urlscan.io logo urlscan.io
SecurityTrails logo

philip.red Open in urlscan Pro
142.132.157.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://philip.red/
Effective URL: https://philip.red/
Submission: On November 03 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 142.132.157.27, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is philip.red.
TLS certificate: Issued by E6 on October 31st 2024. Valid for: 3 months.
This is the only time philip.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 142.132.157.27 24940 (HETZNER-AS)
1 142.250.186.170 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
1 142.250.185.170 15169 (GOOGLE)
3 142.250.185.227 15169 (GOOGLE)
2 142.250.186.104 15169 (GOOGLE)
2 172.217.18.106 15169 (GOOGLE)
2 172.217.18.10 15169 (GOOGLE)
1 216.239.32.178 15169 (GOOGLE)
21 9
7    142.132.157.27 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.27.157.132.142.clients.your-server.de
philip.red
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
ajax.googleapis.com
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
3    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net
firebase.googleapis.com
2    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
firebaseinstallations.googleapis.com
1    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 philip.red
philip.red
61 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
firebase.googleapis.com — Cisco Umbrella Rank: 3928
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 617
33 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
172 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
142 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 5
Domain Requested by
7 philip.red philip.red
3 fonts.gstatic.com fonts.googleapis.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
2 www.gstatic.com philip.red
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com philip.red
1 ajax.googleapis.com philip.red
21 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
philip.red
E6		 2024-10-31 -
2025-01-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://philip.red/
Frame ID: 8EB02FCE24B5A3A797A983D498808F94
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

philip rothstein

Page URL History Show full URLs

  1. http://philip.red/ HTTP 307
    https://philip.red/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

408 kB
Transfer

747 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://philip.red/ HTTP 307
    https://philip.red/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
philip.red/
Redirect Chain
  • http://philip.red/
  • https://philip.red/
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
de92ddea2b04d6a34fd15cb001c55e7857c8ceb46b97469bae083c351dde19d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 03 Nov 2024 09:54:13 GMT
etag
W/"64d8a917-fd8"
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red

Redirect headers

Location
https://philip.red/
Non-Authoritative-Reason
HttpsUpgrades
style.css
philip.red/assets/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/css/style.css
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
a73837b7314661d7d5e98a3ff27d39ac574d28755bdc43277807ffa71521b19f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-141e"
accept-ranges
bytes
content-length
5150
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
text/css
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
logo_minimal_small.png
philip.red/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/logo_minimal_small.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
b63ae7a4b319a850c2d59c33fde7c5f41598df6d034567dca6a5a82528b634d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-1af5"
accept-ranges
bytes
content-length
6901
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
github.png
philip.red/assets/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/github.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
6b63ae6493e441423cc823328a1c1e8b2c1637d165a4a0b732d6c03a2392f730

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3999"
accept-ranges
bytes
content-length
14745
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
instagram.png
philip.red/assets/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/instagram.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
98d6a626df1ee601c288648cc6bba23405a012485c27f6b354becbd1c8d36ce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3c27"
accept-ranges
bytes
content-length
15399
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
326046
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:07 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29671
x-xss-protection
0
server
sffe
firebase-app.js
www.gstatic.com/firebasejs/8.2.7/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.7/firebase-app.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
d724ac33c11bcd1370b942694aba2dcda57175cfe64c00858ba4eb125516f581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
468295
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Tue, 28 Oct 2025 23:49:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Oct 2024 23:49:18 GMT
last-modified
Thu, 11 Feb 2021 22:14:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
6565
x-xss-protection
0
server
sffe
firebase-analytics.js
www.gstatic.com/firebasejs/8.2.7/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
d5dac2dfbdf92775666a838329a01f77c6480b038466db349dd7e3b89f44b45a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
435197
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 09:00:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 09:00:56 GMT
last-modified
Thu, 11 Feb 2021 22:14:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
10752
x-xss-protection
0
server
sffe
app.js
philip.red/assets/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/js/app.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
784f17d477eba3dfa297a238127646f9ec23d2d7c3b73f4c30d7bdf5beeba403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-9e5"
accept-ranges
bytes
content-length
2533
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
application/javascript
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
css2
fonts.googleapis.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Requested by
Host: philip.red
URL: https://philip.red/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
475a0dbb3099560b80f2bc61bf09e32760e16489122a8bcf8bfc485c89212238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 09:54:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 09:54:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 03 Nov 2024 09:54:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
461115
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 01:48:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:48:59 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
323943
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:55:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:55:11 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
325436
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:30:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:30:18 GMT
last-modified
Thu, 14 Dec 2023 02:49:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10180
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1a95c7f3ba96002a595d7418a068212f92ae50fa603d9588b8094e64a2343262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 09:54:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 09:54:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
52690
x-xss-protection
0
server
Google Tag Manager
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/ 		292 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
ESF /
Resource Hash
4f1018603de631437694aa0a3938f3662a23a368dd52f51422d6aff188d047ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAs4fz9JEdRzStUwteLGGgR0fN_qwXPbnA
Referer
https://philip.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://philip.red
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
date
Sun, 03 Nov 2024 09:54:14 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://philip.red
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://philip.red
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 03 Nov 2024 09:54:14 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/philip-red/ 		625 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/philip-red/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
a723594710e05acafd7261361492351ceafe6b11e2eafb4a3526ca641c036ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAs4fz9JEdRzStUwteLGGgR0fN_qwXPbnA
Referer
https://philip.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://philip.red
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
487
date
Sun, 03 Nov 2024 09:54:14 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
installations
firebaseinstallations.googleapis.com/v1/projects/philip-red/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/philip-red/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://philip.red
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://philip.red
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 03 Nov 2024 09:54:14 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
favicon.ico
philip.red/assets/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.157.132.142.clients.your-server.de
Software
openresty /
Resource Hash
68b730fd57c165e22340fd0d72e266e492a19889d2bd593978792a5a964af69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3aee"
accept-ranges
bytes
content-length
15086
date
Sun, 03 Nov 2024 09:54:14 GMT
content-type
image/x-icon
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
js
www.googletagmanager.com/gtag/ 		251 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F7DSMG8XK2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
379e147637d80d95bfb20a78970304a13e359f695275969b66cc819ae7e3281a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 09:54:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 09:54:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91893
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-F7DSMG8XK2&gtm=45je4au0v869051010za200&_p=1730627654793&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&_fid=fm7vATSKh2mF9kjgPCxBSJ&cid=235138142.1730627655&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730627654&sct=1&seg=0&dl=https%3A%2F%2Fphilip.red%2F&dt=philip%20rothstein&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1773
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7DSMG8XK2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://philip.red
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 09:54:15 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.philip.red/ Name: _ga_F7DSMG8XK2
Value: GS1.1.1730627654.1.0.1730627654.0.0.0
.philip.red/ Name: _ga
Value: GA1.1.235138142.1730627655

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
philip.red
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
142.132.157.27
142.250.184.195
142.250.185.170
142.250.185.227
142.250.186.104
142.250.186.170
172.217.18.10
172.217.18.106
216.239.32.178
1a95c7f3ba96002a595d7418a068212f92ae50fa603d9588b8094e64a2343262
379e147637d80d95bfb20a78970304a13e359f695275969b66cc819ae7e3281a
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
475a0dbb3099560b80f2bc61bf09e32760e16489122a8bcf8bfc485c89212238
4f1018603de631437694aa0a3938f3662a23a368dd52f51422d6aff188d047ad
68b730fd57c165e22340fd0d72e266e492a19889d2bd593978792a5a964af69d
6b63ae6493e441423cc823328a1c1e8b2c1637d165a4a0b732d6c03a2392f730
784f17d477eba3dfa297a238127646f9ec23d2d7c3b73f4c30d7bdf5beeba403
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
98d6a626df1ee601c288648cc6bba23405a012485c27f6b354becbd1c8d36ce0
a723594710e05acafd7261361492351ceafe6b11e2eafb4a3526ca641c036ded
a73837b7314661d7d5e98a3ff27d39ac574d28755bdc43277807ffa71521b19f
b63ae7a4b319a850c2d59c33fde7c5f41598df6d034567dca6a5a82528b634d2
d5dac2dfbdf92775666a838329a01f77c6480b038466db349dd7e3b89f44b45a
d724ac33c11bcd1370b942694aba2dcda57175cfe64c00858ba4eb125516f581
de92ddea2b04d6a34fd15cb001c55e7857c8ceb46b97469bae083c351dde19d3
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6