potato.id Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tajoxkqo.ujmxy.my.id/
Effective URL:
https://potato.id/posts/secure-surfing-practice/
Submission: On May 18 via api (May 18th 2024, 12:06:36 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 63 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is potato.id.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.

This is the only time potato.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3035::ac43:b303	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3038::6815:ea23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3034::6815:1adf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	76.223.126.88 76.223.126.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
3	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:402a:80e::2003	15169 (GOOGLE) (GOOGLE)
63	16

2 2606:4700:3035::ac43:b303 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tajoxkqo.ujmxy.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea23 (United States)

ASN13335 (CLOUDFLARENET, US)

file.gifan.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

potato.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::6815:1adf (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.126.88 (United States)

ASN16509 (AMAZON-02, US)

giscus.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.224.31.34 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:402a:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	233 KB
19	potato.id 1 redirects potato.id	940 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1385 Failed h.clarity.ms — Cisco Umbrella Rank: 5942 Failed	55 KB
4	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 4530	26 KB
2	gstatic.com fonts.gstatic.com csi.gstatic.com	48 KB
2	giscus.app giscus.app — Cisco Umbrella Rank: 142382	3 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	59 KB
2	ujmxy.my.id 1 redirects tajoxkqo.ujmxy.my.id	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 231	763 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	gifan.id file.gifan.id — Cisco Umbrella Rank: 536210	5 KB
63	12

	Domain	Requested by
19	potato.id	1 redirects file.gifan.id potato.id static.cloudflareinsights.com
17	pagead2.googlesyndication.com	potato.id pagead2.googlesyndication.com
4	www.clarity.ms	potato.id www.clarity.ms
4	ka-f.fontawesome.com	file.gifan.id
3	h.clarity.ms	www.clarity.ms
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	giscus.app	potato.id giscus.app
2	c.clarity.ms
2	static.cloudflareinsights.com	potato.id
2	cdn.jsdelivr.net	tajoxkqo.ujmxy.my.id
2	tajoxkqo.ujmxy.my.id	1 redirects
1	csi.gstatic.com	pagead2.googlesyndication.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	potato.id
1	file.gifan.id	tajoxkqo.ujmxy.my.id
63	16

This site contains links to these domains. Also see Links.

Domain
addons.mozilla.org
chrome.google.com
nextdns.io
dnscrypt.info
www.instagram.com
linkedin.com
t.me
github.com
gohugo.io

Subject Issuer	Validity	Valid
ujmxy.my.id GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
gifan.id GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
potato.id GTS CA 1P5	`2024-03-22` - `2024-06-20`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
giscus.app R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://potato.id/posts/secure-surfing-practice/
Frame ID: CBB7D04DB14DE9AFEAAF902A429F7DD5
Requests: 50 HTTP requests in this frame

Frame: https://potato.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 7F8143823DFAB94F8EDCC35B3BEB8898
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html
Frame ID: DE55553ADA055BF06EEFB421C0B7EF30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716033991&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991291&bpp=19&bdt=826&idt=546&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2525449620744&rume=1&frm=20&pv=2&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=569
Frame ID: 53AB0E9715715312820B85D9B18EFE0A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=406&slotname=1889468337&adk=1808615975&adf=336132784&pi=t.ma~as.1889468337&w=678&abgtt=6&cr_col=4&cr_row=2&fwrn=2&lmt=1716033991&rafmt=9&format=678x406&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991310&bpp=2&bdt=844&idt=555&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=568
Frame ID: 2C3BEE015BEF1768DA1D20BF40D1AB1F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=3731951021&adf=2409359077&pi=t.aa~a.1043414356~rp.1&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033991&rafmt=1&to=qs&pwprc=3642452345&format=1080x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991312&bpp=1&bdt=847&idt=592&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406&nras=2&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=594
Frame ID: E36A6BB48227CEBC467113CD8EDD6C3D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=20262191&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280&nras=3&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Frame ID: 16221EABD739E30CD32FE16CBEE8D47E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=1054887471&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280&nras=4&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=2291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Frame ID: 01E4312E7C6D2020FBB24FD1D0E11F95
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=2302229807&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280&nras=5&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=3121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=16
Frame ID: 49096ECE6A12D274F44E511F00C85FFD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=4155785341&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1812&idt=0&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280&nras=6&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=21
Frame ID: 15517785F3E278960D871A31E6263CA1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=2469676883&pi=t.aa~a.4100099414~rp.4&w=326&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992309&bpp=1&bdt=1844&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280%2C678x280&nras=7&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=18
Frame ID: 4C67AB131A12F77A32C3951871AA4A27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=502417739&pi=t.aa~a.722397601~rp.4&w=326&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992309&bpp=1&bdt=1843&idt=0&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280%2C678x280%2C326x250&nras=8&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2234&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=29
Frame ID: 03C5B3A1348F873A5645B33C04DB8BC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C85E91896F64319B750E42E13F7E86D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Surfing Practice - Ardi Jonias Fortuna # potato

Page URL History Show full URLs

https://tajoxkqo.ujmxy.my.id/ HTTP 302
https://tajoxkqo.ujmxy.my.id/verify.php Page URL
https://potato.id/i/ Page URL
https://potato.id/posts/secure-surfing-practice/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

92 %
HTTPS

81 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

1377 kB
Transfer

2381 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/
Title: Firefox install

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee?hl=en
Title: Chrome install

Search URL Search Domain Scan URL

URL: http://nextdns.io/
Title: nextdns.io

Search URL Search Domain Scan URL

URL: https://dnscrypt.info/public-servers/
Title: dnscrypt

Search URL Search Domain Scan URL

URL: https://www.instagram.com/joniasfortuna
Title: Instagram

Search URL Search Domain Scan URL

URL: https://linkedin.com/in/joniasfortuna
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://t.me/laztname
Title: Telegram

Search URL Search Domain Scan URL

URL: https://github.com/laztname
Title: GitHub

Search URL Search Domain Scan URL

URL: https://gohugo.io/
Title: Hugo

Search URL Search Domain Scan URL

URL: https://github.com/Vimux/Mainroad/
Title: Mainroad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tajoxkqo.ujmxy.my.id/ HTTP 302
https://tajoxkqo.ujmxy.my.id/verify.php Page URL
https://potato.id/i/ Page URL
https://potato.id/posts/secure-surfing-practice/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tajoxkqo.ujmxy.my.id/ HTTP 302
https://tajoxkqo.ujmxy.my.id/verify.php

Request Chain 32

https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://potato.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&RedC=c.clarity.ms&MXFR=002ECD445A3267E90E30D9C75E326919 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&MUID=31F6104D107F6DF815BD04CE11AD6CAA

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

verify.php Show response
tajoxkqo.ujmxy.my.id/
Redirect Chain

https://tajoxkqo.ujmxy.my.id/
https://tajoxkqo.ujmxy.my.id/verify.php

2 KB
1 KB

32ms
32ms

Document
text/html

2606:4700:3035::ac43:b303
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tajoxkqo.ujmxy.my.id/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b303 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86bea46b40d7875d0d33aa219ff6a53ffce28c4e64aea1ab9726ff1fa8677299

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 885bb8b01989691f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 May 2024 12:06:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8m%2Bt8%2BDidgBkejzXCJcmaPY4PQ9lbO9DAZnffi%2Ba41zZibHtaFM58J0iMtRcXoVLT%2FfVqdUFWrAcx010vlWB8dnHAsQXrch6%2FYEcOjnNsEMCYLmU2LeSuOBylN8keNtSP5q4kF5EHka6ulDtxjPr6Qhd0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 885bb8afc930691f-FRA
content-type: text/html; charset=UTF-8
date: Sat, 18 May 2024 12:06:29 GMT
location: verify.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hfv0vhEfi2rwJ%2BaugNEFAev%2FSwwvWmGax6aK8rQ%2FRrbS4FsCGQHbwvtdCm4t5ySpTYEVGqDTT0f33QjSCAQAVNT8gmWh164gEPnW8%2BAWUQf9zhDqg%2BEMMf1ZuQuXt2HgNdgCSdo8LN5oe%2F0AMDX7teO6WA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ 227 KB
34 KB 65ms
23ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css

Requested by

Host: tajoxkqo.ujmxy.my.id
URL: https://tajoxkqo.ujmxy.my.id/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Origin: https://tajoxkqo.ujmxy.my.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 12:06:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1480207
x-jsd-version: 5.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34728
x-served-by: cache-fra-eddf8230089-FRA
x-jsd-version-type: version
etag: W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 fontawesome.js
file.gifan.id/ 11 KB
5 KB 451ms
27ms Script
application/javascript 2606:4700:3038::6815:ea23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.gifan.id/fontawesome.js

Requested by

Host: tajoxkqo.ujmxy.my.id
URL: https://tajoxkqo.ujmxy.my.id/verify.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 356887
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 May 2024 03:01:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2jb7lrJtLVVAZ9tFLuz%2B1O0yrAYd9MU2MlsguF1PccrEoFVjtlJt5oQb8nUAXdD61BdkdzClIuhYPzSScESYZ%2B9jUBMI8qmYuldqM%2BfLphb8xoaalq9Wd8SeS0LhwWVduPsaTID%2FhaM50lj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 885bb8b2ff313a60-FRA
expires: Tue, 21 May 2024 08:58:22 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ 79 KB
25 KB 64ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: tajoxkqo.ujmxy.my.id
URL: https://tajoxkqo.ujmxy.my.id/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Origin: https://tajoxkqo.ujmxy.my.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 May 2024 12:06:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1419056
x-jsd-version: 5.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25082
x-served-by: cache-fra-eddf8230089-FRA
x-jsd-version-type: version
etag: W/"13b1c-zlT4XyePvNXLIpL5wYbu32PNz4g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 /
potato.id/i/ 3 KB
2 KB 550ms
450ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/i/

Requested by

Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://tajoxkqo.ujmxy.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 10440
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 885bb8b4382c1c6d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 May 2024 12:06:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIs6ae3dfBuKsynB5jTIQuqGLmuplUxbx16wI8N6KuwDept%2Bf5Djv0jrNGnYbEVaaI%2BYcKMJQOO3j8jcb9Tg0MEeZt8oc2pXHa6davAuoYyT46H4pjklbyuN7Pu6w98d5KVs81gj22E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HY5SHBGEEP0S4EYR32C05YMN

GET
H3 200 free.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 88 KB
19 KB 85ms
25ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:29 GMT
content-encoding: gzip
via: 1.1 ca53f639bef01f344039a9cea8b984e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
age: 9951
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"345f5ecc270c94968998574a2d37e31a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOOQr3b3a7Eovm%2BWZsuc1NFiUCOR54revKRZ8Il5%2FeLDK0URXPCpFAlzxKoHwE6Bkt2jzWizFEp83WyYIu6SIrK8jRKYwkR8%2BhYtL9e33UhkTbCLGVMLpzAGDLBKk8xY3xT1MpCkvNrrj%2Bi8BzgfKFp2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 885bb8b3aabc920b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 2I7m8nb8TNo_SGq3A-9F1-aR4ABah54FGTVgNzZCiKPpEw90XU7F5w==

GET
H3 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 26 KB
5 KB 79ms
21ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:29 GMT
content-encoding: gzip
via: 1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 9951
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WTG6E0GdwPwAwSy%2BNybn0%2BMQ9%2BmYxZORhJBhDrCZtYA4KxH5wsRPcJ%2BlMKeDJQLV0ZSIERDp9xKD0sK%2BXenkPL5Qwo6Ka7Q1vy8QILb5eDBvOMPtBAb%2B6BgzffXXLwUmXVnpeWaTPKl4%2F%2BsqKkwp%2FuUYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 885bb8b3aab9920b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YiUX0f2cdOZfTWvI2GL9COsKZw-TcwpXP37mbhqS_dYDpvUY2eNldQ==

GET
H3 200 free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 823 B
967 B 82ms
23ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:29 GMT
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 9951
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"e8ee688b3310772b65f39c69b76f4720"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8Cc2Rv01Dcdrgvrds2M4Im1FvYgPCj%2FOfmxyZtaDfLCS49ArA5l2CyQ3zLq0b98XFSFdRMUgr%2FYP9%2FVJ7G4D40zBmodGoFThZGWG12ePCcB0cXqtbZseL7wlwHlMJDotWGiWy3465eJm1onlCkrXL%2Bciw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 885bb8b3aabd920b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xPDHwUWFALaDZPLB8G87tcv-BHbPYZ7ksxZKAi60imQgaTs0wm2Srw==

GET
H3 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 2 KB
1 KB 79ms
22ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://tajoxkqo.ujmxy.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:29 GMT
content-encoding: gzip
via: 1.1 4e56f2db762d3ef43c44c76cad53cb72.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 9951
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEgnFwcdmclM9CLSUEzasO50K1DSXZ6lRyV0P7BJny1R4HeSEvFNrNDAFTeh%2BQF5H3leicWalyIH55OxZq97WwznAqFvsRamzbLsqxke8%2FgcLd4AKnXt9foD7BAurGUtZD7OdmypxWzLXu6s6X3NIwZ0HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 885bb8b3aac1920b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: byWS0rDtIQUL7ucZ5uxkcE18Aih5gqlEjA3iDyF5sSUCa4b9obz8Pw==

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 104ms
47ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: potato.id
URL: https://potato.id/i/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:30 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 885bb8b76bc3039a-FRA

GET
H2 200 ii5leisvaz
www.clarity.ms/tag/ 655 B
1020 B 146ms
107ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ii5leisvaz
Requested by: Host: potato.id
URL: https://potato.id/i/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 18 May 2024 12:06:30 GMT
x-azure-ref: 20240518T120630Z-1675f555588dtzwmrykm847mf800000002kg0000000031cd
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 655
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 Primary Request / Show response
potato.id/posts/secure-surfing-practice/ 23 KB
8 KB 163ms
163ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/posts/secure-surfing-practice/

Requested by

Host: potato.id
URL: https://potato.id/i/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d41051be54b6562e8d83879cb42b58ba7fa32086b3ac2d40e32f7981c2dac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/i/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 10170
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 885bb8b76b741c6d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 May 2024 12:06:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZ02IeS5o1faDiOnE9d3TTQRX0X6GjwqHz1aRKoWVGvvee2b02EjnfcHG8ctQlSgT72qPETBZE4vUkaogtqiHKuqh%2Bu80LCxtWEL831Wx5Xfk1Y8UpNKQ8ng0Ez0BWhK%2FyZvYMqpDE8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HY5SHBQEHM5S1B17S81JEHS4

GET
H2 200 clarity.js
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 17ms
16ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ii5leisvaz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:30 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240518T120630Z-1675f555588dtzwmrykm847mf800000002kg0000000031cs
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a195999b-701e-0001-4508-a77107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET c.gif
c.clarity.ms/ 0
0

POST collect
h.clarity.ms/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 62ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 May 2024 12:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 May 2024 11:39:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 May 2024 12:06:30 GMT

GET
H3 200 style.css
potato.id/css/ 14 KB
4 KB 652ms
652ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/css/style.css

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f417c1307e3d102ebf6c605a1861797e7b303441a5a5846f757e60f061f3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWSGYV21T9YARJAH0AC95KVA
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=17761
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"f79b1e9dec003155f93640807a8b8499-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BdoEwF2S2Ybfvj7uP4BeZ3iaQ6XfolxfTf%2B7OYrFWCu7RGkhCMLG3xoa4IEldzDxils9ekYpMwXwfbkuQOM26p0VPHtslXvaMA%2FaSG%2B1uqjfbFDmHg7VPUNtxVFVkj62BDFWoTfFhH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 885bb8b87c841c6d-FRA
priority: u=0,i=?0

GET
H3 200 custom.css
potato.id/css/ 534 B
865 B 653ms
653ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/css/custom.css

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7671e56f330d9824493d6167a67ee1cd789f6c323a7363b5d8a8d0cea9c3de1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWSGYV26E3M84RPACSZNDD2W
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=546
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"46da36f1f7a0362ce6ac70032c30eaa6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hRKXdfIeTU1wI%2FMWtvXggTATCryKk5q1dnhIL8fRTCCRaSneSynq2nKfZXZ%2FekAVE4M%2BSNZAkm4SnRdOsdndcJr9SUx8k10tUewKca7ir8kcdXh9PUWvLEo8d6%2BzKBcwP8QY5Msxbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 885bb8b87c851c6d-FRA
priority: u=0,i=?0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
51 KB 118ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1926937123072670

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68cf6520d68a437203f191bd91270f8b14a3942590803271f23d2868629c2fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52413
x-xss-protection: 0
server: cafe
etag: 972720538433717388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 18 May 2024 12:06:31 GMT

GET
H3 200 block-malwarebytes.png
potato.id/img/internet/ 20 KB
21 KB 212ms
211ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/internet/block-malwarebytes.png

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8866ce3485f598631817938bc78aa0a6bb9512da552f297bf12e5ed9fa868b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX6K0MQJ08GSTSHY7G5JXTAZ
date: Sat, 18 May 2024 12:06:30 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20625
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "2275dc2f54e63e2385a4d41df44b6218-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoyvr07z78qn2VS4NIixoWj3j48urUO9fm93gnXkgtZPFrpLqwPcpmzFtOq8dpyuetNGpiTJEwuCwklh4gTn2WfZDj%2FeusWjTZT2N4eof7Lg6760dD8wxUFW4LJvZhzT2ij9h2dmN5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8b87c861c6d-FRA
priority: u=2,i

GET
H3 200 satu-dua.png
potato.id/img/internet/ 11 KB
12 KB 220ms
220ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/internet/satu-dua.png

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ca3b537077c98096703e1b4a0fa3698e7baa8e7b6039bfa3fd9a8485c93e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX6K0MRPPC60JHTC1Y2K62P1
date: Sat, 18 May 2024 12:06:30 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11371
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "6ff4bbf69a17b22bfb63be3d002e46a5-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SH4k4qIuVCWBo6mcpdOkbH8YCuonFOatPBPkB3%2FSmiasrX2yaDP0HQJHGeTuScbxUrz8VW2llt6tDjDd71GrgZEzskhra2TBYCOBo7Slp%2FRgcuJKL6s6yPkwOJxijjBcPuUXjx%2FxyEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8b87c881c6d-FRA
priority: u=2,i

GET
H3 200 disable-save-password.png
potato.id/img/internet/ 160 KB
160 KB 615ms
615ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/internet/disable-save-password.png

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05734c390df2122425b1bbe9f4e1ab4f5c60936fac7c552717274f1c4b82aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX6K0MTC40NR217KNCAXF8QB
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 163378
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "7fbf6c77bb2e317d77fa21ab73758365-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoqH2cM06lm3QSDi2ScG1Cp3WR7p9nTIP847zcAVkEDJYNKmIpgglB4BX7%2B3LO%2FFCtlYXz1JUGRISUrEouyvBpYnQF2HKBoXVl7057erUaUT5WzyAWzfIOaHPQ6vmWl0PncUfiTPa9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8b9de181c6d-FRA
priority: u=2,i

GET
H3 200 avatar.webp
potato.id/img/ 480 KB
480 KB 199ms
198ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/avatar.webp

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77c166a0d34fd08e34b45f6588d4359449bc929d3040c84e18f5b2d0e665c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWSKRATN9VNVKDCKQX140AE9
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 491014
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "e703ae69bfac446bd7e05f597b7e2a05-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKpRp6eg2y6VG1kOShY7%2BjTCM4MhFcAQby631mxAkS4MOAPvfNTYOLp0%2FrfQDN2Dghq%2FyzA1%2BFo%2FibZw5e%2BzftTe5dbeypx%2FDR0KH%2FsQ%2BlRfXA74vrbmJ6aSvbbfWBWcYKRnnFN3emM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8bc89031c6d-FRA
priority: u=3,i

GET
H2 200 client.js Show response
giscus.app/ 3 KB
2 KB 159ms
11ms Script
application/javascript 76.223.126.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://giscus.app/client.js

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.126.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

515f4abaa2766ee799fc599df471f9d5a9e2bf2c88aef25a96ba5c10c66d98e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=63072000
age: 1133008
x-dns-prefetch-control: on
content-disposition: inline; filename="client.js"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: fra1::fj4h6-1716033991277-1b5d6c649539
x-matched-path: /client.js
etag: W/"fb36d577c8e4b935676d8f79e6ddca40"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=604800
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()

GET
H3 200 email-decode.min.js Show response
potato.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 May 2024 13:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66436af9-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLgo36Y%2F9E9SC79%2F%2BXajnNqItita4Ab1p6vD2jEgtdzkWpRdFtNKAPP5q1DwUMId7zMavKk543SOKuxTQLde4CWIW8MsfLmUxaaNrYD%2BJ7YQM%2BaUWvc6enfnOBw%2FkHu6OKSf%2BXpPf5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 885bb8b9de191c6d-FRA
expires: Mon, 20 May 2024 12:06:30 GMT

GET
H3 200 menu.js Show response
potato.id/js/ 646 B
890 B 214ms
214ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/js/menu.js

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f72e1c588c6c9cb16f0d06f54072cbef2fd20eb69f5d99e69a26c7e6c39c61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXYQ67PFMFS3X3KZSZ894XPA
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=723
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"64ad636f06232693dc7d808051843887-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ceo2rbYezgJHyVrgPVeFP1Bixs1lK%2FeF9zgqa66TUaf60Jv0SiUqrkLyIumGKIIQjWgaXqM6LIHHbj35Scc6D8vGLxkhWYTTGYcPb2uvhvmyWwx6VVBgqmJjfiDzmKXUoMsTOeG3DyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 885bb8bc89041c6d-FRA
priority: u=3,i=?0

GET
H3 200 custom.js Show response
potato.id/js/ 81 B
657 B 210ms
209ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/js/custom.js

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea47201764cbfad25b594c422ad4e7c3481fc40444135a4e59ba77b8c2ded1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXS0BATZFM4BTZWV3R5RBYST
date: Sat, 18 May 2024 12:06:30 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=82
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: W/"e8b0ed910c95be99f862a0344c9fb865-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4BW8D2%2BLBezKdr59L33I39dF9vLnIoCUvfKCXLs48grOgCN6oOpzfW5FLZFqFgzYoqxhgpMUTs%2Bz3jZUQ0kRNu4Oqc%2B3SJzm0Kd34a%2FdrTIBID6xCTM3Mv3R%2BY1cC0JmBfo43TajkvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 885bb8b9fe301c6d-FRA
priority: u=2,i=?0

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 0ms
0ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:30 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 885bb8b76bc3039a-FRA

GET
H2 200 ii5leisvaz Show response
www.clarity.ms/tag/ 655 B
910 B 195ms
189ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ii5leisvaz
Requested by: Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 33baff1d9c620db3aa804f413d1da97b7e4c943fe998b79c9f27e6943581fba0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 18 May 2024 12:06:31 GMT
x-azure-ref: 20240518T120631Z-1675f555588dtzwmrykm847mf800000002kg0000000031ef
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 655
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 loading.gif
potato.id/img/ 33 KB
33 KB 216ms
215ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/loading.gif

Requested by

Host: potato.id
URL: https://potato.id/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7c97e841d19536893b8a0b2c7020eef3cf322d564ac13ecce69d9609b93d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/css/custom.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWSGYVGRFJE96WWV39WZX4GK
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33404
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "b8ffd11c9e306221d33e26a219080c10-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mg9cnCQXXXQ1IHhjCUi%2FQP7vR81r7n2%2FdFq74tICTQr4cZRuRgrjarIKJtX%2FNRdXHRw05XU%2BZqagLL8HyaIM%2B%2BjlcxTBI0IRYst4HawSsuafms%2BuZhQULHTEqb3AsO7V%2B1vRqESXaEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8bcb9391c6d-FRA
priority: u=3,i

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 100ms
19ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 386138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 00:50:53 GMT

GET
H3 200 internet-surf.jpg
potato.id/img/internet/ 180 KB
181 KB 504ms
503ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/internet/internet-surf.jpg

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783d6d340f42be7d92d08991f7866aa5668d79ff1f7f1983861ebbf4d0291fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXK8Z0YP33JSH6D1GYPX5DEN
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 184450
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "ec37ccd5fcd7fabad2e2b52c296b8ae3-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2Q5Zq1iJcSGm4FHFId1Ccc8PvlvFNaPhLC6KieCDrECLjpg48XURIb0Tv3grFW1nPNm%2BEb2JUrQOvN8IayyjQVjvchFKDj%2BqCYEPUnZQGEK9orA9qgOC4Yj64hstveUpuvGZx9V8SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8bcf98c1c6d-FRA
priority: u=3,i

GET
H3 200 home.jpg
potato.id/img/ 23 KB
23 KB 203ms
202ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/home.jpg

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f478c2ba4fcf47d0214d05d046189970e39b54f74936bc1e659fdbbd039a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWSGYVGDK2EG6W2JMW259N9H
date: Sat, 18 May 2024 12:06:31 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23186
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4c2e3c221b798162b0d2ae29e95106bd-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXkaAqU5jS67pNtmhE3DHHN%2BjCYje6t8JD1qv7skUERJWk%2F%2FDPuBPxOG%2BO08lwHtuBUifaADbK9Gkp1BtHbtgr5p1YaSpA1myLORrVo03h8ybL%2FH6Gq4yjXay2jOx4AqbRwnOF7Sx1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 885bb8bcf98f1c6d-FRA
priority: u=3,i

GET
H3

200

main.js Show response
potato.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 7F81
Redirect Chain

https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://potato.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

8 KB
4 KB

33ms
32ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641d7b1124d0424969c6904c898ab3a718df9f4c8bdd38f05aff0b367c5c7574

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sat, 18 May 2024 12:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD90kS7LOcRCWhj1G2qkjoL%2BqPeOXiyBE3MVxqhN%2B827QHs%2BBeH5aaaevvR9rGSKsnv0fb%2BdZ4IZNM%2FKEU012KzYCUWZSadq2%2Fn80PXuV54oiWbP4VMtUuvlUWJkobO7wUsO9CG2Irc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 885bb8bd8a461c6d-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Sat, 18 May 2024 12:06:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw53mbZ2985ChSRCdxAiisksXKcLQDQ21CRbks6KUpWwo7dp16QhIoR8ehNLxh8SgIuhkSHwIA%2FKbKoZGprv1P5f9ZD3XwYZChrXg8l8TycFNxmlaXPDFn4T8vaegPEpZvl%2FeBIp2tU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control: max-age=300, public
cf-ray: 885bb8bd29cc1c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i=?0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 415 KB
140 KB 81ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1926937123072670&plah=potato.id&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1926937123072670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

869dd9882458cc1f0391772969cdaa3e13ef2c4ceac8342ef4a7f46d11ed5f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143579
x-xss-protection: 0
server: cafe
etag: 724519602271714662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 May 2024 12:06:31 GMT

GET
H2 200 default.css
giscus.app/ 167 B
632 B 33ms
14ms Stylesheet
text/css 76.223.126.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://giscus.app/default.css

Requested by

Host: giscus.app
URL: https://giscus.app/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.126.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5bb2bf782368f14b713a7db2ad175e9aa46aedd92b1d22c89247ee15aaf748d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
date: Sat, 18 May 2024 12:06:31 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 1145076
x-dns-prefetch-control: on
content-disposition: inline; filename="default.css"
content-length: 167
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: fra1::b7hrr-1716033991340-dd2d2f318aa9
x-matched-path: /default.css
etag: "32f1ebcfdc7031e5e36e7ecce39c2aee"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges: bytes

POST
H3 200 885bb8b76b741c6d Show response
potato.id/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7F81 0
605 B 42ms
41ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://potato.id/cdn-cgi/challenge-platform/h/b/jsd/r/885bb8b76b741c6d
Requested by: Host: potato.id
URL: https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 May 2024 12:06:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nrotnLtUdOx%2F44TZJ%2FmN7D5xpwtYphjPWhXgwiK3CIC45O%2FCgffwjoeY3RajceZkSdQHlsYI1bqpjA31fdtuJbP7noVv8L9BshTykQcJgmMyHRWlJ3IjGAS7cEpP9u20tAGlcIrV04%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 885bb8c03db21c6d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1,i

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 20ms
17ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ii5leisvaz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:31 GMT
content-encoding: br
last-modified: Thu, 16 May 2024 17:36:24 GMT
etag: W/"0x8DC75CEB51199C7"
vary: Accept-Encoding
x-azure-ref: 20240518T120631Z-1675f555588dtzwmrykm847mf800000002kg0000000031fu
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d379cb22-801e-0015-34db-a73968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240515/r20110914/ 60 KB
23 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240515/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1926937123072670&plah=potato.id&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2dc56e246b992bd88e572e9c94963f5ddaa9919254cdcb66c3156fc32171f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 04:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23120
x-xss-protection: 0
server: cafe
etag: 4870173243350855795
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jun 2024 04:32:33 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/ Frame DE55 0
0 69ms
31ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240515/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 33714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 02:44:37 GMT
etag: 5035419970550746386
expires: Sat, 01 Jun 2024 02:44:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 53AB 0
0 220ms
183ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716033991&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991291&bpp=19&bdt=826&idt=546&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2525449620744&rume=1&frm=20&pv=2&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=569

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 1013
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loading&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 12:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loading&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: potato.id
URL: https://potato.id/posts/secure-surfing-practice/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 12:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 2C3B 0
0 267ms
232ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=406&slotname=1889468337&adk=1808615975&adf=336132784&pi=t.ma~as.1889468337&w=678&abgtt=6&cr_col=4&cr_row=2&fwrn=2&lmt=1716033991&rafmt=9&format=678x406&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991310&bpp=2&bdt=844&idt=555&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=568

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 30560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame E36A 0
0 526ms
492ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=3731951021&adf=2409359077&pi=t.aa~a.1043414356~rp.1&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033991&rafmt=1&to=qs&pwprc=3642452345&format=1080x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033991312&bpp=1&bdt=847&idt=592&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406&nras=2&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=594

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
h.clarity.ms/ 0
289 B 112ms
111ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Sat, 18 May 2024 12:06:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 1622 0
0 242ms
236ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=20262191&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280&nras=3&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=1414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15342
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 01E4 0
0 273ms
264ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=1054887471&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280&nras=4&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=2291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 4909 0
0 311ms
309ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=2302229807&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1811&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280&nras=5&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=3121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15372
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 1551 0
0 385ms
383ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=2939254720&adf=4155785341&w=678&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3642452345&ad_type=text_image&format=678x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rh=170&rw=678&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992277&bpp=1&bdt=1812&idt=0&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280&nras=6&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=4194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1408&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 4C67 0
0 405ms
405ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=2469676883&pi=t.aa~a.4100099414~rp.4&w=326&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992309&bpp=1&bdt=1844&idt=-M&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280%2C678x280&nras=7&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 03C5 0
0 392ms
383ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=502417739&pi=t.aa~a.722397601~rp.4&w=326&abgtt=6&fwrn=4&fwrnh=100&lmt=1716033992&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fsecure-surfing-practice%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716033992309&bpp=1&bdt=1843&idt=0&shv=r20240515&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C678x280%2C678x280%2C678x280%2C678x280%2C326x250&nras=8&correlator=2525449620744&rume=1&frm=20&pv=1&ga_vid=328805879.1716033992&ga_sid=1716033992&ga_hid=1369715148&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2234&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C95331711%2C95332415%2C31061691%2C31061692&oid=2&pvsid=1573279429225269&tmod=53189781&uas=0&nvt=1&ref=https%3A%2F%2Fpotato.id%2Fi%2F&fc=1920&brdim=1260%2C1170%2C1260%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15384
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 12:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1926937123072670&plah=potato.id&aplac=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 204
No Content collect Show response
h.clarity.ms/ 0
289 B 103ms
100ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Sat, 18 May 2024 12:06:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&RedC=c.clarity.ms&MXFR=002ECD445A3267E90E30D9C75E326919
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&MUID=31F6104D107F6DF815BD04CE11AD6CAA

42 B
442 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&MUID=31F6104D107F6DF815BD04CE11AD6CAA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 May 2024 12:06:32 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 18 May 2024 12:06:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B5E280463874D7AA5B41DADCA100629 Ref B: FRAEDGE2013 Ref C: 2024-05-18T12:06:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3DC9FD9E41CD4F32833E0DE762A683E7&MUID=31F6104D107F6DF815BD04CE11AD6CAA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
57ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240515&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3680315aab8a91feb30fb354c09b1ad5b9e3fad3377a7e31090c2a9dd1435b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12651
x-xss-protection: 0

POST
H3 204 rum Show response
potato.id/cdn-cgi/ 0
136 B 30ms
23ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 May 2024 12:06:33 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://potato.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 885bb8cbbba61c6d-FRA

GET
H3 200 favicon.ico
potato.id/ 99 KB
7 KB 224ms
223ms Other
image/vnd.microsoft.icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86c56bcfc566c5b55d34ec1f700f82044c1650134442c58caf7c5f8c377abed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/secure-surfing-practice/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXK97BBYR8GQATK2HEBE7014
date: Sat, 18 May 2024 12:06:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"3ab64fb7ce79217d174115c89c772563-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJYqjKxT5jy3%2FZdFDQkIYq76zSEPlYogjkdSGaWWRamKg51JdQ0dCNucReghYz%2FFk1yN%2FqZOUwl54VNbn7hqHOnYwlkY99zmnHkCqO9wGSUEUMbdpkV%2FBCLVO7IjUxzW5WV56tfYxyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=43200, must-revalidate
cf-ray: 885bb8cbbbbc1c6d-FRA
priority: u=1,i

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 May 2024 12:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 May 2024 12:06:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C85 0
0 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 7402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 May 2024 10:03:11 GMT
expires: Sun, 18 May 2025 10:03:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 104ms
41ms Ping
image/gif 2a00:1450:402a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lwc2byeo&c=1573279429225269&e=44759875%2C44759926%2C44759842%2C31083360%2C31083587%2C95331696%2C95331983%2C95330887%2C31083182%2C31061691%2C31061692&ctx=1&met.3=1000.sn_9__1~782.sl_c~1001.sk_c__1~164.sx~165.sf_j~247.sy~164.sz_1~165.sy_2~247.t0~248.t0~164.t0~165.sz_1~166.s4_w~1032.17k~326.17m_1~832.17o~868.17o~216.17k_5~215.17k_5~843.17j_6~889.186~639.18c~1032.18c~326.18d~832.18d~868.18d~216.18c_4~215.18c_4~889.18n~639.18t~1032.19f~326.19f~832.19f~868.19f~216.19f_1~215.19f_1~889.19h~639.19o~112.19w_1~993.1ja_2__3~992.1jc__3~994.1jc__3~991.1ja_3__3~990.1ja_3__3~353.1j8_4~453.1jf~754.1jg__8~995.1jg_2__8~247.1ji~248.1jj~1032.1jj~326.1jj~832.1jj~868.1jj~164.1jj_1~165.1ji_2~996.1ji_2__8~997.1ji_2__8~453.1jl~754.1jm__8~995.1jm_1__8~247.1jn~248.1jn~1032.1jn~326.1jo~832.1jo~868.1jo~164.1jn_2~165.1jn_2~996.1jn_2__8~997.1jn_2__8~453.1jp~754.1jp__8~995.1jp_1__8~247.1jq~248.1jq~1032.1jq~326.1jq~832.1jq~868.1jq~164.1jq_2~165.1jq_2~996.1jq_2__8~997.1jp_2__8~453.1js~754.1js__8~995.1js_1__8~247.1jt~248.1jt~1032.1jt~326.1jt~832.1jt~868.1jt~164.1jt_1~165.1js_1~996.1js_1__8~997.1js_1__8~453.1jt~754.1ju__8~995.1ju__8~998.1jf_f__8~889.1jw~889.1k3~889.1k9~889.1kd~639.1kj~639.1kj~639.1kj~639.1kj~453.1kk~754.1kk_1__r~995.1kk_1__r~247.1kl~248.1kl~1032.1kl~326.1km~832.1km~868.1km~164.1kl_1~165.1kl_1~996.1kl_1__r~997.1kl_1__r~453.1km~754.1km__r~995.1km_2__r~247.1ko~248.1ko~1032.1kp~326.1kp~832.1kp~868.1kp~164.1kp_2~165.1ko_2~996.1ko_2__r~997.1ko_2__r~998.1kj_7__r~889.1l5~889.1lf~639.1lo~639.1lo~453.1lo~998.1lo__10~453.1lp~453.1lp~453.1lp~454.1lq~454.1lq~454.1lq~453.1lq~753.1lr~168.1s9~168.1s9~168.1s9~168.1s9~168.1s9_5~168.1s9_5~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1se~168.1sf~168.1sf~168.1sf~168.1sf~168.1sf~168.1sf~168.1sf~168.1sf~168.1w0~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1w1~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0_1~168.1y0_1~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.1y7~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20v~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.20w~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.236~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.27s~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~168.28t~113.2ir_1&met.1=1.lwc2bx4s~2.5g~3.5g~6.l~7.l~8.l~9.l~10.l~12.u~13.5c~14.5h~15.5h~16.pn~17.pr~18.pr~19.2io~20.2io~21.2ip~22.sl~23.sl
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240515/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:402a:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 18 May 2024 12:06:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
h.clarity.ms/ 0
289 B 97ms
97ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Sat, 18 May 2024 12:06:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.clarity.ms
URL: https://c.clarity.ms/c.gif

Domain: h.clarity.ms
URL: https://h.clarity.ms/collect

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240515&jk=1573279429225269&bg=!UFOlUxzNAAaTdHvKs3Q7ADQBe5WfODTYZLfHfiGXYHx8dwEOHDlGTB-O2psxEXg6wNwX29lB8_7W1MsKWBs5NdTE6TiuAgAAAERSAAAAAWgBB34ANeTlCyP-JqIeGm2IVM6_PkrFepoYfyBIrIASs8bOn2Mw2_D8Dh-dDwq9Jjq6tJ6vih5w_49PmQKcp2L9SN0ERFmIvuAu4Ltiinq4ITpPCu-qEF36jc273ul8fOQUMX_yKwgyi2JxK0GjjXyrb1d1g5qWrFqaNU-vf_M3wYnYm2f9y-njOx6w-WyaHOGonkq467eFYsJain4JBv_NUuX_XV8oQHuy1wQvawmyq9qgkcLT4txO-7Y0eCZV5xIIKC24hGqucEsvdY2_2a544BvU_07ZYO-wEhrFNukNBPW1RhB7CJavsoAuOz0wZz4N-5r1svlAqVum9Xoy7ugkuJPScdGn51cFNAh6q0TZqgd3t7m0gBe7kDyVT7H8qZOEMCeF9tEiBqtpFD_MVibzPCsHcInRmLc-G_cFg8MMDwtcZ4nM9_lyDg-d77pjSXE2DsP_sYDxCeL3hOzqien1b8EnaiPGJJxvKvUNHFVaihe4_xCwJ49KBXE6PBjqTYSOptewQXUVAyv-NO08GUZQ1tTsSoP2p6EwmaR1mcrYRvczaMNc3BkYCRZ9XxhVXxrMIYq9mTkvuPv2XSPwawlQU4pj808o2F1gZXd8O4xcMlIaUY6JdXvcBIpeOVCx3LmNzpdzNJ1VmVE-8Wg4z0J0Ts-8J6lkoyvb-iizfCQ4R8nX8eIOPhK8pCAig48o70bvRXnWupCefaegu17Pth4VnbcpFrgq7-RU42wSNGs4x8Cp77PC2J2qeENnY3ke639oMNM8tcc8EpG_0rhTY4c_BYdxg0v78yiWch0TsnQXJEX0paAMY8xya3yVqzWT2aMkvDsnVJcwCm4s1OG7NGxk-x3NoJLhnkE8p7ylKn9vSt7O0V-FDDLtXqftUoA6TbrKZkJYuPlNWJCm5wQtm4S6eng7szQz3YjTIFoUAPy707CqNeu0sToaYfwN0Z1Wznwwc_QHbnBkNwo

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tajoxkqo.ujmxy.my.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 23236b09124b949b8feb10b2af58b4d5
www.clarity.ms/	1970-01-21 05:26:09	Name: CLID Value: eb32def8048848469462c3abe6e915c6.20240518.20250518
.potato.id/	1970-01-21 05:26:09	Name: _clck Value: 1ph9rs6%7C2%7Cflv%7C0%7C1599
.potato.id/	1970-01-21 05:26:09	Name: cf_clearance Value: gFA08h425napZleMZERCGrhioDDfZkuQAjZwNHEWPXI-1716033991-1.0.1.1-IRTgdsPjIseSXFbt0gyope1ure0CIlu67MXmlmP5Gz_RwZOe0HPUWSlMfCIGUlTroJgd7IxhicNvG46LZzE8PQ
.potato.id/	1970-01-20 20:42:00	Name: _clsk Value: 11xswz1%7C1716033992108%7C2%7C1%7Ch.clarity.ms%2Fcollect
.potato.id/	1970-01-21 00:59:45	Name: __eoi Value: ID=253b733d4537efa7:T=1716033991:RT=1716033991:S=AA-AfjZ1-YjhgxCFGEGDoJB-Lvl8
.criteo.com/	1970-01-21 06:02:09	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 06:02:09	Name: MUID Value: 31F6104D107F6DF815BD04CE11AD6CAA
.c.bing.com/	1970-01-20 20:50:38	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:02:09	Name: SRM_B Value: 31F6104D107F6DF815BD04CE11AD6CAA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:02:09	Name: MUID Value: 31F6104D107F6DF815BD04CE11AD6CAA
.c.clarity.ms/	1970-01-20 20:50:38	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:40:34	Name: ANONCHK Value: 0

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://potato.id/i/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/i/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/secure-surfing-practice/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
csi.gstatic.com
file.gifan.id
fonts.googleapis.com
fonts.gstatic.com
giscus.app
h.clarity.ms
ka-f.fontawesome.com
pagead2.googlesyndication.com
potato.id
static.cloudflareinsights.com
tajoxkqo.ujmxy.my.id
tpc.googlesyndication.com
www.clarity.ms
c.clarity.ms
h.clarity.ms
pagead2.googlesyndication.com
2606:4700:3034::6815:1adf
2606:4700:3035::ac43:b303
2606:4700:3038::6815:ea23
2606:4700::6810:5049
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:813::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:402a:80e::2003
2a04:4e42::485
2a06:98c1:3120::3
52.224.31.34
68.219.88.97
76.223.126.88
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
33baff1d9c620db3aa804f413d1da97b7e4c943fe998b79c9f27e6943581fba0
3680315aab8a91feb30fb354c09b1ad5b9e3fad3377a7e31090c2a9dd1435b37
36f417c1307e3d102ebf6c605a1861797e7b303441a5a5846f757e60f061f3ad
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f72e1c588c6c9cb16f0d06f54072cbef2fd20eb69f5d99e69a26c7e6c39c61f
515f4abaa2766ee799fc599df471f9d5a9e2bf2c88aef25a96ba5c10c66d98e5
5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f
5bb2bf782368f14b713a7db2ad175e9aa46aedd92b1d22c89247ee15aaf748d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641d7b1124d0424969c6904c898ab3a718df9f4c8bdd38f05aff0b367c5c7574
68cf6520d68a437203f191bd91270f8b14a3942590803271f23d2868629c2fdd
7671e56f330d9824493d6167a67ee1cd789f6c323a7363b5d8a8d0cea9c3de1c
76f478c2ba4fcf47d0214d05d046189970e39b54f74936bc1e659fdbbd039a46
783d6d340f42be7d92d08991f7866aa5668d79ff1f7f1983861ebbf4d0291fdc
869dd9882458cc1f0391772969cdaa3e13ef2c4ceac8342ef4a7f46d11ed5f77
86bea46b40d7875d0d33aa219ff6a53ffce28c4e64aea1ab9726ff1fa8677299
8866ce3485f598631817938bc78aa0a6bb9512da552f297bf12e5ed9fa868b40
93ca3b537077c98096703e1b4a0fa3698e7baa8e7b6039bfa3fd9a8485c93e60
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b86c56bcfc566c5b55d34ec1f700f82044c1650134442c58caf7c5f8c377abed
c05734c390df2122425b1bbe9f4e1ab4f5c60936fac7c552717274f1c4b82aa1
d2dc56e246b992bd88e572e9c94963f5ddaa9919254cdcb66c3156fc32171f1f
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d5d41051be54b6562e8d83879cb42b58ba7fa32086b3ac2d40e32f7981c2dac0
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
da7c97e841d19536893b8a0b2c7020eef3cf322d564ac13ecce69d9609b93d04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77c166a0d34fd08e34b45f6588d4359449bc929d3040c84e18f5b2d0e665c91
ea47201764cbfad25b594c422ad4e7c3481fc40444135a4e59ba77b8c2ded1d7
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

potato.id Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

92 %HTTPS

81 %IPv6

12 Domains

16 Subdomains

16 IPs

3 Countries

1377 kBTransfer

2381 kBSize

14 Cookies

10 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

potato.id Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

92 %
HTTPS

81 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

1377 kB
Transfer

2381 kB
Size

14
Cookies

63 HTTP transactions
0 data transactions