urlscan.io logo urlscan.io
SecurityTrails logo

bloxcms.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bloxcms.com.admin-mcas.ms/
Effective URL: https://bloxcms.com/
Submission Tags: phishingrod
Submission: On June 07 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is bloxcms.com.
TLS certificate: Issued by R3 on May 26th 2023. Valid for: 3 months.
This is the only time bloxcms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.137.137.121 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 192.104.182.109 10668 (LEE-ASN)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 99.86.8.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 8
1    51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bloxcms.com.admin-mcas.ms
3    2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
1    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
bloxcms.com
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1612
35 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
273 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 48641
44 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
344 B
1 google.com
ampcid.google.com — Cisco Umbrella Rank: 2285
366 B
1 bloxcms.com
bloxcms.com
2 KB
1 admin-mcas.ms
bloxcms.com.admin-mcas.ms
888 B
17 8
Domain Requested by
4 cdn.segment.com bloxcms.com.admin-mcas.ms
cdn.segment.com
4 www.googletagmanager.com bloxcms.com
www.googletagmanager.com
3 mcasproxy.azureedge.net bloxcms.com.admin-mcas.ms
mcasproxy.azureedge.net
2 www.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 bloxcms.com
1 bloxcms.com.admin-mcas.ms
17 8

This site contains no links.

Subject Issuer Validity Valid
*.com.mcas.ms
Microsoft Azure TLS Issuing CA 05		 2023-04-12 -
2024-04-06		 a year crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2023-05-17 -
2024-05-11		 a year crt.sh
bloxcms.com
R3		 2023-05-26 -
2023-08-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bloxcms.com/
Frame ID: 23162E21ACC513F0A39FD27E8378C114
Requests: 15 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.33.32/html/session-context-restore.html
Frame ID: 310669A4107813D23AB9E7257CD5C6F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unavailable for legal reasons

Page URL History Show full URLs

  1. https://bloxcms.com.admin-mcas.ms/ Page URL
  2. https://bloxcms.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

17
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

376 kB
Transfer

998 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bloxcms.com.admin-mcas.ms/ Page URL
  2. https://bloxcms.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bloxcms.com.admin-mcas.ms/ 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bloxcms.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
8ae81bc6120fa8727fc791cb3f16bd69cfcb25f190d6ca08afec38d534144fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 19:44:34 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
2
x-mcas-request-id
0a4680cd7323e48e4a73d0315a9570e7
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.33.32/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.33.32/js/session-context-store-helper.min.js
Requested by
Host: bloxcms.com.admin-mcas.ms
URL: https://bloxcms.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com.admin-mcas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 07 Jun 2023 19:44:34 GMT
last-modified
Mon, 08 May 2023 09:26:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Dor7jY9XuhzpOAkbPbiHoQ==
etag
0x8DB4FA65F73B5BE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
18279543-501e-006f-5a95-819801000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=28909581
x-ms-version
2009-09-19
server-timing
ak_p; desc="1686167074520_389508516_81893677_230_1305_47_98_219";dur=1
content-length
4832
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.33.32/html/ Frame 3106 		209 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.33.32/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.33.32/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
https://bloxcms.com.admin-mcas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=28909464
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Wed, 07 Jun 2023 19:44:34 GMT
etag
0x8DB4FA687667757
last-modified
Mon, 08 May 2023 09:28:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
server-timing
ak_p; desc="1686167074672_389508516_81893754_75_1327_46_0_255";dur=1
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
75aed448-701e-0005-2b95-81d436000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.33.32/js/ Frame 3106 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.33.32/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.33.32/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.33.32/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 07 Jun 2023 19:44:34 GMT
last-modified
Mon, 08 May 2023 09:26:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
MAQASHEG29aeiGE05FVduQ==
etag
0x8DB4FA65FCB3EF1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0bcc8209-a01e-0010-4795-81e31e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=28909356
x-ms-version
2009-09-19
server-timing
ak_p; desc="1686167074734_389508516_81893869_2737_1879_45_0_219";dur=1
content-length
38676
Primary Request /
bloxcms.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bloxcms.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
b095fca0c90e45d49514c587721f095ae3c8069c61bcfe47b767f36922d7626e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bloxcms.com.admin-mcas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
0
content-encoding
gzip
content-length
1367
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 19:44:35 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.70.0; app7; 0.04s; 1.3M
x-vcache
HIT
x-xrds-location
http://bloxcms.com/tncms/xrds/
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		215 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: bloxcms.com
URL: https://bloxcms.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56aa677cc10beff4110c8ef0896528520107d16a0893e3b1fbe4c5e658d30865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73912
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 19:21:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 19:44:35 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 18:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4148
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 07 Jun 2023 20:35:27 GMT
gtm.js
www.googletagmanager.com/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2674659485203a3be137a9a663ade438f6e15ad03f2823198d4bf22d68566e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60280
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 19:21:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 19:44:35 GMT
gtm.js
www.googletagmanager.com/ 		178 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7bfeb41e03432292ef4222acab7482d42b20517b9fd97e2ac6f8f9f4537b9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63518
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 19:44:35 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		104 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: bloxcms.com.admin-mcas.ms
URL: https://bloxcms.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78750729dbbbdc0c9e92a1d6deb1a9e7c11a0e15672b297269ad96d71ad8cfad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
TjREG5pO6c7neKS4lyRZq2ILF.GPSb2y
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
date
Wed, 07 Jun 2023 19:43:07 GMT
x-amz-cf-pop
FRA6-C1
age
88
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 May 2023 20:11:50 GMT
server
AmazonS3
etag
W/"3f54773943d8aa47eb507df55eaa2a3a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
LuaXd0jD-llf9ZqsZ8BPP6S9voXW61UhqQ2apEoqMV0bmnxaVR813Q==
js
www.googletagmanager.com/gtag/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cee4e1ea79349078dcd3cb038d474b0209d7604bf10f6ba91bb836c21e42c9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 19:44:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81262
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Jun 2023 19:44:35 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bloxcms.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Jun 2023 19:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bloxcms.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
YuYoQpBFarPpw2CxRZbQUfespfEfBf9J
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
date
Wed, 07 Jun 2023 18:03:55 GMT
x-amz-cf-pop
FRA6-C1
age
6043
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Jun 2023 15:03:19 GMT
server
AmazonS3
etag
W/"fca6ee85f752e2683415f90d79146a75"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
jamk8b8SdQVIK1DSQysF6KRpQALJzC0ndOxRU991UNoB2fl95tmWVg==
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-54716522-7&cid=899834225.1686167076&jid=1438558127&gjid=1099147521&_gid=311998594.1686167076&_u=YGBAgUABAAQCAEAAI~&z=1487608984
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bloxcms.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Jun 2023 19:44:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bloxcms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=345147751&t=pageview&_s=1&dl=https%3A%2F%2Fbloxcms.com%2F&dr=https%3A%2F%2Fbloxcms.com.admin-mcas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Unavailable%20for%20legal%20reasons&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCAAAAI~&jid=1438558127&gjid=1099147521&cid=899834225.1686167076&tid=UA-54716522-7&_gid=311998594.1686167076&gtm=45He3650n71PDQV3N&cd2=editorial&cd3=site&cd4=editorial-bloxcms-v0-1&cd5=no&cd8=451&cd9=No&cd10=No&cd12=No&cd13=null&cd16=No&cd17=Page%20View&cm1=38&z=330182298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 01:53:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64268
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ajs-destination.bundle.a1b5627f72b6c90f2baa.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.a1b5627f72b6c90f2baa.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 20:54:43 GMT
x-amz-version-id
Fjraw.Lsd8HbYPy_0cCEVx.u3xIkkAr4
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
4747794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Apr 2023 20:09:29 GMT
server
AmazonS3
etag
W/"dba2c033bf5f6f351c330af3a7fde619"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
AxEWg3THhvB0ycDuMc1q6nuAph-PCXnhV4p9BaxezOvbkUmcIBjsow==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bloxcms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id
MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5427240
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Apr 2023 00:06:35 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
OLCfH8N0AH3k6CK7gq9OZDCd11y5647jlVk7PqmZJX95_eod22fBNQ==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| analytics object| gaplugins object| googletag function| onYouTubeIframeAPIReady object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| gaGlobal object| gaData string| sUserId

5 Cookies

Domain/Path Name / Value
bloxcms.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
bloxcms.com/ Name: _ga
Value: GA1.2.899834225.1686167076
bloxcms.com/ Name: _gid
Value: GA1.2.311998594.1686167076
bloxcms.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
bloxcms.com/ Name: ajs_anonymous_id
Value: 77fbc79e-009c-45f8-b0d2-08fa4b9dc24d

1 Console Messages

Source Level URL
Text
network error URL: https://bloxcms.com/?
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
bloxcms.com
bloxcms.com.admin-mcas.ms
cdn.segment.com
mcasproxy.azureedge.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
192.104.182.109
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0b::9c
2a02:26f0:1700:d::1737:6ea4
51.137.137.121
99.86.8.175
2674659485203a3be137a9a663ade438f6e15ad03f2823198d4bf22d68566e5e
56aa677cc10beff4110c8ef0896528520107d16a0893e3b1fbe4c5e658d30865
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78750729dbbbdc0c9e92a1d6deb1a9e7c11a0e15672b297269ad96d71ad8cfad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ae81bc6120fa8727fc791cb3f16bd69cfcb25f190d6ca08afec38d534144fae
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
b095fca0c90e45d49514c587721f095ae3c8069c61bcfe47b767f36922d7626e
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
c7bfeb41e03432292ef4222acab7482d42b20517b9fd97e2ac6f8f9f4537b9dd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cee4e1ea79349078dcd3cb038d474b0209d7604bf10f6ba91bb836c21e42c9c6
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44