urlscan.io logo urlscan.io
SecurityTrails logo

bloxcms.com.webzz.us Open in urlscan Pro
37.187.74.130  Public Scan

Go To Rescan Add Verdict Report
URL: https://bloxcms.com.webzz.us/
Submission Tags: phishingrod
Submission: On October 18 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 37.187.74.130, located in France and belongs to OVH, FR. The main domain is bloxcms.com.webzz.us.
TLS certificate: Issued by R10 on October 18th 2024. Valid for: 3 months.
This is the only time bloxcms.com.webzz.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37.187.74.130 16276 (OVH)
4 104.17.24.14 13335 (CLOUDFLAR...)
1 3 172.67.158.138 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
2 2 142.251.40.196 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 172.67.162.218 13335 (CLOUDFLAR...)
13 6
1    37.187.74.130 (France)

ASN16276 (OVH, FR)
PTR: ns3365002.ip-37-187-74.eu
bloxcms.com.webzz.us
4    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    172.67.158.138 (United States)

ASN13335 (CLOUDFLARENET, US)
webzz.us
www.webzz.us
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl18374511.profitablegatecpm.com
2    142.251.40.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net
www.google.com
2    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
t1.gstatic.com
3    172.67.162.218 (United States)

ASN13335 (CLOUDFLARENET, US)
tj.domain-bin.com
Apex Domain
Subdomains		 Transfer
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
66 KB
4 webzz.us
bloxcms.com.webzz.us
webzz.us
www.webzz.us
59 KB
3 domain-bin.com
tj.domain-bin.com
3 KB
2 gstatic.com
t1.gstatic.com
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
18 B
1 profitablegatecpm.com
pl18374511.profitablegatecpm.com
13 6
Domain Requested by
4 cdnjs.cloudflare.com bloxcms.com.webzz.us
3 tj.domain-bin.com bloxcms.com.webzz.us
tj.domain-bin.com
2 t1.gstatic.com bloxcms.com.webzz.us
2 www.google.com 2 redirects
2 webzz.us bloxcms.com.webzz.us
1 www.webzz.us 1 redirects
1 pl18374511.profitablegatecpm.com bloxcms.com.webzz.us
1 bloxcms.com.webzz.us
13 8

This site contains links to these domains. Also see Links.

Domain
www.webzz.us
Subject Issuer Validity Valid
ssl-001.webzz.us
R10		 2024-10-18 -
2025-01-16		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
webzz.us
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
profitablegatecpm.com
R11		 2024-10-04 -
2025-01-02		 3 months crt.sh
domain-bin.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bloxcms.com.webzz.us/
Frame ID: EAA65B262A07CD8ECA666DE78A8BD68B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bloxcms.com |

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

77 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

130 kB
Transfer

476 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.webzz.us/logo.png HTTP 301
  • https://webzz.us/logo.png
Request Chain 4
  • https://www.google.com/s2/favicons?domain_url=http://bloxcms.com HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
Request Chain 11
  • https://www.google.com/s2/favicons?domain_url=http://bloxcms.com HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bloxcms.com.webzz.us/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bloxcms.com.webzz.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.187.74.130 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3365002.ip-37-187-74.eu
Software
nginx / PHP/7.4.30
Resource Hash
9234153cde1d7ee91e2ca9f24c764508bbd0b1c6c329a77522dc757bf584ae62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 06:03:43 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/7.4.30
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/ 		152 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bloxcms.com.webzz.us
Referer
https://bloxcms.com.webzz.us/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb04010-2606e"
age
118412
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7ocg6GXcOeGonmu9VhTRFAhgspS9TXSGCXw80IsLtVhZ47PqxtZ0f2tcHahOnibmmwATQ%2FtVQg2fJ8HeRxZbcQ3kRd9BYBiIxa1x9Z9r%2BkgHAeydKWaaeqXIz7Pc8xfcBh3h%2BpM"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:03:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:43 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d4653aefc6a689b-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
17210
server
cloudflare
jquery.js
webzz.us/js/ 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webzz.us/js/jquery.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37799f50f50565784658a420e803200f94debd121f3f335a7dc938e5c3961e0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"64545c9c-201e6"
age
30294
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9auBlrKk1sFzRwJ2fMFVrIsmHSDJtPi7CSZ5Le%2BxUWzaUokSm6ITu7nn5qRz%2FAFncMPcGViK9fjCPNEmL1lmch8RbjlCClf5c%2Bm0a82Y6B0j2nPe%2FPKhkl7bg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 09:38:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:43 GMT
content-type
application/javascript
last-modified
Fri, 05 May 2023 01:32:12 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4653aeedc57cbc-LAX
server
cloudflare
35efd0e04f6a9a31fc0ca95995840e13.js
pl18374511.profitablegatecpm.com/35/ef/d0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl18374511.profitablegatecpm.com/35/ef/d0/35efd0e04f6a9a31fc0ca95995840e13.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 18 Oct 2024 06:03:44 GMT
Content-Type
application/javascript
Host
pl18374511.profitablegatecpm.com
Server
nginx/1.19.5
logo.png
webzz.us/
Redirect Chain
  • https://www.webzz.us/logo.png
  • https://webzz.us/logo.png
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webzz.us/logo.png
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Server
172.67.158.138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab3dc94257f5a73f61f94fcf49ab298ea753f8de2d9d229ca5c33180859f69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cf-cache-status
MISS
etag
"64545c9b-2b0d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnigdFk1IuAV74OCFySlUD4tzYlxYlv4jflhzpySLl87XrYocT5plJUwtKoF2sFXyCsh7IxdlP6xixepgUu8uA6ODfLJjc4fw1M4qf2qTeA5Hj625itm55reyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 17 Nov 2024 06:03:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:44 GMT
content-type
image/png
last-modified
Fri, 05 May 2023 01:32:11 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4653b158887cbc-LAX
accept-ranges
bytes
content-length
11021
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
http://webzz.us/logo.png
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bO4G%2B4BwChYm%2FUzryNCpm7cFQliN0LnRI9GOaEmW%2BahTPTPXCQCCw%2FRJ9%2Fbf0o6EnvB3hHUy0IzAA9elMUHobhptZ1ZSW8VSRJUo20Ln5nOZd21I1tYondCT0ur1HyY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d4653aeedca7cbc-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:44 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain_url=http://bloxcms.com
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
726 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H2
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
726
date
Fri, 18 Oct 2024 06:03:45 GMT
x-xss-protection
0
content-type
image/png
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 06:33:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
331
date
Fri, 18 Oct 2024 06:03:44 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
sffe
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-15851"
age
120167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPgeZCzBIKiWcffUEIl0z9H8qh6EK7ZBHj2tMAQwtUGLFzz54kH%2B1qvauBzSq8XDuh2um1EK9gADklLpVPXpM%2B1B0y3Cj8syJGBQi%2BdWM0K0knWnMKfpNwd0GYPgsYaksI5IU9zp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:03:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d4653aef8eb966f-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
27748
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.15.0/umd/popper.min.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3b9482d4fb3b6aeaa089b08eb84381b5d3294c32c71ba320c4482bb4dbb8d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-52aa"
age
129246
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WDvUM1BIQasR%2BCq%2BQJiAUdriAMIK1%2BgC2EXuh6JQA1wA8XD8lkPd2CWEQXw%2F0LE59YCmJ9q1xRRHOOGV%2BVbHi2l3HD0gPCsbGgCXT9FDEbtY%2FeHO9ckz9Ts3w81P961Avdabg9%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:03:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d4653b019bc966f-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
6680
server
cloudflare
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb04010-e2d8"
age
120032
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEHBYhESjorDt7WIkgIQef1gbJs%2FseFvOQCfs5wEMScmGke71WaYMN1g3d%2FJ7s98cmaI9E%2B8AXZc%2BO6mH6umTb8TQL2Pa57fTxl4zn2lbojS0t3VcenQeqDu83EumMW2TMwn5nWG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 06:03:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d4653b0ba63966f-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
13537
server
cloudflare
script.js
tj.domain-bin.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.domain-bin.com/script.js
Requested by
Host: bloxcms.com.webzz.us
URL: https://bloxcms.com.webzz.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6545a6aa8760ed94dd4c4f74bd50ebe62d50e26c6f04ae9f94b0dff7baee0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"a71-18c1b133fe3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hvW5oCCioesTvV8GhUBUlbaRcFaGUWFOlLg%2BKJvv8Cl3cZOa4%2FV6RlU5vmnXalO1dAQNf4Ijnyu2mFLuApJnGoYbRZazKNp90fYcdfpRJh540jUJih9y1uuuYonnibKYCfSVA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 29 Nov 2023 12:34:55 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
cache-control
public, max-age=14400
x-dns-prefetch-control
on
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d4653b27e0c2f70-LAX
server
cloudflare
collect
tj.domain-bin.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tj.domain-bin.com/api/collect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bloxcms.com.webzz.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d4653b79a5e6a2b-LAX
content-length
0
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date
Fri, 18 Oct 2024 06:03:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhM4PQGSUb94jbLtklxxQSF4JdDx%2BDiokDitUiKlHi6E%2B7EIq%2BmVkXxA4Ahb6WqTmaQLB97FZSGhQTgCqoQct5s7ZPExvpbCx%2FsvnpqjQ%2FZipjSH99QjWlC8HtIy%2Bm7rnBE5zg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Access-Control-Request-Headers
x-dns-prefetch-control
on
x-frame-options
SAMEORIGIN
collect
tj.domain-bin.com/api/ 		501 B
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tj.domain-bin.com/api/collect
Requested by
Host: tj.domain-bin.com
URL: https://tj.domain-bin.com/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e9b06f4602611b4a340421a99fcb4cdaa5d94a005dcf6320316fbf4512a866
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bloxcms.com.webzz.us/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
etag
W/"17664lshbuudx"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZ0pBzB1VaX4M10SNGcYYD8A%2F4SEmXgWoNRIzo8csps06jnyK7T4gXeT%2FgBggp8JMG3CCjNCl3s8tCe4%2BjI3x%2FZArOcTuL%2FpVFiu5D33T6vZBPTNElfBO%2BuptdgrZiwGSKRsgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 18 Oct 2024 06:03:45 GMT
content-type
text/plain
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
on
cf-ray
8d4653b84b636a2b-LAX
access-control-allow-origin
*
server
cloudflare
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain_url=http://bloxcms.com
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
726 B
786 B 		Other
General
Check archive.org
Download Go to
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
Protocol
H2
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bloxcms.com.webzz.us/

Response headers

cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
726
date
Fri, 18 Oct 2024 06:03:45 GMT
x-xss-protection
0
content-type
image/png
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 06:33:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
331
date
Fri, 18 Oct 2024 06:03:44 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
sffe

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| update_helper function| umami

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://pl18374511.profitablegatecpm.com/35/ef/d0/35efd0e04f6a9a31fc0ca95995840e13.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bloxcms.com&size=16
Message:
Failed to load resource: the server responded with a status of 404 ()