phi.cfd Open in urlscan Pro
164.92.82.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phi.cfd/
Effective URL:
https://phi.cfd/
Submission: On October 01 via api (October 1st 2023, 3:12:32 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 164.92.82.225, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is phi.cfd.
TLS certificate: Issued by R3 on August 7th 2023. Valid for: 3 months.

This is the only time phi.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	164.92.82.225 164.92.82.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2606:4700:303... 2606:4700:3038::6815:e9e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	3

14 164.92.82.225 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 884234.cloudwaysapps.com

phi.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:e9e2 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

icons.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	phi.cfd 1 redirects phi.cfd	287 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 23087	307 KB
1	duckduckgo.com icons.duckduckgo.com — Cisco Umbrella Rank: 211019	3 KB
18	3

	Domain	Requested by
14	phi.cfd	1 redirects phi.cfd
4	rsms.me	phi.cfd rsms.me
1	icons.duckduckgo.com	phi.cfd
18	3

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
youtube.com

Subject Issuer	Validity	Valid
phi.cfd R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
rsms.me E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://phi.cfd/
Frame ID: 60187D8382FFD31EEECA9C4E3A35227F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PHI Collection Free Data - Track your visitors in realtime, without compromising their privacy.

Page URL History Show full URLs

http://phi.cfd/ HTTP 301
https://phi.cfd/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

597 kB
Transfer

1214 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/phiexchange

Search URL Search Domain Scan URL

URL: https://twitter.com/phi_network

Search URL Search Domain Scan URL

URL: https://instagram.com/phi__network

Search URL Search Domain Scan URL

URL: https://youtube.com/@phinet

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phi.cfd/ HTTP 301
https://phi.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
phi.cfd/
Redirect Chain

http://phi.cfd/
https://phi.cfd/

56 KB
13 KB

766ms
380ms

Document
text/html

164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 780b3bdd71f982bbfe218a6da4879133d5c74561e8fb3acd569cbadc60823882

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache, private
content-encoding: gzip
content-length: 12508
content-type: text/html; charset=UTF-8
date: Sun, 01 Oct 2023 15:12:26 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 01 Oct 2023 15:12:25 GMT
Location: https://phi.cfd/
Server: nginx

GET
H2 200 app.js Show response
phi.cfd/js/ 186 KB
56 KB 196ms
195ms Script
application/javascript 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phi.cfd/js/app.js
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: ff67f7a877e7d56a12d6d0ed169289ec74e601c3835470b8f7aae422b123fb0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:47 GMT
server: nginx
etag: W/"63db198b-2e856"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 app.dark.css
phi.cfd/css/ 84 KB
15 KB 387ms
386ms Stylesheet
text/css 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phi.cfd/css/app.dark.css
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: fe3fad62e3a0822025c3691fef17e95135c2c270bd650dc5d80dc7c8d253eae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:47 GMT
server: nginx
etag: W/"63db198b-1503a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 script.js Show response
phi.cfd/js/ 729 B
634 B 386ms
384ms Script
application/javascript 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phi.cfd/js/script.js
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:47 GMT
server: nginx
etag: W/"63db198b-2d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 inter.css
rsms.me/inter/ 5 KB
1 KB 214ms
73ms Stylesheet
text/css 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-fastly-request-id: 2b696cbe2de028334f1d79fe3c05d5cc74d4cfc9
date: Sun, 01 Oct 2023 15:12:26 GMT
via: 1.1 varnish
content-encoding: br
expires: Wed, 20 Sep 2023 01:32:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-bma1628-BMA
last-modified: Tue, 12 Sep 2023 00:37:37 GMT
server: cloudflare
x-github-request-id: CF24:D145:137E846:13E7898:64FFB426
x-timer: S1694479606.041609,VS0,VE113
etag: W/"64ffb2d1-1490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=485YC6gaDBhVFCJqD%2B5H05ttwtpTGicfQ1K6MwR0Rgbjaj%2FGjBrU3og8KnSoWTOBUOKPlufQWO9bl2TOWDUjEWZJnZv7kPR9%2FuOuSRN7afHfgpocl%2FpEFPw4rKmaHaHwruVyedF9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 80f5a4d5ad759909-ARN
x-cache-hits: 1

GET
H2 200 KpGnvzaQeCITQ2Zd8aNIYJL3BactMnEjVhAVuukI.png
phi.cfd/uploads/brand/ 86 KB
87 KB 386ms
384ms Image
image/png 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/uploads/brand/KpGnvzaQeCITQ2Zd8aNIYJL3BactMnEjVhAVuukI.png
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 042069af71b3b6e9c23fee14bb268139a8ad29ced88108e242b22cfa3d6cde85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: "63db197c-15964"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 88420

GET
H2 200 hero.png
phi.cfd/images/ 89 KB
89 KB 386ms
385ms Image
image/png 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/hero.png
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 1aa3d9ea475925e329ebf9bb36ef47ca823cc6547241598aeb2b5effe3d3f022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: "63db197c-162d5"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 90837

GET
H2 200 www.google.com.ico
icons.duckduckgo.com/ip3/ 5 KB
3 KB 183ms
44ms Image
image/x-icon 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icons.duckduckgo.com/ip3/www.google.com.ico

Requested by

Host: phi.cfd
URL: https://phi.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
x-duckduckgo-moreinfo: See https://duckduckgo.com/duckduckgo-help-pages/privacy/favicons/
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
expires: Tue, 31 Oct 2023 15:12:26 GMT

GET
H2 200 us.svg
phi.cfd/images/icons/countries/ 4 KB
863 B 387ms
386ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/icons/countries/us.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-116d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 de.svg
phi.cfd/images/icons/countries/ 213 B
324 B 387ms
386ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/icons/countries/de.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-d5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 desktop.svg
phi.cfd/images/icons/devices/ 406 B
407 B 387ms
386ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/icons/devices/desktop.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: b31dc3260a12863796a1231374c1034bf539ec10a54b239a4e9a80ad4dd698b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-196"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 chrome.svg
phi.cfd/images/icons/browsers/ 5 KB
1 KB 387ms
387ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/icons/browsers/chrome.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: d44e1597028e1112888029e2c7a518a1d9d59aa92986226c2095f926b6538f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-1428"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 windows.svg
phi.cfd/images/icons/os/ 205 B
348 B 387ms
387ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/icons/os/windows.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: fa1523249f496acde1e810dd4c5ff9ec9aef5dafa279fb55eb99b325411b184f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-cd"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 background.svg
phi.cfd/images/ 387 KB
23 KB 372ms
372ms Image
image/svg+xml 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phi.cfd/images/background.svg
Requested by: Host: phi.cfd
URL: https://phi.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 56cc5468e28e3f351ccd9ddaf4187099a2ffa314577431cff460c66e2835e30b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://phi.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 02:01:32 GMT
server: nginx
etag: W/"63db197c-60d8c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 97 KB
97 KB 415ms
211ms Font
font/woff2 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://phi.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-fastly-request-id: 87c400316f67882c066960a3bd183da8ccb8afae
date: Sun, 01 Oct 2023 15:12:27 GMT
via: 1.1 varnish
expires: Tue, 12 Sep 2023 00:48:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 98868
x-served-by: cache-qpg1254-QPG
last-modified: Tue, 12 Sep 2023 00:37:33 GMT
server: cloudflare
x-github-request-id: D7C8:21FE:1CB062:1F4413:64FFB3B8
x-timer: S1696173147.041489,VS0,VE1
etag: "64ffb2cd-18234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyDMIiq5YQps2ds5rzVLN8Gy1SVP8xvOPMAFNQzARUy%2FZV1mVRzj1Dxbwi13qh78dGuX985qQB%2BxCVeVqPaxAkwyfmsvS7a1dHc2OXFZVzDfEtwMlqfE6VJvY9i84SwlRBPjPVly"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 80f5a4d8faa79f8b-SIN
x-cache-hits: 4

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 103 KB
104 KB 1052ms
848ms Font
font/woff2 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://phi.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-fastly-request-id: ac491287aef3614aeec8f8e0d40f66c653ca7ea1
date: Sun, 01 Oct 2023 15:12:27 GMT
via: 1.1 varnish
expires: Tue, 12 Sep 2023 00:48:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 105924
x-served-by: cache-qpg1223-QPG
last-modified: Tue, 12 Sep 2023 00:37:33 GMT
server: cloudflare
x-github-request-id: 8E52:36F4:18DB15:1B6E7F:64FFB3B9
x-timer: S1696173147.048043,VS0,VE1
etag: "64ffb2cd-19dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDPkjXD1IQE9wq0uus8j6tY6BklcU%2FuGYzgta%2B360z0CD2bo37HPl6Sy6shDua%2FgeSivp2kkZsuYAXkOvjSvuf6BJsUxAMeUZFJC2bWH8%2FQN6naEBYpDfbSzCCXLxWk2r%2Bvyc6Db"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 80f5a4d8faa99f8b-SIN
x-cache-hits: 2

GET
H3 200 Inter-Bold.woff2
rsms.me/inter/font-files/ 104 KB
104 KB 1394ms
1191ms Font
font/woff2 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Bold.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://phi.cfd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-fastly-request-id: 4d512a8d7c420e7e7537fe078658085e7ef1273a
date: Sun, 01 Oct 2023 15:12:27 GMT
via: 1.1 varnish
expires: Tue, 12 Sep 2023 00:51:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: HIT
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 106140
x-served-by: cache-qpg1266-QPG
last-modified: Tue, 12 Sep 2023 00:37:33 GMT
server: cloudflare
x-github-request-id: 536C:71AC:1907C3:1B9B44:64FFB3B9
x-timer: S1696173147.043089,VS0,VE1
etag: "64ffb2cd-19e9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHQNqqIYBUJCAwidCTfMYaq8Q6eiwrVEMv0f%2FjuIMHU0JtEAOesMkuDkwc4Nd%2Fm15RPfdGWn36i7rRo%2FsRCp6w2Zav%2Bql6qfT7kX%2BTzS25ErTrA%2FhCMQY0tJWaykHeTTEOBsopHE"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 80f5a4d8faac9f8b-SIN
x-cache-hits: 4

POST
H2 200 event Show response
phi.cfd/api/ 3 B
301 B 340ms
340ms XHR
text/html 164.92.82.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phi.cfd/api/event
Requested by: Host: phi.cfd
URL: https://phi.cfd/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 164.92.82.225 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 884234.cloudwaysapps.com
Software: nginx /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://phi.cfd/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sun, 01 Oct 2023 15:12:26 GMT
content-encoding: gzip
server: nginx
age: 0
x-ratelimit-remaining: 59
vary: Origin,Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://phi.cfd
x-cache: MISS
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
accept-ranges: bytes
content-length: 23

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			phi.cfd/	1970-01-20 15:09:40	Name: XSRF-TOKEN Value: eyJpdiI6ImEyMWhIUDNPYjZ6bnlraFV6N3lKTXc9PSIsInZhbHVlIjoiM1NUVTBjMHlvaGN0UE16eEg1UkJlSFVNMEdsTkNLWlwvMHRhKzAwNmErRU0wNitwQnFGaG5hTEQ3U2pNazB5MjloclptZkRKeW10WlB5UXM0QmowXC9xYzdXXC92QWtjOHBRVDhYQ29YbkpiaGpzakFSc0NSQmhJZm1tcmp4dzlqQmIiLCJtYWMiOiI2ZjMxNGNmMDAyMzYyNmFjNDVhZTE0MmFkYjQ4ZGViY2RjZjI2NjMxOWYzM2YwOTY0ZmRiMTI5OWQwN2E2YmVkIn0%3D
			phi.cfd/	1970-01-20 15:09:40	Name: phpanalytics_session Value: eyJpdiI6IkdJYVdZbEpXSlc1dEYyQzFYMm1NcWc9PSIsInZhbHVlIjoiczduXC9lM0lsTzg1dWkyMldVTU5vWUlsYm5BWWFNRzQ5blVvOThxbzVoYlpkYkx2eENoS1c0bjFcLzN1MVpBcHl1OFBXcllIT1NpMkhxTFZkRkkyRHpleGtrOEYwRk5lWm54V09ucFczNHhrOTBBOTRLejRIN1wvQVdjZnFzNVZNMHUiLCJtYWMiOiJlZjVkMzFmOTVmNTcwODgxYzlhMmVhODUzYjA4MGY2NTI1OGFjMTQ2NTc1ZWM5NTA3NGIwYWEyZmQ4NDU0OWNlIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

icons.duckduckgo.com
phi.cfd
rsms.me
164.92.82.225
2606:4700:3038::6815:e9e2
40.114.178.124
042069af71b3b6e9c23fee14bb268139a8ad29ced88108e242b22cfa3d6cde85
1aa3d9ea475925e329ebf9bb36ef47ca823cc6547241598aeb2b5effe3d3f022
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
56cc5468e28e3f351ccd9ddaf4187099a2ffa314577431cff460c66e2835e30b
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
780b3bdd71f982bbfe218a6da4879133d5c74561e8fb3acd569cbadc60823882
b31dc3260a12863796a1231374c1034bf539ec10a54b239a4e9a80ad4dd698b2
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5
d44e1597028e1112888029e2c7a518a1d9d59aa92986226c2095f926b6538f39
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
fa1523249f496acde1e810dd4c5ff9ec9aef5dafa279fb55eb99b325411b184f
fe3fad62e3a0822025c3691fef17e95135c2c270bd650dc5d80dc7c8d253eae3
ff67f7a877e7d56a12d6d0ed169289ec74e601c3835470b8f7aae422b123fb0d

phi.cfd Open in urlscan Pro 164.92.82.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

597 kBTransfer

1214 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Indicators

phi.cfd Open in urlscan Pro
164.92.82.225 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

597 kB
Transfer

1214 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions