potato.cheap Open in urlscan Pro
104.21.16.48  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response potato.cheap/	75 KB 52 KB	337ms 204ms	Document text/html	104.21.16.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potato.cheap/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.16.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6a56c15cb441f5fc86757ff27b1a80b769bb73bb1cbab78ef223679d4aef49b Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 8360eddd08ed6c6c-DFW content-encoding gzip content-type text/html; charset=utf-8 date Fri, 15 Dec 2023 19:00:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2PUQtCkUY4ibVEemIsRWnvaPCW0zsW6N8hnAza6YQxq57%2BJ4RoOTZCVULL5rxevF1iCF36aMmVECYVcr1U7h3bKcIu7xv4wC8sHt4zTBBW9l5IIaTFeJeowcEhc9Ms%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	css2 fonts.googleapis.com/	9 KB 3 KB	255ms 92ms	Stylesheet text/css	142.250.176.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Requested by Host: potato.cheap URL: https://potato.cheap/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f10.1e100.net Software ESF / Resource Hash 7b5724c466c15d8eec9c6605421a96d4b8b3dbc71a28dd67981411bc3331a610 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://potato.cheap/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 15 Dec 2023 19:00:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 15 Dec 2023 19:00:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 15 Dec 2023 19:00:23 GMT
GET DATA	200 OK	truncated /	33 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cd0131a50e4d279b8a9169fb3b834dc33b8212d5f195ecfe1bf6342005479ce3 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	15 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bf1eb1e8fbf9e58a2f2951e4abaff19c60d2eac5238ce33179f53ae60dbb2b5b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhitYWMfSfYg.woff2 fonts.gstatic.com/s/playpensans/v6/	23 KB 23 KB	384ms 219ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playpensans/v6/dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhitYWMfSfYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 5cc903c807d509fcedac7f2e8793ace06b18312c54b01faf5e608f21592a186b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://potato.cheap accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:37:39 GMT x-content-type-options nosniff age 73364 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23552 x-xss-protection 0 last-modified Mon, 04 Dec 2023 18:20:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Dec 2024 22:37:39 GMT
GET H2	200	dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhinM3FA.woff2 fonts.gstatic.com/s/playpensans/v6/	71 KB 72 KB	241ms 77ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playpensans/v6/dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhinM3FA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 7d8aab95d42b98a4f45d58a4bcb845a7c789b7677bbd66c6ede37c42dcb25b95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://potato.cheap accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 09:13:29 GMT x-content-type-options nosniff age 208014 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72712 x-xss-protection 0 last-modified Mon, 04 Dec 2023 18:20:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Dec 2024 09:13:29 GMT
GET H2	200	rP2bp3im_k8G_wTVdvvMdHqmXTR3lEaL-MKT3ZOY.woff2 fonts.gstatic.com/s/rubikdoodleshadow/v1/	111 KB 112 KB	372ms 208ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubikdoodleshadow/v1/rP2bp3im_k8G_wTVdvvMdHqmXTR3lEaL-MKT3ZOY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 4f60fd02fcc3629aaa62c0ae8cf4512f2b31b243f51f0052dda7eec6d5d22926 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://potato.cheap accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 15 Dec 2023 18:15:18 GMT x-content-type-options nosniff age 2705 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 114080 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:04:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Dec 2024 18:15:18 GMT
GET H2	200	dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhig83FMmm.woff2 fonts.gstatic.com/s/playpensans/v6/	59 KB 59 KB	355ms 197ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playpensans/v6/dg43_pj1p6gXP0gzAZgm4c8XQArSU7ACQSn4IvRhig83FMmm.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 1595e9c54c7cf112d26dc36a12428aedb89fd2e6442abd9b695a353757b666db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://potato.cheap accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:58:02 GMT x-content-type-options nosniff age 72141 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60000 x-xss-protection 0 last-modified Mon, 04 Dec 2023 18:20:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Dec 2024 22:58:02 GMT
GET H2	200	rP2bp3im_k8G_wTVdvvMdHqmXTR3lEaL-KyT3Q.woff2 fonts.gstatic.com/s/rubikdoodleshadow/v1/	205 KB 205 KB	323ms 173ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubikdoodleshadow/v1/rP2bp3im_k8G_wTVdvvMdHqmXTR3lEaL-KyT3Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Playpen+Sans:wght@400&family=Rubik+Doodle+Shadow&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash e1676ad3af3f95a27950ad35d76fc9d8e536214ddb81f841628e64b39b5b1076 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://potato.cheap accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 23:08:40 GMT x-content-type-options nosniff age 71503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 210116 x-xss-protection 0 last-modified Thu, 14 Dec 2023 01:59:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Dec 2024 23:08:40 GMT

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
potato.cheap
104.21.16.48
142.250.176.202
142.251.40.131
1595e9c54c7cf112d26dc36a12428aedb89fd2e6442abd9b695a353757b666db
4f60fd02fcc3629aaa62c0ae8cf4512f2b31b243f51f0052dda7eec6d5d22926
5cc903c807d509fcedac7f2e8793ace06b18312c54b01faf5e608f21592a186b
7b5724c466c15d8eec9c6605421a96d4b8b3dbc71a28dd67981411bc3331a610
7d8aab95d42b98a4f45d58a4bcb845a7c789b7677bbd66c6ede37c42dcb25b95
a6a56c15cb441f5fc86757ff27b1a80b769bb73bb1cbab78ef223679d4aef49b
bf1eb1e8fbf9e58a2f2951e4abaff19c60d2eac5238ce33179f53ae60dbb2b5b
cd0131a50e4d279b8a9169fb3b834dc33b8212d5f195ecfe1bf6342005479ce3
e1676ad3af3f95a27950ad35d76fc9d8e536214ddb81f841628e64b39b5b1076