB
3 mycommerce.com
redirect.mycommerce.com
order.mycommerce.com — Cisco Umbrella Rank: 804175
82 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 772
409 B
2 digicert.com
seal.digicert.com — Cisco Umbrella Rank: 10489
8 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1547
56 KB
1 shareit.com
www.shareit.com
136 B
1 pmelite.com
www.pmelite.com
267 B
14 7
Domain Requested by
7 mycommerce.akamaized.net order.mycommerce.com
mycommerce.akamaized.net
2 dc.services.visualstudio.com js.monitor.azure.com
2 seal.digicert.com order.mycommerce.com
2 order.mycommerce.com order.mycommerce.com
1 js.monitor.azure.com order.mycommerce.com
1 redirect.mycommerce.com 1 redirects
1 www.shareit.com 1 redirects
1 www.pmelite.com 1 redirects
14 8

This site contains no links.

Subject Issuer Validity Valid
order.mycommerce.com
DigiCert SHA2 Extended Validation Server CA		 2023-01-04 -
2024-02-04		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-06-21 -
2024-06-15		 a year crt.sh
seal.digicert.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-06-05		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-07-05 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Frame ID: A72E1E7B265E0233AA6B5E85D61B09AF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyCommerce Online Store

Page URL History Show full URLs

  1. http://www.pmelite.com/BuyItNow__EasyTaskSync.htm HTTP 301
    http://www.shareit.com/product.html?productid=300175975 HTTP 302
    https://redirect.mycommerce.com/product.html?productid=300175975 HTTP 302
    https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

17 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

273 kB
Transfer

1094 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.pmelite.com/BuyItNow__EasyTaskSync.htm HTTP 301
    http://www.shareit.com/product.html?productid=300175975 HTTP 302
    https://redirect.mycommerce.com/product.html?productid=300175975 HTTP 302
    https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request product
order.mycommerce.com/
Redirect Chain
  • http://www.pmelite.com/BuyItNow__EasyTaskSync.htm
  • http://www.shareit.com/product.html?productid=300175975
  • https://redirect.mycommerce.com/product.html?productid=300175975
  • https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
514 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.126 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
65b10eaa3367865f4a6b15867f5deb76b29886e8976c61ecbe6404d911135756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.passfab.com seal.digicert.com www.paypalobjects.com www.hdsentinel.com www.google.co.jp checkoutshopper-live.adyen.com *.akamaized.net bat.bing.com www.bing.com www.googletagmanager.com *.facebook.com *.clarity.ms analytics.afirstsoft.cn www.google-analytics.com www.google.com dc.services.visualstudio.com *.azureedge.net *.gstatic.com api.shareit.com www.hdsentinel.hu log1.mobylog.jp *.googleapis.com www.google.de analytics.google.com region1.analytics.google.com *.doubleclick.net ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 15:57:55 GMT
ETag
W/"808bf-eRVuntUMBefbkGyiZ7YbtgOJFKA"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-CDN
Imperva
X-Content-Type-Options
nosniff
X-Iinfo
13-108207105-108207109 NNNN CT(98 208 0) RT(1693411074257 15) q(0 0 3 3) r(7 8) U24

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Date
Wed, 30 Aug 2023 15:57:54 GMT
Location
https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Request-Context
appId=cid-v1:2ac4bc7c-5e2f-4ae6-9372-c314eb2d78fd
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-CDN
Imperva
X-Content-Type-Options
nosniff
X-Iinfo
6-40148069-40148070 NNNN CT(97 200 0) RT(1693411073806 14) q(0 0 3 0) r(4 4) U11
bootstrap.min.css
mycommerce.akamaized.net/node/resources/bootstrap/custom/3.4.1/css/ 		80 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycommerce.akamaized.net/node/resources/bootstrap/custom/3.4.1/css/bootstrap.min.css
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
562a5e2d167b4abc30a7308b5881519a38aea8ae46ccda8dd5ed8cfc5bba437a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-CDN
Imperva
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.plasq.com analytics.google.com *.gstatic.com seal.digicert.com checkoutshopper-live.adyen.com www.bing.com *.akamaized.net *.azureedge.net *.tawk.to www.paypalobjects.com dc.services.visualstudio.com use.typekit.net www.google.com *.doubleclick.net www.google-analytics.com *.googleapis.com *.paypal.com order.mycommerce.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
X-Iinfo
7-3255466-3255468 NNNN CT(253 509 0) RT(1693315614489 6) q(0 1 8 0) r(11 11) U24
Connection
keep-alive
Content-Length
14219
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
ETag
W/"13f5b-1898711dc50"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=68704
x-incap-sess-cookie-hdr
0J6DbTeGCyoz51+lUi4oDB/y7WQAAAAA+gQwjOAvWt4o4/RmdSYG5A==
Accept-Ranges
bytes
storefront-1.3.27.min.css
mycommerce.akamaized.net/node/resources/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycommerce.akamaized.net/node/resources/storefront-1.3.27.min.css
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de52543252b36904a331a7cf84309c0e5304cfdfa5de92bceb0da09a946bc2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-CDN
Imperva
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.plasq.com use.typekit.net cdnjs.cloudflare.com www.google.com order.mycommerce.com checkoutshopper-live.adyen.com www.d16.pl *.tawk.to analytics.google.com *.clarity.ms *.akamaized.net *.gstatic.com *.azureedge.net seal.digicert.com www.google-analytics.com *.paypal.com *.doubleclick.net dc.services.visualstudio.com api.shareit.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
X-Iinfo
9-21922965-21922966 NNNN CT(94 196 0) RT(1692942697122 3) q(0 0 3 0) r(4 4) U24
Connection
keep-alive
Content-Length
8132
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
ETag
W/"a8dc-1898711dc50"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7133
x-incap-sess-cookie-hdr
Os9QJ6nfn0i+IaGY/uXfEWlB6GQAAAAA5iSLPZ5qttkroOu4whlong==
Accept-Ranges
bytes
csp_report
order.mycommerce.com/ 		0
798 B 		Other
General
Check archive.org
Download Go to
Full URL
https://order.mycommerce.com/csp_report
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.126 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
0
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.passfab.com seal.digicert.com www.paypalobjects.com www.hdsentinel.com www.google.co.jp checkoutshopper-live.adyen.com *.akamaized.net bat.bing.com www.bing.com www.googletagmanager.com *.facebook.com *.clarity.ms analytics.afirstsoft.cn www.google-analytics.com www.google.com dc.services.visualstudio.com *.azureedge.net *.gstatic.com api.shareit.com www.hdsentinel.hu log1.mobylog.jp *.googleapis.com www.google.de analytics.google.com region1.analytics.google.com *.doubleclick.net ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type
text/plain
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		119 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d31a69f7ae0d174b9e6054ebedb533ffa1c85de012409db3fc16fcdf9cc525b

Request headers

Referer
https://order.mycommerce.com/
Origin
https://order.mycommerce.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:57:55 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 18:14:35 GMT
x-ms-meta-aijssdkver
2.8.15
vary
Accept-Encoding
x-azure-ref
20230830T155755Z-bu90n950rp331bdbrqh8ef8c9400000004y0000000001dd7
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
469a6b09-101e-006f-6daa-d453b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.15.min.js
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27a43bef34c67ed090a99e2c4c42824297682a2eeee553b1348c05bda2d601e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
seal.min.js
seal.digicert.com/seals/cascade/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.digicert.com/seals/cascade/seal.min.js
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 15:57:55 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=31536000
last-modified
Tue, 29 Aug 2023 21:16:10 GMT
Server
nginx
etag
W/"1e3d-6041651e4ba80"
Transfer-Encoding
chunked
vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bb23e48419b3ea0f2bc6d2679c58d585827e318b508d107a980f1834285f3fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
mycommerce.akamaized.net/node/resources/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycommerce.akamaized.net/node/resources/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-CDN
Imperva
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.gstatic.com *.akamaized.net *.tawk.to www.plasq.com cdnjs.cloudflare.com *.clarity.ms order.mycommerce.com www.google.com www.google-analytics.com *.doubleclick.net *.azureedge.net *.paypal.com *.googleapis.com seal.digicert.com analytics.google.com checkoutshopper-live.adyen.com dc.services.visualstudio.com api.shareit.com *.facebook.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Iinfo
15-88225016-88225017 NNNN CT(96 194 0) RT(1691044966324 4) q(0 0 3 0) r(4 4) U24
Connection
keep-alive
Content-Length
30718
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
ETag
W/"15851-1898711dc50"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=32105
Accept-Ranges
bytes
bootstrap.min.js
mycommerce.akamaized.net/node/resources/bootstrap/custom/3.4.1/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycommerce.akamaized.net/node/resources/bootstrap/custom/3.4.1/js/bootstrap.min.js
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1212371b3a0fbf50c7d4614885568f7caca34e9248dd9e135c16c51cab75f2e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-CDN
Imperva
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.plasq.com cdnjs.cloudflare.com *.facebook.com *.paypal.com order.mycommerce.com seal.digicert.com *.akamaized.net *.tawk.to *.azureedge.net *.clarity.ms checkoutshopper-live.adyen.com *.gstatic.com www.google-analytics.com *.googleapis.com www.paypalobjects.com api.shareit.com dc.services.visualstudio.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Iinfo
2-4211572-4211573 NNNN CT(99 200 0) RT(1690797382122 4) q(0 0 3 1) r(4 4) U24
Connection
keep-alive
Content-Length
3799
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
ETag
W/"32fc-1898711dc50"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=65773
Accept-Ranges
bytes
03f05a8218dca377cc270c276caaeb242ae814df
mycommerce.akamaized.net/node/theme/s1-3/js/ 		194 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycommerce.akamaized.net/node/theme/s1-3/js/03f05a8218dca377cc270c276caaeb242ae814df
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8618c9caaa5117909f6771266f1e488181c529f9dd3c427e421b98163d7c6d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-CDN
Imperva
ETag
W/"30760-XLbaW2C2yGbCpPn5kzRUdc0ga00"
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.plasq.com analytics.google.com *.gstatic.com seal.digicert.com checkoutshopper-live.adyen.com www.bing.com *.akamaized.net *.azureedge.net *.tawk.to www.paypalobjects.com dc.services.visualstudio.com use.typekit.net www.google.com *.doubleclick.net www.google-analytics.com *.googleapis.com *.paypal.com order.mycommerce.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Iinfo
2-2059443-2059444 NNNN CT(254 535 0) RT(1693340900232 4) q(0 0 8 0) r(11 13) U24
Cache-Control
public, max-age=534599
x-incap-sess-cookie-hdr
2czkMCFYeR0PdfHArqAkDOVU7mQAAAAA0ZtRfUKNw37LdjHgf0pmNg==
Connection
keep-alive
Content-Length
43941
ajax_loader_3.gif
mycommerce.akamaized.net/node/graphics/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycommerce.akamaized.net/node/graphics/ajax_loader_3.gif
Requested by
Host: order.mycommerce.com
URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f5d4a605e48f7e42786b765b416cc71b92943984f7011114de4b87febcaacc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 30 Aug 2023 15:57:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
X-CDN
Imperva
ETag
W/"2a43-1898711dc50"
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: cdnjs.cloudflare.com seal.digicert.com *.gstatic.com www.plasq.com order.mycommerce.com analytics.google.com *.tawk.to checkoutshopper-live.adyen.com dc.services.visualstudio.com www.google-analytics.com www.paypalobjects.com use.typekit.net *.facebook.com www.google.com *.akamaized.net *.clarity.ms *.paypal.com *.azureedge.net ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Iinfo
16-155632228-155632229 NNNN CT(95 201 0) RT(1691886238871 3) q(0 0 3 0) r(4 4) U24
Cache-Control
public, max-age=62542
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819
/
seal.digicert.com/seals/cascade/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.digicert.com/seals/cascade/?tag=LEjbzApb&referer=order.mycommerce.com&format=png&lang=en&an=min
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-186-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
235371dc600b7af64ae4cb18d2d4c8cb031ea71070dda334220a547f2572eb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 15:57:55 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff, nosniff
last-modified
Wed, 30 Aug 2023 00:00:00 +0000
Server
nginx
Content-Type
image/png
cache-control
max-age=86400
Connection
keep-alive
Content-Length
4359
X-XSS-Protection
1; mode=block, 1; mode=block
expires
Thu, 31 Aug 2023 01:53:13 +0000
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://order.mycommerce.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 30 Aug 2023 15:57:56 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		223 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c587f154c0641a9b56b25590b92cb5f754358f7d0309fbf5daf15a1ca859d0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://order.mycommerce.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
5BE4CED2-6D8B-41DB-A7CE-2460BB2FA0EA
strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 15:57:56 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
223
ajax_loader_3.gif
mycommerce.akamaized.net/node/graphics/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycommerce.akamaized.net/node/graphics/ajax_loader_3.gif
Requested by
Host: mycommerce.akamaized.net
URL: https://mycommerce.akamaized.net/node/resources/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f5d4a605e48f7e42786b765b416cc71b92943984f7011114de4b87febcaacc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.mycommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 30 Aug 2023 15:57:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jul 2023 08:44:02 GMT
X-CDN
Imperva
ETag
W/"2a43-1898711dc50"
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: cdnjs.cloudflare.com seal.digicert.com *.gstatic.com www.plasq.com order.mycommerce.com analytics.google.com *.tawk.to checkoutshopper-live.adyen.com dc.services.visualstudio.com www.google-analytics.com www.paypalobjects.com use.typekit.net *.facebook.com www.google.com *.akamaized.net *.clarity.ms *.paypal.com *.azureedge.net ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Iinfo
16-155632228-155632229 NNNN CT(95 201 0) RT(1691886238871 3) q(0 0 3 0) r(4 4) U24
Cache-Control
public, max-age=62541
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| appInsights object| __dcid object| DR function| $ function| jQuery undefined| lifecycle undefined| zxcvbn undefined| AdyenCheckout undefined| DigitalRiver object| paypal object| baseRequest object| allowedCardNetworks object| allowedCardAuthMethods object| tokenizationSpecification object| baseCardPaymentMethod object| cardPaymentMethod object| paymentsClient function| getGoogleIsReadyToPayRequest function| onPaymentAuthorized function| getGooglePaymentDataRequest function| getGooglePaymentsClient function| onGooglePayLoaded function| addGooglePayButton function| getGoogleTransactionInfo function| onGooglePaymentButtonClicked function| processPayment boolean| loadGACustomOnce function| loadGACustom string| pageName string| mode string| backgroundPopup string| backgroundButton string| bannerLocation object| cookieConsentPages function| loadAllGA function| reloadPage function| getSubDomain function| flushCookies function| loadCookieBanner object| __Cascade function| e object| n string| t object| r object| o object| a string| u object| c object| s object| f object| d object| Microsoft object| __dynProto$Gbl string| prop

9 Cookies

Domain/Path Name / Value
.mycommerce.com/ Name: visid_incap_2153138
Value: jcz5FNqnRcmmOwsF5GHmAwFn72QAAAAAQUIPAAAAAADbh5JxYl+Lj5s4AMhChTlt
.mycommerce.com/ Name: nlbi_2153138
Value: BC7PZxSQQ3d1xuAtryck5gAAAACH6/nuJwcVq6KwpevMFKlG
.mycommerce.com/ Name: incap_ses_260_2153138
Value: xoyaBMNKbxj4sR3ANrWbAwJn72QAAAAAHR7sw+uIZtLpJUWg0hfHKQ==
order.mycommerce.com/ Name: smbsess
Value: s%3A_0d00n0e6ZEG8d2WYEEv6kxOm53i2gB6.cUpp8lYNyzxegvB8FfO6Aghbp8i%2FzjpMDDZM%2FoKq5ec
.mycommerce.com/ Name: visid_incap_1638861
Value: j1yUttUjTM+4dRww/OarAgJn72QAAAAAQUIPAAAAAACbt7uNliXVqHL+ks2gyCFx
.mycommerce.com/ Name: nlbi_1638861
Value: NAoDKMr+oXaG/Ejvq/hSJgAAAADk55nBqylxb6i+1Z7qwfyY
.mycommerce.com/ Name: incap_ses_260_1638861
Value: iCvjOFdMhk0Asx3ANrWbAwNn72QAAAAAlWj6BDvEB4llPBHQ+lPZIg==
order.mycommerce.com/ Name: ai_user
Value: aptQ0k6s2CkmtJq54GxZTJ|2023-08-30T15:57:55.956Z
order.mycommerce.com/ Name: ai_session
Value: PxFzx3E/BrtFIr3vJ2JYX1|1693411076059|1693411076059

1 Console Messages

Source Level URL
Text
security error URL: https://order.mycommerce.com/product?productid=300175975&HADD[300175975][REDIRECTOR]=Php(Line 2)
Message:
[Report Only] Refused to load the script 'https://js.monitor.azure.com/scripts/b/ai.2.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.passfab.com seal.digicert.com www.paypalobjects.com www.hdsentinel.com www.google.co.jp checkoutshopper-live.adyen.com *.akamaized.net bat.bing.com www.bing.com www.googletagmanager.com *.facebook.com *.clarity.ms analytics.afirstsoft.cn www.google-analytics.com www.google.com dc.services.visualstudio.com *.azureedge.net *.gstatic.com api.shareit.com www.hdsentinel.hu log1.mobylog.jp *.googleapis.com www.google.de analytics.google.com region1.analytics.google.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff