Submitted URL: https://bit.ly/2HAqxn5#redirect.html?od=1sya5f6f6093ef2f7_outvl_week.4ifaj40.U0000rg6pzo0ulb00q_x11203.g6pzoMjk...
Effective URL: https://www.xersizer.com/dnm.php
Submission: On September 28 via api from BE

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 15 HTTP transactions. The main IP is 208.97.136.119, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is www.xersizer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 27th 2020. Valid for: 3 months.
This is the only time www.xersizer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
2 3 69.162.111.2 46475 (LIMESTONE...)
1 1 70.32.24.175 55293 (A2HOSTING)
1 1 92.62.113.15 57487 (MIXTELECO...)
1 7 208.97.136.119 26347 (DREAMHOST-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 9
Domain Requested by
6 www.xersizer.com afrients.com
www.xersizer.com
3 afrients.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.3dsintegrator.com www.xersizer.com
1 content.maropost.com www.xersizer.com
1 fonts.googleapis.com www.xersizer.com
1 www.googletagmanager.com www.xersizer.com
1 xersizer.com 1 redirects
1 www.tqlasnrse.com 1 redirects
1 brubuselfish.com 1 redirects
1 bit.ly 1 redirects
15 13

This site contains no links.

Subject Issuer Validity Valid
www.xersizer.com
Let's Encrypt Authority X3
2020-08-27 -
2020-11-25
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.maropost.com
Go Daddy Secure Certificate Authority - G2
2019-06-10 -
2021-08-09
2 years crt.sh
*.3dsintegrator.com
Amazon
2020-03-18 -
2021-04-18
a year crt.sh
*.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.xersizer.com/dnm.php
Frame ID: 58F18DF0762741A58A2A771194A2E37A
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/2HAqxn5 HTTP 301
    http://afrients.com/short HTTP 301
    http://afrients.com/short/ Page URL
  2. http://afrients.com/redirect.html?od=1sya5f6f6093ef2f7_outvl_week.4ifaj40.U0000rg6pzo0ulb00q_x11... HTTP 302
    https://brubuselfish.com/u1761d24b78ab4c55800/ HTTP 302
    https://www.tqlasnrse.com/ObcOyD45_LZuD67MBCsl6wpWHHO-xjXXZZLGkU-_WEXsL_PJ1fInLtAi20UZG7a8_JburlxzyYNd... HTTP 302
    https://xersizer.com/dnm.php HTTP 301
    https://www.xersizer.com/dnm.php Page URL

Page Statistics

15
Requests

93 %
HTTPS

58 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

209 kB
Transfer

658 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2HAqxn5 HTTP 301
    http://afrients.com/short HTTP 301
    http://afrients.com/short/ Page URL
  2. http://afrients.com/redirect.html?od=1sya5f6f6093ef2f7_outvl_week.4ifaj40.U0000rg6pzo0ulb00q_x11203.g6pzoMjk3bjlrLTE1M3ZuM2M0m4NPa HTTP 302
    https://brubuselfish.com/u1761d24b78ab4c55800/ HTTP 302
    https://www.tqlasnrse.com/ObcOyD45_LZuD67MBCsl6wpWHHO-xjXXZZLGkU-_WEXsL_PJ1fInLtAi20UZG7a8_JburlxzyYNd8eSNGGB_8Q~~/ HTTP 302
    https://xersizer.com/dnm.php HTTP 301
    https://www.xersizer.com/dnm.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2HAqxn5 HTTP 301
  • http://afrients.com/short HTTP 301
  • http://afrients.com/short/

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
afrients.com/short/
Redirect Chain
  • https://bit.ly/2HAqxn5
  • http://afrients.com/short
  • http://afrients.com/short/
578 B
907 B
Document
General
Full URL
http://afrients.com/short/
Protocol
HTTP/1.1
Server
69.162.111.2 Fort Worth, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
afrients.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4

Request headers

Host
afrients.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:27 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified
Mon, 22 Jul 2019 15:07:57 GMT
ETag
"242-58e4670ed2d40"
Accept-Ranges
bytes
Content-Length
578
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 28 Sep 2020 04:03:27 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location
http://afrients.com/short/
Content-Length
234
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Primary Request Cookie set dnm.php
www.xersizer.com/
Redirect Chain
  • http://afrients.com/redirect.html?od=1sya5f6f6093ef2f7_outvl_week.4ifaj40.U0000rg6pzo0ulb00q_x11203.g6pzoMjk3bjlrLTE1M3ZuM2M0m4NPa
  • https://brubuselfish.com/u1761d24b78ab4c55800/
  • https://www.tqlasnrse.com/ObcOyD45_LZuD67MBCsl6wpWHHO-xjXXZZLGkU-_WEXsL_PJ1fInLtAi20UZG7a8_JburlxzyYNd8eSNGGB_8Q~~/
  • https://xersizer.com/dnm.php
  • https://www.xersizer.com/dnm.php
9 KB
4 KB
Document
General
Full URL
https://www.xersizer.com/dnm.php
Requested by
Host: afrients.com
URL: http://afrients.com/short/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
8ed0df699d1fd0afdb988eab79e2ce62b9498ec1ef1defe54db06cd39e7139fe

Request headers

Host
www.xersizer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://afrients.com/short/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://afrients.com/short/#redirect.html?od=1sya5f6f6093ef2f7_outvl_week.4ifaj40.U0000rg6pzo0ulb00q_x11203.g6pzoMjk3bjlrLTE1M3ZuM2M0m4NPa

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Server
Apache
Set-Cookie
PHPSESSID=7af35d65a882d8364da36d41eb4f6a22; path=/
Upgrade
h2
Connection
keep-alive, Keep-Alive
Cache-Control
max-age=600
Expires
Mon, 28 Sep 2020 04:13:31 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
3665
Keep-Alive
timeout=2, max=100
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 28 Sep 2020 04:03:30 GMT
Server
Apache
Location
https://www.xersizer.com/dnm.php
Content-Length
240
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
app.css
www.xersizer.com/assets/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.xersizer.com/assets/css/app.css
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
a72e77f000196d2b0f8c2278891cdffb5267c1b9a8401219cc65b0a3851cd91b

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Aug 2020 14:06:09 GMT
Server
Apache
ETag
"2a49-5ac4a1b4c8f07-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
2820
Expires
Wed, 28 Oct 2020 04:03:31 GMT
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-158592615-1
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6bdadbc0c9edc01cb05f03e2debeb0ac5f773479a59420b15940d54c565e416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 04:03:31 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36405
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Sep 2020 04:03:31 GMT
bootstrap.min.css
www.xersizer.com/assets/css/
156 KB
24 KB
Stylesheet
General
Full URL
https://www.xersizer.com/assets/css/bootstrap.min.css
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
b1a4f95620c148c5a93d01094e90c69f5f2d69d8e434f60993ad00ede03a6acf

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jun 2020 08:50:16 GMT
Server
Apache
ETag
"26e12-5a8a854ef0e94-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Expires
Wed, 28 Oct 2020 04:03:31 GMT
thanks.css
www.xersizer.com/assets/css/
50 KB
10 KB
Stylesheet
General
Full URL
https://www.xersizer.com/assets/css/thanks.css
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
003e779911acf03181b210e86f97fd18051b0e56016bc8cb691a08fdd63cb037

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jun 2020 08:50:16 GMT
Server
Apache
ETag
"c939-5a8a854ef1e34-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2
Cache-Control
max-age=2592000
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=2, max=100
Content-Length
10099
Expires
Wed, 28 Oct 2020 04:03:31 GMT
css
fonts.googleapis.com/
40 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36bc7a3fa3c89655b55546b2ae1c5b6fae6802b9b3b62e5d7a0ee8b946ad6672
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 04:03:31 GMT
server
ESF
date
Mon, 28 Sep 2020 04:03:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Sep 2020 04:03:31 GMT
logo.png
www.xersizer.com/assets/images/
4 KB
4 KB
Image
General
Full URL
https://www.xersizer.com/assets/images/logo.png
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
8ca08304cd0a3d9243f82efdd9693f55bbf89e64229e1161ee6d808c937fa2e1

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Last-Modified
Thu, 06 Aug 2020 12:01:32 GMT
Server
Apache
ETag
"100d-5ac343fcb97d5"
Vary
User-Agent,Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
4109
Expires
Wed, 28 Oct 2020 04:03:31 GMT
a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js
content.maropost.com/uploads/2195/websites/1/
8 KB
8 KB
Script
General
Full URL
https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:aa00:a:1779:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
689525511024a899fd579d9637a64e54ac4350bdca14adbb61032eeee6837c72

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 04:14:11 GMT
via
1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 08:24:53 GMT
server
AmazonS3
age
85761
etag
"05d4281184a6bd205843ed1a93c7c16c"
x-cache
Hit from cloudfront
status
200
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
7908
x-amz-cf-id
ztCNp-H9JjCmAbuKOABrrRzxDYcoxT3-Am3NRjobq4W5ss_c71-VeA==
threeds.min.latest.js
cdn.3dsintegrator.com/
17 KB
4 KB
Script
General
Full URL
https://cdn.3dsintegrator.com/threeds.min.latest.js
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:9800:a:3d5:af40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69362770d7a20ac450f28a3c3384c8e3d1e3021ea5cc75f109a433bc8fdd60c1

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-paay-jssdk-version
threeds.min.2.0.13.js
date
Mon, 28 Sep 2020 04:03:31 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 19:18:53 GMT
x-amz-cf-pop
VIE50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
no-store, no-cache
x-amz-cf-id
W3-5Q1TCQpRB_14-YNZ_nmxZdmMtjmY-X7Gl0p9_8Aj9b42jEab_Bg==
via
1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
codebase.min.js
www.xersizer.com/assets/dist/
203 KB
69 KB
Script
General
Full URL
https://www.xersizer.com/assets/dist/codebase.min.js
Requested by
Host: www.xersizer.com
URL: https://www.xersizer.com/dnm.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.97.136.119 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
lop12a2lehongphong.com
Software
Apache /
Resource Hash
6a2162a318d004a1281a893004508f80e93704cab3d3f7b873a2f7452302a925

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 04:03:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jul 2020 08:40:01 GMT
Server
Apache
ETag
"32b2f-5ab90806e7939-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Expires
Wed, 28 Oct 2020 04:03:31 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158592615-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
2871
date
Mon, 28 Sep 2020 03:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 28 Sep 2020 05:15:40 GMT
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xersizer.com
Referer
https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 09:11:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:26 GMT
server
sffe
age
586337
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Tue, 21 Sep 2021 09:11:14 GMT
collect
www.google-analytics.com/j/
2 B
126 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1371911793&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xersizer.com%2Fdnm.php&dr=http%3A%2F%2Fafrients.com%2Fshort%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=351395721&gjid=233451666&cid=1620134473.1601265812&tid=UA-158592615-1&_gid=165847749.1601265812&_r=1&gtm=2ou9g1&z=1836342284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Sep 2020 04:03:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.xersizer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-158592615-1&cid=1620134473.1601265812&jid=351395721&gjid=233451666&_gid=165847749.1601265812&_u=IEBAAUAAAAAAAC~&z=703924322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xersizer.com/dnm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Sep 2020 04:03:31 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.xersizer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| noBack string| AJAX_PATH object| app_config object| app_lang object| input_mask_data object| ll_3D_settings object| gaplugins object| gaGlobal object| gaData function| maropostInitTracking string| name_funnel function| xersizer_cart_v2_219515 string| name_funnel1 function| xersizer_cart_v2_21951 function| index_start_v2_219514 function| index_start_v2_21951 function| order_complete_v2_219513 function| order_complete_v2_21951 function| order_complete_219512 function| order_complete_21951 function| index_start_219511 function| index_start_21951 function| xersizer_219510 function| xersizer_21951 function| ThreeDS object| cbUtilConfig object| $jscomp function| $jscomp$lookupPolyfilledValue object| validator object| cb object| FwUtils number| cSpeed number| cWidth number| cHeight number| cTotalFrames number| cFrameWidth string| cImageSrc boolean| cImageTimeout number| cIndex number| cXpos boolean| cPreloaderTimeout number| SECONDS_BETWEEN_FRAMES function| startAnimation function| continueAnimation function| stopAnimation function| imageLoader function| openNewWindow function| openWindow function| queryString function| asyncProspect object| AppHelpers object| appLocation function| xverifyCustomHtml function| ouibounce object| llformArr string| errorClass string| validClass string| dev_mode number| timeout boolean| enable_loader number| count boolean| isTrigger function| $ function| jQuery function| Inputmask function| validateInput

4 Cookies

Domain/Path Name / Value
.xersizer.com/ Name: _gid
Value: GA1.2.165847749.1601265812
.xersizer.com/ Name: _ga
Value: GA1.2.1620134473.1601265812
.xersizer.com/ Name: _gat_gtag_UA_158592615_1
Value: 1
www.xersizer.com/ Name: PHPSESSID
Value: 7af35d65a882d8364da36d41eb4f6a22

7 Console Messages

Source Level URL
Text
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null
console-api log URL: https://content.maropost.com/uploads/2195/websites/1/a2db889fa3d90f94e96280a3e074c6ceb223ef86-v32.js(Line 1)
Message:
TypeError: Cannot read property 'value' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afrients.com
bit.ly
brubuselfish.com
cdn.3dsintegrator.com
content.maropost.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.tqlasnrse.com
www.xersizer.com
xersizer.com
208.97.136.119
2600:9000:206e:9800:a:3d5:af40:93a1
2600:9000:206e:aa00:a:1779:3180:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:818::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9b
67.199.248.11
69.162.111.2
70.32.24.175
92.62.113.15
003e779911acf03181b210e86f97fd18051b0e56016bc8cb691a08fdd63cb037
36bc7a3fa3c89655b55546b2ae1c5b6fae6802b9b3b62e5d7a0ee8b946ad6672
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
689525511024a899fd579d9637a64e54ac4350bdca14adbb61032eeee6837c72
69362770d7a20ac450f28a3c3384c8e3d1e3021ea5cc75f109a433bc8fdd60c1
6a2162a318d004a1281a893004508f80e93704cab3d3f7b873a2f7452302a925
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8ca08304cd0a3d9243f82efdd9693f55bbf89e64229e1161ee6d808c937fa2e1
8ed0df699d1fd0afdb988eab79e2ce62b9498ec1ef1defe54db06cd39e7139fe
a72e77f000196d2b0f8c2278891cdffb5267c1b9a8401219cc65b0a3851cd91b
b1a4f95620c148c5a93d01094e90c69f5f2d69d8e434f60993ad00ede03a6acf
d6bdadbc0c9edc01cb05f03e2debeb0ac5f773479a59420b15940d54c565e416
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4