urlscan.io logo urlscan.io
SecurityTrails logo

www.executiveplanexit.com Open in urlscan Pro
75.126.84.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.executiveplanexit.com/
Effective URL: https://www.executiveplanexit.com/web-source/index.php
Submission: On May 10 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 75.126.84.18, located in Dallas, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is www.executiveplanexit.com.
TLS certificate: Issued by executiveplanexit.com on May 9th 2019. Valid for: a year.
This is the only time www.executiveplanexit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 75.126.84.18 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.0.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
22 5
18    75.126.84.18 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 12.54.7e4b.ip4.static.sl-reverse.com
www.executiveplanexit.com
1    2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
script.crazyegg.com
1    151.101.0.217 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
player.vimeo.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
18 www.executiveplanexit.com 1 redirects www.executiveplanexit.com
2 fonts.gstatic.com www.executiveplanexit.com
1 player.vimeo.com www.executiveplanexit.com
1 script.crazyegg.com www.executiveplanexit.com
1 fonts.googleapis.com www.executiveplanexit.com
22 5
Subject Issuer Validity Valid
executiveplanexit.com
executiveplanexit.com		 2019-05-09 -
2020-05-08		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-20 -
2019-09-18		 9 months crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA		 2018-08-24 -
2020-04-02		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.executiveplanexit.com/web-source/index.php
Frame ID: 6C5BCDEE34EF43729E71668EC88A3DD9
Requests: 21 HTTP requests in this frame

Frame: https://player.vimeo.com/video/306514039
Frame ID: B2B9E0A1888DC86F789B5FCB66E387C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.executiveplanexit.com/ HTTP 302
    https://www.executiveplanexit.com/web-source/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^CE2$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

22
Requests

23 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

713 kB
Transfer

773 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.executiveplanexit.com/ HTTP 302
    https://www.executiveplanexit.com/web-source/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.executiveplanexit.com/web-source/
Redirect Chain
  • https://www.executiveplanexit.com/
  • https://www.executiveplanexit.com/web-source/index.php
33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
cb313f67db111c2f08b1bc63bc9876302805dc7e385e01c54730206a5b62ade9

Request headers

Host
www.executiveplanexit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:05 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 10 May 2019 07:19:05 GMT
Server
Apache
Location
/web-source/index.php
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		9 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
096dbb7610012838994ab7fbc8637b6c97d877ddf155be4ee3332d11676e84ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 May 2019 07:19:05 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 10 May 2019 07:19:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 10 May 2019 07:19:05 GMT
bootstrap.min.css
www.executiveplanexit.com/web-source/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/bootstrap.min.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:29:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
121200
font-awesome.min.css
www.executiveplanexit.com/web-source/css/fonts/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/fonts/font-awesome.min.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
31000
select2.min.css
www.executiveplanexit.com/web-source/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/select2.min.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:29:54 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15196
navigation.css
www.executiveplanexit.com/web-source/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/navigation.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
62a2e797855ebf63dee598e0020e7e892e2d511600ecda47f88f64e9599c92f7

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:29:53 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4754
custom.css
www.executiveplanexit.com/web-source/css/ 		66 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/custom.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
12344f0000ad5e3312ae4c0f79b983dcd6cd109f7de00a0cfb6249bf90a0f759

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:29:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67231
responsive.css
www.executiveplanexit.com/web-source/css/ 		624 B
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/responsive.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
898ec6926ceb05945dcf048fb2a68757e107af88dcbff0bd27b77b20a1404b15

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:29:54 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
624
logo-equity.png
www.executiveplanexit.com/web-source/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.executiveplanexit.com/web-source/images/logo-equity.png
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
fbc99a7e8cbb456f19bcdb5975cc390814bc21dbe0f8348a97075d2258868e49

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
14668
manda-2-white.png
www.executiveplanexit.com/web-source/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.executiveplanexit.com/web-source/images/manda-2-white.png
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
a3366382f8927156a8576c38d45f62004e86dc88013dc9da5e3f84cc924b7793

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:06 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
29953
jquery.min.js
www.executiveplanexit.com/web-source/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/js/jquery.min.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
c64139bd185ff2c98f4fb16ab118c60324453333865893ad9959ea76fd0c36bd

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:13 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
86862
bootstrap.min.js
www.executiveplanexit.com/web-source/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/js/bootstrap.min.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:11 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
37045
jquery.validate.min.js
www.executiveplanexit.com/web-source/js/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/js/jquery.validate.min.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
f42ddc56311bf8063a8f95c517aad698225ca4e85956bd87f88fe49a306769e9

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:13 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47674
additional-methods.min.js
www.executiveplanexit.com/web-source/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/js/additional-methods.min.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:11 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
17799
select2.full.min.js
www.executiveplanexit.com/web-source/js/ 		73 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/js/select2.full.min.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:15 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
74922
0326.js
script.crazyegg.com/pages/scripts/0072/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0072/0326.js
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3419c360e5a041195dca026664ca39e50fb56c22a5a70096d4c702f07980558a

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 May 2019 07:19:06 GMT
via
1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
cf-polished
origSize=84863
x-cache
Miss from cloudfront
status
200
content-encoding
gzip
last-modified
Wed, 17 Apr 2019 13:03:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private, max-age=300
cf-ray
4d4a2497294d63e3-FRA
x-amz-cf-id
8b5F_VGZeRnH1ch8L9q8CKzAjVTSIX7gzEzWMPbbGICLl1xQPHwo1g==
cf-bgj
minify
306514039
player.vimeo.com/video/ Frame B2B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/306514039
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.executiveplanexit.com/web-source/index.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.executiveplanexit.com/web-source/index.php

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Fri, 10 May 2019 17:10:48 GMT
Via
1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-1
X-Vimeo-DC
ge
Content-Length
6356
Accept-Ranges
bytes
Date
Fri, 10 May 2019 07:19:06 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-bwi5133-BWI, cache-hhn1524-HHN
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-Timer
S1557472746.161384,VS0,VE112
Vary
Accept-Encoding
font.css
www.executiveplanexit.com/web-source/css/fonts/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/css/fonts/font.css
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
8cbee485a1dbac4cb990332c43261af7dc1582fc8388919809fe62671297d73f

Request headers

Referer
https://www.executiveplanexit.com/web-source/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:17 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9751
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800
Origin
https://www.executiveplanexit.com

Response headers

date
Mon, 25 Mar 2019 20:19:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:05:58 GMT
server
sffe
age
3927548
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:58 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v13/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800
Origin
https://www.executiveplanexit.com

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:07:24 GMT
server
sffe
age
3927573
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13612
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
fontawesome-webfont.woff2
www.executiveplanexit.com/web-source/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.executiveplanexit.com/web-source/css/fonts/font.css
Origin
https://www.executiveplanexit.com

Response headers

Date
Fri, 10 May 2019 07:19:06 GMT
Last-Modified
Mon, 04 Feb 2019 11:30:01 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
77160
mail_function.php
www.executiveplanexit.com/web-source/includes/ 		354 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.executiveplanexit.com/web-source/includes/mail_function.php
Requested by
Host: www.executiveplanexit.com
URL: https://www.executiveplanexit.com/web-source/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.84.18 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
12.54.7e4b.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
ae9b90da482eae807f80b399a93490c14d6c4c95b408d3d202a1ac424658918b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.executiveplanexit.com/web-source/index.php
Origin
https://www.executiveplanexit.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 10 May 2019 07:19:07 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
354
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| updateTrackDetails function| isiPhone function| openNav function| closeNav object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store

3 Cookies

Domain/Path Name / Value
player.vimeo.com/ Name: muxData
Value: mux_viewer_id=49ab9e89-6889-49e7-baf8-bd11a682fada&msn=0.9267088889007731&sid=a0c2069e-3f2d-4f90-962d-2648849c362a&sst=1557472746590&sex=1557474246590
.vimeo.com/ Name: vuid
Value: pl1573226506.848182919
player.vimeo.com/video Name: loglevel
Value: WARN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
player.vimeo.com
script.crazyegg.com
www.executiveplanexit.com
151.101.0.217
2606:4700::6813:9408
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
75.126.84.18
096dbb7610012838994ab7fbc8637b6c97d877ddf155be4ee3332d11676e84ed
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
12344f0000ad5e3312ae4c0f79b983dcd6cd109f7de00a0cfb6249bf90a0f759
15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3419c360e5a041195dca026664ca39e50fb56c22a5a70096d4c702f07980558a
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
62a2e797855ebf63dee598e0020e7e892e2d511600ecda47f88f64e9599c92f7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
898ec6926ceb05945dcf048fb2a68757e107af88dcbff0bd27b77b20a1404b15
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8
8cbee485a1dbac4cb990332c43261af7dc1582fc8388919809fe62671297d73f
a3366382f8927156a8576c38d45f62004e86dc88013dc9da5e3f84cc924b7793
ae9b90da482eae807f80b399a93490c14d6c4c95b408d3d202a1ac424658918b
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c64139bd185ff2c98f4fb16ab118c60324453333865893ad9959ea76fd0c36bd
cb313f67db111c2f08b1bc63bc9876302805dc7e385e01c54730206a5b62ade9
f42ddc56311bf8063a8f95c517aad698225ca4e85956bd87f88fe49a306769e9
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbc99a7e8cbb456f19bcdb5975cc390814bc21dbe0f8348a97075d2258868e49