urlscan.io logo urlscan.io
SecurityTrails logo

mh-ecommerce-qa.bpower2.com Open in urlscan Pro
77.79.199.126  Public Scan

Go To Rescan Add Verdict Report
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Submission: On September 26 via manual from DE — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 77.79.199.126, located in Warsaw, Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is mh-ecommerce-qa.bpower2.com.
TLS certificate: Issued by R10 on August 17th 2024. Valid for: 3 months.
This is the only time mh-ecommerce-qa.bpower2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 77.79.199.126 15694 (ATMAN-ISP...)
2 142.250.185.170 15169 (GOOGLE)
2 142.250.74.195 15169 (GOOGLE)
21 3
Apex Domain
Subdomains		 Transfer
17 bpower2.com
mh-ecommerce-qa.bpower2.com
86 KB
2 gstatic.com
fonts.gstatic.com
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
5 KB
21 3
Domain Requested by
17 mh-ecommerce-qa.bpower2.com mh-ecommerce-qa.bpower2.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com mh-ecommerce-qa.bpower2.com
21 3

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
mh-ecommerce-qa.bpower2.com
R10		 2024-08-17 -
2024-11-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Frame ID: E05BC028265EFE595805BFFB6FD93531
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

172 kB
Transfer

501 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
mh-ecommerce-qa.bpower2.com/index.php/site/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
60ca04b7b641af8be290b0b84238bd9fc2614c333807f663e59208e884836d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options deny deny
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
content-encoding
gzip
content-length
2389
content-type
text/html; charset=UTF-8
date
Thu, 26 Sep 2024 11:50:25 GMT
referrer-policy
strict-origin-when-cross-origin strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000 max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
deny deny
x-xss-protection
1; mode=block 1; mode=block
css
fonts.googleapis.com/ 		55 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,300,300italic,600,600italic,700,700italic,800,800italic&subset=latin,latin-ext
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 11:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:50:26 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 26 Sep 2024 11:50:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
screen.css
mh-ecommerce-qa.bpower2.com/themes/default/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/css/screen.css
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
ed52b74e55950e97ee8ca42b6f4e8992290dda8a563fdcfbfebd3f2c845b1a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"2a34-6190a9ac201eb-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
2850
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 13:06:37 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
main.css
mh-ecommerce-qa.bpower2.com/themes/default/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/css/main.css
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
7a446dddd1c89568bfa133848d1de42a0aa10ad68bc74a86a3d7883c6cf4a077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"53d5-6190a9ac201eb-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
4596
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 13:06:37 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
customization.css
mh-ecommerce-qa.bpower2.com/themes/default/css/ 		2 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/css/customization.css
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
bc9b21f86d2999629123c439ac98cd47abaa81dafcd32eaf70d4078375b1f760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"87c-618f5f9b3ec1c-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
786
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Tue, 21 May 2024 12:29:55 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
form.css
mh-ecommerce-qa.bpower2.com/themes/default/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/css/form.css
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
cfbdb8e4c3b72b2f6b5b5d2468b0dbd4f50c59e7200ec77c493e926bc6260bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"f9c-6190a9ac201eb-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
1272
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 13:06:37 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
bootstrap.min.css
mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/ 		104 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/bootstrap.min.css?v=044097cf
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
39ec08dfd15afa72a1a0bd23b09494fa3c9c2e0c2ce37660662e6945fe1b0128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"19e28-6190a6100ac6f-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
17080
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
bootstrap-responsive.min.css
mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/bootstrap-responsive.min.css?v=99810939
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
235c515769bf9513e19f0abf2313aff698016ade44b0a937636bdb649177e6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"41da-6190a60ffd1af-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
4002
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
yiistrap.min.css
mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/ 		2 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/css/yiistrap.min.css?v=61756676
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
7502821dd9358c98d378845621af617c684f1e0112900d08e9bec09ed746d4df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"731-6190a61004eaf-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
692
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
jquery.min.js
mh-ecommerce-qa.bpower2.com/assets/30a97c0c/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/30a97c0c/jquery.min.js
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"16dc4-6190a610261f0-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
33430
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
jquery.yii.js
mh-ecommerce-qa.bpower2.com/assets/30a97c0c/ 		1 KB
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/30a97c0c/jquery.yii.js
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
e8ee04ae51d8cb0c25f797546dc2257c72401a31cf8dc9915b328ab0f1a4c731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"478-6190a610261f0-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
596
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
jquery.yiiactiveform.js
mh-ecommerce-qa.bpower2.com/assets/30a97c0c/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/30a97c0c/jquery.yiiactiveform.js
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
31fe07086c0a17e8324bc773b4f4d6f45591d01a58503182364235dfea9bddec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"38cc-6190a61027190-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
3793
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
main.js
mh-ecommerce-qa.bpower2.com/themes/default/js/ 		698 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/js/main.js
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
b4bf41945e27aebe30bd0f58c7592045b411da92449159457e133ae20f273da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"2ba-618f5f9b4597c-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
361
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Tue, 21 May 2024 12:29:55 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
logo_big_wix.png
mh-ecommerce-qa.bpower2.com/themes/default/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/images/logo_big_wix.png
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
ac389c03489e5a06d1b8f6d5daaf20ef4a35260daf3207fa2d26417c5aa1da83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
etag
"1573-618f5f9b449dc"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
5491
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Tue, 21 May 2024 12:29:55 GMT
content-type
image/png
server
Apache
x-frame-options
deny, deny
bootstrap.min.js
mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/e47e3ed8/js/bootstrap.min.js?v=0deb9c0a
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
719203ca043df32b0c7008daf200055b464ff8489fa55a8d743d19b989b4b72c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"6fdc-6190a61020430-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
7572
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
encodeImages.js
mh-ecommerce-qa.bpower2.com/assets/a11e0728/js/ 		637 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/assets/a11e0728/js/encodeImages.js?v=a6833c69
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
ae8dfa653c301b88435882bfe876a73b2949f860e0593e0478020b9de7cd2a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"27d-6190a61022370-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
326
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Wed, 22 May 2024 12:50:28 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
x-frame-options
deny, deny
print.css
mh-ecommerce-qa.bpower2.com/themes/default/css/ 		1 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/themes/default/css/print.css
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
c2241a13ed38d3af6ab3e1c9dd391fe55703d5455e8f2e8e44e83e67fbdcc8fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
etag
"506-618f5f9b40b5c-gzip"
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
accept-ranges
bytes
content-length
663
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
last-modified
Tue, 21 May 2024 12:29:55 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
x-frame-options
deny, deny
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800,300,600,300italic,400italic,600italic,700italic,800italic
Requested by
Host: mh-ecommerce-qa.bpower2.com
URL: https://mh-ecommerce-qa.bpower2.com/themes/default/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 11:50:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:50:26 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 26 Sep 2024 11:50:26 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,300,300italic,600,600italic,700,700italic,800,800italic&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mh-ecommerce-qa.bpower2.com
Referer
https://fonts.googleapis.com/

Response headers

age
18873
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 06:35:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 06:35:53 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,300,300italic,600,600italic,700,700italic,800,800italic&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mh-ecommerce-qa.bpower2.com
Referer
https://fonts.googleapis.com/

Response headers

age
36681
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 01:39:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 01:39:05 GMT
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35328
x-xss-protection
0
server
sffe
favicon.ico
mh-ecommerce-qa.bpower2.com/ 		196 B
257 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mh-ecommerce-qa.bpower2.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.79.199.126 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
vdsl-77.79.199.126.atman.pl
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options deny, deny
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mh-ecommerce-qa.bpower2.com/index.php/site/login

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff, nosniff
content-length
196
x-xss-protection
1; mode=block, 1; mode=block
date
Thu, 26 Sep 2024 11:50:26 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-frame-options
deny, deny

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| setFlash string| actionEncodeImages string| chooseFileBtnName string| actionBtnName string| globalActionBtnName string| showFiltersBtn string| showEbill string| hideEbill string| loadingSpinnerTranslate string| themeNameForJs object| jQuery18308616233332548304 function| getImages function| setEncodeImage

1 Cookies

Domain/Path Name / Value
mh-ecommerce-qa.bpower2.com/ Name: PHPSESSID
Value: v7gcv3mr93f3gd7fsqtgrkovkg

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://mh-ecommerce-qa.bpower2.com/index.php/site/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://mh-ecommerce-qa.bpower2.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options deny deny
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mh-ecommerce-qa.bpower2.com
142.250.185.170
142.250.74.195
77.79.199.126
235c515769bf9513e19f0abf2313aff698016ade44b0a937636bdb649177e6c9
31fe07086c0a17e8324bc773b4f4d6f45591d01a58503182364235dfea9bddec
39ec08dfd15afa72a1a0bd23b09494fa3c9c2e0c2ce37660662e6945fe1b0128
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
60ca04b7b641af8be290b0b84238bd9fc2614c333807f663e59208e884836d8b
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
719203ca043df32b0c7008daf200055b464ff8489fa55a8d743d19b989b4b72c
7502821dd9358c98d378845621af617c684f1e0112900d08e9bec09ed746d4df
7a446dddd1c89568bfa133848d1de42a0aa10ad68bc74a86a3d7883c6cf4a077
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
ac389c03489e5a06d1b8f6d5daaf20ef4a35260daf3207fa2d26417c5aa1da83
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae8dfa653c301b88435882bfe876a73b2949f860e0593e0478020b9de7cd2a98
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b4bf41945e27aebe30bd0f58c7592045b411da92449159457e133ae20f273da6
bc9b21f86d2999629123c439ac98cd47abaa81dafcd32eaf70d4078375b1f760
c2241a13ed38d3af6ab3e1c9dd391fe55703d5455e8f2e8e44e83e67fbdcc8fe
cfbdb8e4c3b72b2f6b5b5d2468b0dbd4f50c59e7200ec77c493e926bc6260bf0
e8ee04ae51d8cb0c25f797546dc2257c72401a31cf8dc9915b328ab0f1a4c731
ed52b74e55950e97ee8ca42b6f4e8992290dda8a563fdcfbfebd3f2c845b1a5e