urlscan.io logo urlscan.io
SecurityTrails logo

theplanexaminer.com Open in urlscan Pro
80.240.27.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theplanexaminer.com/?shiny
Effective URL: https://theplanexaminer.com/?shiny
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On August 03 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 80.240.27.3, located in Frankfurt am Main, Germany and belongs to AS-CHOOPA, US. The main domain is theplanexaminer.com.
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.
This is the only time theplanexaminer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 80.240.27.3 20473 (AS-CHOOPA)
10 1
Apex Domain
Subdomains		 Transfer
6 theplanexaminer.com
theplanexaminer.com
122 KB
5 swish.ink
swish.ink
26 KB
10 2
Domain Requested by
6 theplanexaminer.com 1 redirects theplanexaminer.com
5 swish.ink theplanexaminer.com
swish.ink
10 2

This site contains no links.

Subject Issuer Validity Valid
theplanexaminer.com
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
swish.ink
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://theplanexaminer.com/?shiny
Frame ID: 71FE5D11357B9133DB43DCF044087E85
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Plan Examiner

Page URL History Show full URLs

  1. http://theplanexaminer.com/?shiny HTTP 301
    https://theplanexaminer.com/?shiny Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

149 kB
Transfer

217 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theplanexaminer.com/?shiny HTTP 301
    https://theplanexaminer.com/?shiny Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
theplanexaminer.com/
Redirect Chain
  • http://theplanexaminer.com/?shiny
  • https://theplanexaminer.com/?shiny
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
/
Resource Hash
1c553dca79920f9067011e81fb0483dcb3e2b3c767a5400c23fb1c7c9e149e53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-jp,jp;q=0.9

Response headers

content-encoding
gzip
content-length
3887
content-type
text/html; charset=utf-8
date
Thu, 03 Aug 2023 23:28:27 GMT
vary
Accept-Encoding Origin

Redirect headers

Cache-Control
max-age=3600
Content-Length
73
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Aug 2023 23:28:26 GMT
Location
https://theplanexaminer.com:443/?shiny
main.css
theplanexaminer.com/assets/css/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theplanexaminer.com/assets/css/main.css
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
/
Resource Hash
62fbeca1ee1c578a8af795f536b15e72307e16f3f0af56b2a7e1223d2835072a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:28 GMT
content-encoding
gzip
last-modified
Sun, 09 Jul 2023 08:54:03 GMT
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
favicon-196.png
theplanexaminer.com/store/branding/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theplanexaminer.com/store/branding/favicon-196.png?last_modified=1690927654
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
cloudflare /
Resource Hash
1f566e2c1b4be50687485c0d5e2a9897b88edba0744727f1da8f202caaadb2be

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:28 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Aug 2023 21:48:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5624b9538d7b9f0438f935e91480a4c5"
vary
Accept-Encoding, Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BTplEuiW%2BPter9S1%2FPW7Qq3uYFNjmyAsSWNMq%2FzwkiN3D9IOztm2eFVm90%2FqO8pO%2Bu6h9DyBJeoXHJSs6LS5T6P%2FB5mbAUMQwcNOLTKkBUTrK9zsmLxxa8CP2gDdjIQkWO0OOZkjadJv90pkYI7eaW%2FY%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
7f125650cad8cab9-HAM
alt-svc
h3=":443"; ma=86400
main.js
theplanexaminer.com/assets/js/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theplanexaminer.com/assets/js/main.js
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
/
Resource Hash
f13e61931f550c3de225ebf0642caa8114b9ce0073e0ac6cd52d386a0a3a5711

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:28 GMT
content-encoding
gzip
last-modified
Sun, 09 Jul 2023 08:54:03 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
latest.js
swish.ink/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swish.ink/assets/js/latest.js
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
/
Resource Hash
800b6b2eb191bc77c918e5a29af204a34f5b2b55b7486766ef9c65af4b874652

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 02:15:54 GMT
content-length
3025
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
1280720-1%281%29%20-%20Copy.jpg
theplanexaminer.com/store/media/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theplanexaminer.com/store/media/1280720-1%281%29%20-%20Copy.jpg
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
cloudflare /
Resource Hash
5fa13ebb9c5f7cf6d4e761c3992519600451731e68cd0f9ae826595d90d13d3d

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/?shiny
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:28 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Aug 2023 21:54:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fba044054fdda2726333b4201b5d605e"
vary
Accept-Encoding, Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXmTHabC3kXZYq%2Bf10ByeyKD3XbX%2BoRAwHeiIZgdYHxrUH7A4UR7NSUcxnK0XKjH%2FwtUqZ7%2FTaNOsAdqrAkNZ2km8bvKo3jThLwPNLQmtSTmxTymMxhUB%2FOh0Nh6C8ljLHia8fSDJRMRk9yapN4vmOEuHBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f125652ec3dcab9-HAM
alt-svc
h3=":443"; ma=86400
content-length
83570
css2
swish.ink/fonts/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swish.ink/fonts/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
ESF /
Resource Hash
77031b3925d17d5314c80342a15acc0c8bf297157ec2bc1771288ac15413c62a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
823
x-xss-protection
0
server
ESF
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Thu, 03 Aug 2023 23:28:29 GMT
simple.gif
swish.ink/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swish.ink/simple.gif?version=1.0&hostname=63ec6ea8-7e53-4f33-b7a4-56bc42b51f35.i.swish.ink&ua=Mozilla%2F5.0%20(iPhone%3B%20CPU%20iPhone%20OS%2014_7_1%20like%20Mac%20OS%20X)%20AppleWebKit%2F605.1.15%20(KHTML%2C%20like%20Gecko)%20Version%2F14.1.2%20Mobile%2F15E148%20Safari%2F604.1&https=true&timezone=Etc%2FUnknown&page_id=c96e31d7-e281-402f-9ccf-a839ff246a72&session_id=b38f07d1-5fd2-4da6-a965-1eba73571ffc&mobile=false&brands=%5B%5D&hostname_original=theplanexaminer.com&os_name=&os_version=&path=%2F&viewport_width=1600&viewport_height=1200&language=en-US&screen_width=1600&screen_height=1200&unique=true&id=c96e31d7-e281-402f-9ccf-a839ff246a72&type=pageview&time=1691105309031
Requested by
Host: theplanexaminer.com
URL: https://theplanexaminer.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://theplanexaminer.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 03 Aug 2023 23:28:29 GMT
cache-control
no-store
content-length
0
vary
Accept-Encoding, Origin
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
swish.ink/fonts/static/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://swish.ink/fonts/static/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: swish.ink
URL: https://swish.ink/fonts/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://swish.ink/fonts/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Origin
https://theplanexaminer.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 29 Jul 2023 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 00:04:51 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
swish.ink/fonts/static/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://swish.ink/fonts/static/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: swish.ink
URL: https://swish.ink/fonts/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.240.27.3 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS
80.240.27.3.vultrusercontent.com
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://swish.ink/fonts/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Origin
https://theplanexaminer.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 02 Aug 2023 18:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
expires
Thu, 01 Aug 2024 18:03:52 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkbuilder object| Alpine function| localTime function| tableOfContentsController undefined| eTag function| addStylesheetURL function| getEtag boolean| sa_event_loaded boolean| swish_loaded

1 Cookies

Domain/Path Name / Value
theplanexaminer.com/ Name: CF_Authorization
Value: eyJraWQiOiJhMDQ4YjU0N2M1ZTBjYTE0MjI2ODljY2JjNmM0NzY5YjBmMzliOTFiM2MzMzVlMzY1NDMwYjY0MDEzYzg1YzA5IiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJ0eXBlIjoiYXBwIiwiYXVkIjoiMGM2YTFlOWY1MmUxNDg3MDBlNjY0MWI4ZjgyMTEyMmU3ZTg3Y2U4ZTlkZDIyNGUwYTQ2NzIyYWY1MWMyZDVlMSIsImV4cCI6MTY5MTE5MTcwOCwiaXNzIjoiaHR0cHM6XC9cL3N3aXNoLWFwcGxpY2F0aW9ucy5jbG91ZGZsYXJlYWNjZXNzLmNvbSIsImNvbW1vbl9uYW1lIjoiYmZlMTgxODVjNGI4ZDVmZTU5MzRlNTFmY2EyNzlmNzQuYWNjZXNzIiwiaWF0IjoxNjkxMTA1MzA4LCJzdWIiOiIifQ.CKMs3SLKw4n5Ga843mcfOxv4NKdNRZctmQZoqF--VsPoNsbK8kg9Mj05B2FRGrWoI8Esj2NRRAjwFX_6CrSexbxr4dZ9VhLqlze54MsQY1Tw2_m0Y0WFdD-097GwxwlnpheEQF5YMlMGb-ZTZ5KKCuyIj9nKx_aTZpuX4mVxCg284oBY7VpqopIV5TXtmUMLRCfdIz0X0nwHtwBuMbGxVI2lF2S_SPCWsCUc0tkk40ksK-P3cjw23AvgNnUqGj4nF1Zib6bY-gkJZhkqjVe0c0sPyiT3XH0bLN_8t00z-oFsBVf2bq30zjotWAwU5cC6rwIBmf4BBdA-xlVUFRzEUw