urlscan.io logo urlscan.io
SecurityTrails logo

philip.red Open in urlscan Pro
142.132.157.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://philip.red/
Effective URL: https://philip.red/
Submission: On November 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 142.132.157.27, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is philip.red.
TLS certificate: Issued by E6 on October 31st 2024. Valid for: 3 months.
This is the only time philip.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    142.132.157.27 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hstin.io
philip.red
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net
www.gstatic.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 philip.red
philip.red
61 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
firebase.googleapis.com — Cisco Umbrella Rank: 3928
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 617
33 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
171 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
143 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
21 5
Domain Requested by
7 philip.red philip.red
3 fonts.gstatic.com fonts.googleapis.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
2 www.gstatic.com philip.red
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com philip.red
1 ajax.googleapis.com philip.red
21 9

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
philip.red
E6		 2024-10-31 -
2025-01-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://philip.red/
Frame ID: B30FB73B516FB817AD9A1B839D96A46D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

philip rothstein

Page URL History Show full URLs

  1. http://philip.red/ HTTP 307
    https://philip.red/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

407 kB
Transfer

750 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://philip.red/ HTTP 307
    https://philip.red/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
philip.red/
Redirect Chain
  • http://philip.red/
  • https://philip.red/
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
de92ddea2b04d6a34fd15cb001c55e7857c8ceb46b97469bae083c351dde19d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 08 Nov 2024 14:30:29 GMT
etag
W/"64d8a917-fd8"
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red

Redirect headers

Location
https://philip.red/
Non-Authoritative-Reason
HttpsUpgrades
style.css
philip.red/assets/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/css/style.css
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
a73837b7314661d7d5e98a3ff27d39ac574d28755bdc43277807ffa71521b19f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-141e"
accept-ranges
bytes
content-length
5150
date
Fri, 08 Nov 2024 14:30:29 GMT
content-type
text/css
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
logo_minimal_small.png
philip.red/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/logo_minimal_small.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
b63ae7a4b319a850c2d59c33fde7c5f41598df6d034567dca6a5a82528b634d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-1af5"
accept-ranges
bytes
content-length
6901
date
Fri, 08 Nov 2024 14:30:29 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
github.png
philip.red/assets/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/github.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
6b63ae6493e441423cc823328a1c1e8b2c1637d165a4a0b732d6c03a2392f730

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3999"
accept-ranges
bytes
content-length
14745
date
Fri, 08 Nov 2024 14:30:29 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
instagram.png
philip.red/assets/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://philip.red/assets/images/instagram.png
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
98d6a626df1ee601c288648cc6bba23405a012485c27f6b354becbd1c8d36ce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3c27"
accept-ranges
bytes
content-length
15399
date
Fri, 08 Nov 2024 14:30:29 GMT
content-type
image/png
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
168988
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:34:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:34:01 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29671
x-xss-protection
0
server
sffe
firebase-app.js
www.gstatic.com/firebasejs/8.2.7/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.7/firebase-app.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
d724ac33c11bcd1370b942694aba2dcda57175cfe64c00858ba4eb125516f581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
312020
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 23:50:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 23:50:09 GMT
last-modified
Thu, 11 Feb 2021 22:14:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
6565
x-xss-protection
0
server
sffe
firebase-analytics.js
www.gstatic.com/firebasejs/8.2.7/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
d5dac2dfbdf92775666a838329a01f77c6480b038466db349dd7e3b89f44b45a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
age
278369
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 09:11:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 09:11:00 GMT
last-modified
Thu, 11 Feb 2021 22:14:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
10752
x-xss-protection
0
server
sffe
app.js
philip.red/assets/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/js/app.js
Requested by
Host: philip.red
URL: https://philip.red/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
784f17d477eba3dfa297a238127646f9ec23d2d7c3b73f4c30d7bdf5beeba403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-9e5"
accept-ranges
bytes
content-length
2533
date
Fri, 08 Nov 2024 14:30:29 GMT
content-type
application/javascript
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red
css2
fonts.googleapis.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Requested by
Host: philip.red
URL: https://philip.red/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
475a0dbb3099560b80f2bc61bf09e32760e16489122a8bcf8bfc485c89212238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 14:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 14:30:30 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 14:30:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
304891
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 01:48:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 01:48:59 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
167719
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:55:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:55:11 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Material+Icons&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://philip.red
Referer
https://fonts.googleapis.com/

Response headers

age
169212
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:30:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:30:18 GMT
last-modified
Thu, 14 Dec 2023 02:49:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10180
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
428936e3d7ebb97cbafedc58302f4a09b44e41f2037b54d0de43a2e1687e2d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 08 Nov 2024 14:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 14:30:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
53089
x-xss-protection
0
server
Google Tag Manager
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/ 		292 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f1018603de631437694aa0a3938f3662a23a368dd52f51422d6aff188d047ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAs4fz9JEdRzStUwteLGGgR0fN_qwXPbnA
Referer
https://philip.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://philip.red
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
date
Fri, 08 Nov 2024 14:30:30 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:558189598937:web:102f943e71792eccc946c8/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://philip.red
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://philip.red
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 08 Nov 2024 14:30:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/philip-red/ 		625 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/philip-red/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.7/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb553687653f24eb8afd0822facf88c5036eb6101620c48ff376f340d0030ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyAs4fz9JEdRzStUwteLGGgR0fN_qwXPbnA
Referer
https://philip.red/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://philip.red
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
date
Fri, 08 Nov 2024 14:30:31 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
installations
firebaseinstallations.googleapis.com/v1/projects/philip-red/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/philip-red/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://philip.red
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://philip.red
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 08 Nov 2024 14:30:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		253 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F7DSMG8XK2&l=dataLayer&cx=c&gtm=453e4b70za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9e43968d8c6c7f0f81a2c85b9a72d1786d559462d5208e74f805b27b89aafa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 08 Nov 2024 14:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 14:30:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92605
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F7DSMG8XK2&gtm=45je4b70v869051010za200&_p=1731076230625&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&_fid=dSQ-Br91AplyLnOMRQlf54&cid=502328302.1731076231&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731076230&sct=1&seg=0&dl=https%3A%2F%2Fphilip.red%2F&dt=philip%20rothstein&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1760
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7DSMG8XK2&l=dataLayer&cx=c&gtm=453e4b70za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://philip.red
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 14:30:30 GMT
content-type
text/plain
server
Golfe2
favicon.ico
philip.red/assets/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://philip.red/assets/favicon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.132.157.27 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hstin.io
Software
openresty /
Resource Hash
68b730fd57c165e22340fd0d72e266e492a19889d2bd593978792a5a964af69d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://philip.red/

Response headers

etag
"64d8a917-3aee"
accept-ranges
bytes
content-length
15086
date
Fri, 08 Nov 2024 14:30:30 GMT
content-type
image/x-icon
last-modified
Sun, 13 Aug 2023 09:57:43 GMT
server
openresty
x-served-by
philip.red

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.philip.red/ Name: _ga_F7DSMG8XK2
Value: GS1.1.1731076230.1.0.1731076230.0.0.0
.philip.red/ Name: _ga
Value: GA1.1.502328302.1731076231

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
philip.red
region1.google-analytics.com
www.googletagmanager.com
www.gstatic.com
142.132.157.27
172.217.16.195
2001:4860:4802:32::36
216.58.212.163
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2008
2a00:1450:4001:829::200a
2a00:1450:4001:830::200a
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
428936e3d7ebb97cbafedc58302f4a09b44e41f2037b54d0de43a2e1687e2d78
475a0dbb3099560b80f2bc61bf09e32760e16489122a8bcf8bfc485c89212238
4f1018603de631437694aa0a3938f3662a23a368dd52f51422d6aff188d047ad
68b730fd57c165e22340fd0d72e266e492a19889d2bd593978792a5a964af69d
6b63ae6493e441423cc823328a1c1e8b2c1637d165a4a0b732d6c03a2392f730
784f17d477eba3dfa297a238127646f9ec23d2d7c3b73f4c30d7bdf5beeba403
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
98d6a626df1ee601c288648cc6bba23405a012485c27f6b354becbd1c8d36ce0
a73837b7314661d7d5e98a3ff27d39ac574d28755bdc43277807ffa71521b19f
b63ae7a4b319a850c2d59c33fde7c5f41598df6d034567dca6a5a82528b634d2
d5dac2dfbdf92775666a838329a01f77c6480b038466db349dd7e3b89f44b45a
d724ac33c11bcd1370b942694aba2dcda57175cfe64c00858ba4eb125516f581
de92ddea2b04d6a34fd15cb001c55e7857c8ceb46b97469bae083c351dde19d3
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e9e43968d8c6c7f0f81a2c85b9a72d1786d559462d5208e74f805b27b89aafa0
eb553687653f24eb8afd0822facf88c5036eb6101620c48ff376f340d0030ce0