Host 23.48.104.59
United States
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-27 09:39
Last seen 2026-01-03 01:10
Open for 67 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37d96f14f55243bdde5a2735607dbce6459d15ab5GraphQL introspection enabled at /graphql Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, oneOf, skip (total: 4) Detected: Magento
Found on 2026-01-03 01:10656.1 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2d562a70c2fd428505555046b706aa7db43f29cceGraphQL introspection enabled at /graphql/api Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, oneOf, skip (total: 4) Detected: Magento
Found on 2025-12-30 14:37656.1 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2d562a70c2fd428505555046b706aa7dbea0f54c3GraphQL introspection enabled at /graphql/api Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, oneOf, skip (total: 4)
Found on 2025-11-16 14:25656.1 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37d96f14f55243bdde5a2735607dbce64a8cf2186GraphQL introspection enabled at /graphql Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, oneOf, skip (total: 4)
Found on 2025-11-12 20:51656.1 kBytes
-
-
Open service 23.48.104.59:443 · bwxtstore.com
2026-02-02 08:55
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 363 Expires: Mon, 02 Feb 2026 08:55:07 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 02 Feb 2026 08:55:07 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1770022506776_389047355_1833627231_9_9388_260_267_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://bwxtstore.com/" on this server.<P> Reference #18.3b643017.1770022506.6d4aee5f <P>https://errors.edgesuite.net/18.3b643017.1770022506.6d4aee5f</P> </BODY> </HTML>
Found 2026-02-02 by HttpPluginCreate report
-
Open service 23.48.104.59:443 · bwxtstore.com
2026-01-23 05:35
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 363 Expires: Fri, 23 Jan 2026 05:35:40 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 05:35:40 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1769146540181_389047355_1027553878_10_45961_90_98_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://bwxtstore.com/" on this server.<P> Reference #18.3b643017.1769146540.3d3f3a56 <P>https://errors.edgesuite.net/18.3b643017.1769146540.3d3f3a56</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 23.48.104.59:443 · bwxtstore.com
2026-01-09 19:57
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 363 Expires: Fri, 09 Jan 2026 19:57:06 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 19:57:06 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767988625941_389047353_3720295792_9_4190_80_83_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://bwxtstore.com/" on this server.<P> Reference #18.39643017.1767988625.ddbf3570 <P>https://errors.edgesuite.net/18.39643017.1767988625.ddbf3570</P> </BODY> </HTML>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 23.48.104.59:443 · bwxtstore.com
2026-01-03 01:10
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/ad1de0bf-a6f7-41e7-94d6-3152bd3ba570.sansec.watch\/"}]} Page title: Landing Page .demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com *.akstat.io *.go-mpulse.net *.helpscout.net d3hb14vkzrxvla.cloudfront.net trial-eum-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net *.cloudflare.com *.googleapis.com *.addthis.com *.graph.instagram.com *.google-analytics.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com 'self' 'unsafe-inline'; child-src *.certcapture.com assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://ad1de0bf-a6f7-41e7-94d6-3152bd3ba570.sansec.watch/; report-to report-endpoint;, upgrade-insecure-requests; X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN X-Magento-Cache-Debug: HIT Grace: none X-Akamai-Transformed: 9 10938 0 pmb=mRUM,1 Expires: Sat, 03 Jan 2026 01:10:14 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Jan 2026 01:10:14 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Server-Timing: edge; dur=3 Server-Timing: origin; dur=29 Server-Timing: cdn-cache; desc=MISS Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767402614213_389047355_3564706109_3112_4467_31_34_-";dur=1 0000C000 <!doctype html> <html lang="en"> <head > <script> var LOCALE = 'en\u002DUS'; var BASE_URL = 'https\u003A\u002F\u002Fbwxtstore.com\u002F'; var require = { 'baseUrl': 'https\u003A\u002F\u002Fbwxtstore.com\u002Fstatic\u002Fversion1766161125\u002Ffrontend\u002FFullpond\u002Fcustom_porto\u002Fen_US' };</script> <meta charset="utf-8"/> <meta name="title" content="Landing Page"/> <meta name="robots" content="INDEX,FOLLOW"/> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=no"/> <meta name="format-detection" content="telephone=no"/> <title>Landing Page</title> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/mage/calendar.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/css/styles-m.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/owl.carousel/assets/owl.carousel.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/fancybox/css/jquery.fancybox.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/icon-fonts/css/porto-icons-codes.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/simple-line-icons/css/simple-line-icons.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontend/Fullpond/custom_porto/en_US/icon-fonts/css/animation.css" /> <link rel="stylesheet" type="text/css" media="all" href="https://bwxtstore.com/static/version1766161125/frontendFound 2026-01-03 by HttpPluginCreate report
-
Open service 23.48.104.59:443 · bwxtstore.com
2025-12-22 13:17
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 363 Expires: Mon, 22 Dec 2025 13:17:18 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 13:17:18 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1766409438023_389047353_941729846_10_4342_85_92_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://bwxtstore.com/" on this server.<P> Reference #18.39643017.1766409438.3821a836 <P>https://errors.edgesuite.net/18.39643017.1766409438.3821a836</P> </BODY> </HTML>
Found 2025-12-22 by HttpPluginCreate report