potato.id Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jbd8hg.ktt55.my.id/
Effective URL:
https://potato.id/posts/hacking-phishing-as-a-service/
Submission: On April 29 via api (April 29th 2024, 8:00:09 pm UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 71 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is potato.id.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.

This is the only time potato.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3031::ac43:af4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.58.157 162.19.58.157	16276 (OVH) (OVH)
1 7	162.19.88.69 162.19.88.69	16276 (OVH) (OVH)
2	172.67.189.18 172.67.189.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.234.35 104.21.234.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 24	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
11	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	76.223.126.88 76.223.126.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
71	19

5 2606:4700:3031::ac43:af4c (United States)

ASN13335 (CLOUDFLARENET, US)

jbd8hg.ktt55.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.19.88.69 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3221384.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.189.18 (United States)

ASN13335 (CLOUDFLARENET, US)

bagasarya.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.35 (None, )

ASN13335 (CLOUDFLARENET, US)

file.gifan.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

potato.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.126.88 (United States)

ASN16509 (AMAZON-02, US)

giscus.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	potato.id 1 redirects potato.id	1 MB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	208 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 v.clarity.ms — Cisco Umbrella Rank: 849872 c.clarity.ms — Cisco Umbrella Rank: 1371	28 KB
7	postimg.cc 1 redirects i.postimg.cc — Cisco Umbrella Rank: 18584	748 KB
5	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 4267	150 KB
5	ktt55.my.id jbd8hg.ktt55.my.id	39 KB
3	giscus.app giscus.app — Cisco Umbrella Rank: 139964	3 KB
2	gstatic.com fonts.gstatic.com	67 KB
2	bagasarya.xyz bagasarya.xyz — Cisco Umbrella Rank: 552182	41 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	760 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 817	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	gifan.id file.gifan.id — Cisco Umbrella Rank: 496786	5 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 11175	51 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
71	15

	Domain	Requested by
24	potato.id	1 redirects file.gifan.id potato.id static.cloudflareinsights.com
11	pagead2.googlesyndication.com	potato.id pagead2.googlesyndication.com
7	i.postimg.cc	1 redirects jbd8hg.ktt55.my.id
5	ka-f.fontawesome.com	file.gifan.id
5	jbd8hg.ktt55.my.id	jbd8hg.ktt55.my.id
3	v.clarity.ms	www.clarity.ms
3	giscus.app	potato.id giscus.app
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	potato.id www.clarity.ms
2	bagasarya.xyz	jbd8hg.ktt55.my.id
1	c.bing.com	1 redirects
1	static.cloudflareinsights.com	potato.id
1	fonts.googleapis.com	potato.id
1	file.gifan.id	jbd8hg.ktt55.my.id
1	i.ibb.co	jbd8hg.ktt55.my.id
1	cdnjs.cloudflare.com	jbd8hg.ktt55.my.id
71	18

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
linkedin.com
t.me
github.com
gohugo.io

Subject Issuer	Validity	Valid
ktt55.my.id GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
ibb.co R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
postimg.cc R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
bagasarya.xyz GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
gifan.id GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
potato.id GTS CA 1P5	`2024-03-22` - `2024-06-20`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
giscus.app R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://potato.id/posts/hacking-phishing-as-a-service/
Frame ID: 4D709EEB3821DD2C15EDA866B164B429
Requests: 61 HTTP requests in this frame

Frame: https://giscus.app/en/widget?origin=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&session=&theme=light&reactionsEnabled=1&emitMetadata=0&inputPosition=bottom&repo=laztname%2Flaztname&repoId=R_kgDOLULuVg&category=General&categoryId=DIC_kwDOLULuVs4CdT6m&strict=0&description=This+is+how+a+Threat+actor+from+Indonesia+spreading+a+Phishing+with+social+media+Ads&backLink=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&term=Hacking+Phishing-as-a-Service+-+Ardi+Jonias+Fortuna+%23+potato
Frame ID: 13AF44A8268CD75536E239F1B46B9D33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: 4019224DFDAB6E27F58F2BC2324E77D5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&adk=1812271804&adf=3025194257&lmt=1714420805&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420804995&bpp=8&bdt=656&idt=216&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6935376886824&frm=20&pv=2&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: 0390FF42B5D6102C9697110A7BF7B9A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=406&slotname=1889468337&adk=1808615975&adf=336132784&pi=t.ma~as.1889468337&w=678&cr_col=4&cr_row=2&fwrn=2&lmt=1714420805&rafmt=9&format=678x406&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805003&bpp=1&bdt=664&idt=228&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=3691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=231
Frame ID: 23C02A30B5265FB97474D315CE93E547
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=3731951021&adf=2409359077&pi=t.aa~a.1043414356~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=1080x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805004&bpp=1&bdt=665&idt=235&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406&nras=2&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=236
Frame ID: 4B352A881D1EB3EC6457F2C6A1DAB8A8
Requests: 1 HTTP requests in this frame

Frame: https://potato.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 6B774FB3F1D8A500CD4A292C8004B233
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=2469676883&pi=t.aa~a.4100099414~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805874&bpp=1&bdt=1535&idt=-M&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280&nras=3&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Frame ID: D2A92094A12ED82E107345B0DDE0E5CE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=3379530707&pi=t.aa~a.877414566~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805874&bpp=1&bdt=1535&idt=0&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C326x250&nras=4&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8
Frame ID: 16E18F0B22F9FDBE580A35D256E59488
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A60E0CF51CCA6B4A5ECEC5DE7D0DC56D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacking Phishing-as-a-Service - Ardi Jonias Fortuna # potato

Page URL History Show full URLs

https://jbd8hg.ktt55.my.id/ Page URL
https://potato.id/posts/hacking-phishing-as-a-service/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

71
Requests

94 %
HTTPS

37 %
IPv6

15
Domains

18
Subdomains

19
IPs

6
Countries

2447 kB
Transfer

3205 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/joniasfortuna
Title: Instagram

Search URL Search Domain Scan URL

URL: https://linkedin.com/in/joniasfortuna
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://t.me/laztname
Title: Telegram

Search URL Search Domain Scan URL

URL: https://github.com/laztname
Title: GitHub

Search URL Search Domain Scan URL

URL: https://gohugo.io/
Title: Hugo

Search URL Search Domain Scan URL

URL: https://github.com/Vimux/Mainroad/
Title: Mainroad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jbd8hg.ktt55.my.id/ Page URL
https://potato.id/posts/hacking-phishing-as-a-service/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpgXzAyNDkyMjMuanBn.jpg HTTP 301
https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg

Request Chain 57

https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://potato.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Request Chain 62

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&RedC=c.clarity.ms&MXFR=0F64E3F225DF6EC91E6EF78221DF60FD HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&MUID=318BD7B721DA6C9407A9C3C720DA6DB7

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
jbd8hg.ktt55.my.id/ 24 KB
4 KB 1304ms
870ms Document
text/html 2606:4700:3031::ac43:af4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:af4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19489a6b1968bc3b149340be213f69338d27dbfb47605cff8edefe242f8f37cb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87c1e03d0921915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 20:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FiOIRZir1eicGCgLtjJmCVzhm0bTkPTsq7jtxInmW40PW%2FFI7QKGKJ49WuezaxkvWVqoDfN79E34gbdIn5FldWBAAVANnS6c59YrOwIpeQllb9hMB57kgV%2BNkEqA%2BRgr95V2I3CKzogOMJNVYdoaLc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.css
jbd8hg.ktt55.my.id/bagas/css/ 2 KB
1 KB 810ms
808ms Stylesheet
text/css 2606:4700:3031::ac43:af4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jbd8hg.ktt55.my.id/bagas/css/style.css
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:af4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63522559221cb1217733189ab984dfaa362299c4d4c81eedc494a0306b65f6f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 17:32:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5o2q%2BKyR1jra5Z6UlC22V%2FxmptZeuv4fOUucQSjNXOS5XWgagCI%2FFxA2TaIuUpL6SubKwwiI6s2aW7HtD8Ull%2Fvq4GB0tN89JQ2MXv7MO0MapXl9gk9MbaWHeQqtwvknh4Qs4NGSHTtTdmBNmpzgGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c1e042188e915e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 May 2024 20:00:03 GMT

GET
H2 200 asdhwalex.css
jbd8hg.ktt55.my.id/bagas/css/ 9 KB
1 KB 793ms
792ms Stylesheet
text/css 2606:4700:3031::ac43:af4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jbd8hg.ktt55.my.id/bagas/css/asdhwalex.css
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:af4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7893d2fb081ec23c9fae1f774745dab58213e6892b09087c37689700d56df6a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 30 Apr 2023 23:07:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2BdAWw6Kq738zjbcdWOOjDHev41XrVYlc2v4XXaVpcLE%2FwbZuoBFmSNt0oLz3ZUJwePXJVHX5Ta5zIqwYE8zcuzTId9nSb2K0OY63xmbTYld7wVyCdBR0HjK8dDHbnaupLIATpsN5wBG9%2FS1srOk7Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c1e0421892915e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 May 2024 20:00:03 GMT

GET
H2 200 bagas.css
jbd8hg.ktt55.my.id/bagas/css/ 5 KB
1 KB 806ms
805ms Stylesheet
text/css 2606:4700:3031::ac43:af4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jbd8hg.ktt55.my.id/bagas/css/bagas.css
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:af4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Oct 2022 10:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMS6sexpk%2FbWs%2F6ELZkroR4BS4SeOfXetr%2BKDtAs%2BIR7yMkiSruN0xlfMAF%2FezLosQQItaunrutFYZQs1mqdAekON3peHY6sar5mQ2P16J6Dw%2FXZuDdhUwbmqnllgJyLixjbSTeViK%2FdLUASpFFID94%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c1e0421896915e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 06 May 2024 20:00:03 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 70ms
43ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1086291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65993750-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SB5SwyoOr2hJS9Idsjk5HUTYE27ycUsQO0B8gJ7duOLi6O7Zc4rxYB4c1GlESblVuVPzHdjGyjaF8EDpWRteNnlusodfN%2FkV6tsQ6LVonYVmS7MEUw4to97tucxwm%2F28wSVGlPgB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c1e0424dcb373c-FRA
expires: Sat, 19 Apr 2025 20:00:02 GMT

GET
H2 200 IMG-20230824-091703.jpg
i.ibb.co/vPgydyy/ 51 KB
51 KB 203ms
134ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vPgydyy/IMG-20230824-091703.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 5b13f4d4106ad0acc96fbc513248cff5cd56a26a5ffa3dc6eebd014a6502da92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Thu, 24 Aug 2023 02:17:17 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 52183
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

IMG-20230417-085458.jpg
i.postimg.cc/YCbSGZPN/
Redirect Chain

https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpgXzAyNDkyMjMuanBn.jpg
https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg

126 KB
127 KB

221ms
221ms

Image
image/jpeg

162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: 5d503f8657894fba5129d2e76ef451f8571d89a367776cbbce5f1edf75f29d3f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://jbd8hg.ktt55.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 129456
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://i.postimg.cc/YCbSGZPN/IMG-20230417-085458.jpg
date: Mon, 29 Apr 2024 20:00:02 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 IMG-20230417-085410.jpg
i.postimg.cc/HnDW1gJm/ 98 KB
98 KB 259ms
195ms Image
image/jpeg 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/HnDW1gJm/IMG-20230417-085410.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: 4baaf2946fa6508e234d28450b2256785e612701faf8f5820c4a511201fe310c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 100442
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-085337.jpg
i.postimg.cc/vB68KBZX/ 151 KB
152 KB 258ms
195ms Image
image/jpeg 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vB68KBZX/IMG-20230417-085337.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: e6bc7e10df7477df7993b5c37253898c6cacd85b5b56923930bdd19f75a116ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 154944
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-085259.jpg
i.postimg.cc/R0hZcGrk/ 96 KB
96 KB 259ms
195ms Image
image/jpeg 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/R0hZcGrk/IMG-20230417-085259.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: 0960d08fe3e7d03eef18f689dcee31b38953946fed2185b2b5b7dd4bcb410730

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Mon, 17 Apr 2023 01:55:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 98379
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-175404.jpg
i.postimg.cc/bN6XBzPK/ 175 KB
175 KB 259ms
195ms Image
image/jpeg 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/bN6XBzPK/IMG-20230417-175404.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: 8a79d34770afc452de32807c9ca8f19d214eb185dabad0a8ed55b4f4046b7b9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Mon, 17 Apr 2023 10:54:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 178704
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230417-175333.jpg
i.postimg.cc/zGVmm9X3/ 99 KB
99 KB 259ms
195ms Image
image/jpeg 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/zGVmm9X3/IMG-20230417-175333.jpg
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: 0958e4f7cb09689cdff71042d60f84acd1424cf6b869dc1d1fa7bd8c5bc05370

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
last-modified: Mon, 17 Apr 2023 10:54:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 101241
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navbar.png
bagasarya.xyz/img/info/ 8 KB
9 KB 77ms
40ms Image
image/png 172.67.189.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bagasarya.xyz/img/info/navbar.png
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232435
alt-svc: h3=":443"; ma=86400
content-length: 8459
last-modified: Mon, 06 Mar 2023 02:41:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxRDSuJJmBl6JTDnd7H6hn55%2F6hmt9SlX5X%2Bog1XqTsK0xnamwyxiUV1eE1Nr9PYkqfMd5RxxvduZwhGTQHRTC3U7toA0aTYv4jfR%2Bpw3hEbDB3umoZNDnpQqeiL8wTN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87c1e0426d3f3666-FRA
expires: Sat, 04 May 2024 03:26:06 GMT

GET
H3 200 modelFb.png
bagasarya.xyz/img/info/ 31 KB
32 KB 80ms
43ms Image
image/png 172.67.189.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bagasarya.xyz/img/info/modelFb.png
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192897
alt-svc: h3=":443"; ma=86400
content-length: 31990
last-modified: Mon, 06 Mar 2023 02:41:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9JfMzDvsW6vTAiahUMyrYNw4IAMBDqCcwtAkobLuSTYRRbEaSQ7JnLF5AoUstPHTq2foQOIPfar5siupP1Ty4mCNG5qnSTjzsdsADcvTVxsnY8JJeYHJH0IOtGza3Nh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87c1e0426d433666-FRA
expires: Sat, 04 May 2024 14:25:04 GMT

GET
H3 200 fontawesome.js Show response
file.gifan.id/ 11 KB
5 KB 195ms
130ms Script
application/javascript 104.21.234.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.gifan.id/fontawesome.js

Requested by

Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.35 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

85671d0a860c6e4d2426fee9c31f5a11fb28adc7ec37518685ee9089d0c9ed4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60872
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Apr 2024 00:23:15 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkk5FNsSCwavINcTbkqKxbp8cm16vXbrmufH5R5J459zF%2BS%2BVl9%2FwXV1D%2FEyHC%2BtRDMQ9gyyhk9aLEZ1YduBO7Mq5Fq6yIoKPlR63p6OwBiqvITy3cQGKBHuORJilHhL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 87c1e0429daf3a80-FRA
expires: Mon, 06 May 2024 03:05:30 GMT

GET
H2 200 bagas.js
jbd8hg.ktt55.my.id/bagas/js/ 87 KB
32 KB 1040ms
1039ms Script
text/javascript 2606:4700:3031::ac43:af4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jbd8hg.ktt55.my.id/bagas/js/bagas.js
Requested by: Host: jbd8hg.ktt55.my.id
URL: https://jbd8hg.ktt55.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:af4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 11:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzAwF%2FUsjSr8f5opkzPoBLbIDHwUsFjs6P2Di2EMAPMhuy0iK5fAfwqBc1SSpTrKEl5hUpoU%2B%2Bkw5KNlIPAwiNxzkIvgcojm92tynuLMnm99DcG9wINJVZHIJavj%2FpBYy%2FVoI4gktbD4vMFWGIs020M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 87c1e04228ad915e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
potato.id/posts/hacking-phishing-as-a-service/ 22 KB
8 KB 622ms
574ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/posts/hacking-phishing-as-a-service/

Requested by

Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56546e8f9625727fc8b4fa9f36c9a5e843327f68b786808212868e3a97e04aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://jbd8hg.ktt55.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 26349
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 87c1e047993319a0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 20:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfuU1%2BJcn%2FOurNu2fZM%2B8C5qUcha6wCFAqujg14DUHddEzNgqoYMpJO9y2vLnwA%2Bp9UlWqXHiVUB0kQ4FvetYXo0SCvQknxs7mc6ImTmGdL5eilUzY%2F0Q8sdQjk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HWNQ2TMC4HDWMGJ52HHV329X

GET
H3 200 free.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 88 KB
19 KB 110ms
78ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"345f5ecc270c94968998574a2d37e31a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HzRK9VGSrAGRv3MU0J0KUeyC6eQ6oGMSkEULfLrrAMXc8fx8q1lSkK%2FYJGaOOMtUH9s1C15iGJk4tTrpVNpQwKklXANcYuDa90QZ29SJ2%2FAY6RVIUAtmqWL%2FptpqMq%2FWHeVNxCO5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87c1e0477c3f9761-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RIsB8Sv5W_5KBPJOQGYPmur23XEA1gsTfLjzFR9WvItHivSOhwODdA==

GET
H3 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 26 KB
5 KB 91ms
59ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTxj3GCFSATOUPvUJ%2Bu2XKrPk4oMVWrG5NXokyIFkasRooZqqIEvvK8JMWdpq264AvL9XPjWmmJfyZWWYl3i5dn5N%2B92rSqW22hSWjU%2BrngfLyzFshgP9ET3lVE2NvC5bmexv1aQbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87c1e0477c419761-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UcAVljE8R6fFCtpOQD1hFWUCbY5XSJCPwB3erVUkql3IhADEx5rzaw==

GET
H3 200 free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 823 B
952 B 92ms
61ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"e8ee688b3310772b65f39c69b76f4720"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh8pp%2FULP69mrZboP5lYBk2BFlAGgUxX8Vi8OFZ52nVAZZbbwpIMn3NiwHd6WGD0q8xSjPcyEV295zKytxQr7pFreXBuYbvud4c5TQQxnFvEK1bkdullgetCa98Y2P1cNZUkSP%2FKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87c1e0477c439761-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qf2hLg7Qj6vVpRm7cFtiPvLnml5h-5DZcXQ3_ndA8PPoZeQWRRYSTA==

GET
H3 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.0.0/css/ 2 KB
1 KB 106ms
74ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BevGVNFjLeUwgzgUkhRQIwhh0nlEoKipFjs0mprPMI2hyGtuNzsP2aHAG12XKHkqYAO2ZwDGSh9WJV8Yjsqew98Si6ZSg7EaJApCV9ZPGn6p2l9mSoApdJJs9bR0Dj1Snm3BlO%2F5bA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 87c1e0477c3c9761-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9mRWhkTt466klKOUOZ-awiL0DrU7GRxxAYjU8Ynrk1HuN2joJvKYOg==

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.0.0/webfonts/ 124 KB
125 KB 59ms
59ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/webfonts/free-fa-solid-900.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://jbd8hg.ktt55.my.id/
Origin: https://jbd8hg.ktt55.my.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:03 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 126828
last-modified: Mon, 07 Feb 2022 20:20:18 GMT
server: cloudflare
etag: "d60a1707d7a69023a566fee0f0804a79"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zomfjDxysxc1egO%2BOKQzlSE7BBv2bfmiD8DtiuBC%2BhvIdCucTSTI45l6AVkfzGLuA2zwubFW9mJ1jLvAFyrVMqB2Ddcmqb3by1uAxRFZU68sR%2B82tfrR6UcOAHTrnN1CF%2FyuI5%2B1tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 87c1e0482d719761-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: B3u71-s8LwQEQCGW7rwwKYMz3fpN2_kw5A93B11dRZxHRXM4yEE6Fg==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 93ms
43ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 19:51:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 20:00:04 GMT

GET
H3 200 style.css
potato.id/css/ 14 KB
4 KB 508ms
507ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/css/style.css

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f417c1307e3d102ebf6c605a1861797e7b303441a5a5846f757e60f061f3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3K35NSGXYGCP3CBWAKN4
date: Mon, 29 Apr 2024 20:00:04 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=17761
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"f79b1e9dec003155f93640807a8b8499-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeUJg%2BvuZ5Ry%2FlDL9OfeibZgNrbCD4rBdwtqdUg9Sx0JUb6wXBQcYZBx6fY5AlIJqTROgOi5KW73fsIEU7AUZHcvdY3olbNvQwbLGcvbGZJ5lvSpG192QCT8%2Fwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87c1e04b3edb19a0-FRA
priority: u=0,i=?0

GET
H3 200 custom.css
potato.id/css/ 534 B
846 B 504ms
504ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/css/custom.css

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7671e56f330d9824493d6167a67ee1cd789f6c323a7363b5d8a8d0cea9c3de1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3K2FT5CTF96RC3QHACEP
date: Mon, 29 Apr 2024 20:00:04 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=546
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"46da36f1f7a0362ce6ac70032c30eaa6-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cr%2FnVcMmpfEFaejA8C70%2B6Ikj6Mur44R7EViig%2FOwmJOja1m06lmTwQhsC2M6h%2BhOumAwMl9gRBoC9xbPAY4vKR%2BVlhy3HtsuV0GyO3RSRIAJByhoEm8bMTd1VM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
cf-ray: 87c1e04b3eec19a0-FRA
priority: u=0,i=?0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
50 KB 112ms
67ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1926937123072670

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

431123b75ade5779d7a1184d593d6af1248dbfc33961a77e296d15f4bfd7b25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51666
x-xss-protection: 0
server: cafe
etag: 10453511804562530599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Apr 2024 20:00:04 GMT

GET
H3 200 cdn-or-api.png
potato.id/img/phaas/ 25 KB
26 KB 514ms
513ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/cdn-or-api.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcf549183b1ba7ca864292a5d1023ed9b9c5573097603194ae524bccd70db5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWHTY4DV4X3NTFG2J7Y1T4X7
date: Mon, 29 Apr 2024 20:00:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25938
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "65b10f9b03ebe7c6f0951a5edef90548-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLXSnEZNqnkbIoYNdmRlbWTHNYZqJzPbknfM%2BIgajVu%2F9GnhlXSu2gMVq1kHU7jvC3OnILg4bb2hywLgxKqNX4vRpKcAGHhag5%2FAmTdpRIhNOpztbW8uUE6Rkd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04b3ef319a0-FRA
priority: u=2,i

GET
H3 200 16shop.png
potato.id/img/phaas/ 90 KB
91 KB 578ms
578ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/16shop.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c091e6f90e11c7cd743f2144f94581f9f50f505eeff42c8dfe93403d5db4153c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJXTW6RAMRACFEZ8NHB87J1
date: Mon, 29 Apr 2024 20:00:04 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 92552
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "ff9eba0c2defdedff8809a45481e674e-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIkoeH3Ijn0gCviI2w7WP4%2Bg0H9RNqLYT2X7Ne2rSVjzYupG%2FKy1hGbPaWjANQCQEbwDIy3uB4z3W40vtuqV9tu6xZoowwDDS8S%2FzO9%2B6obWZl%2BNBI0wGXqngNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04b3ef619a0-FRA
priority: u=2,i

GET
H3 200 files-hosting.png
potato.id/img/phaas/ 110 KB
111 KB 584ms
584ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/files-hosting.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91406be409029f21ab51d553c7380bf8091f7d0a1f1ccbde6bc5a4629e094c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK24VX40AGFZZQYCA4GY
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 112829
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "3352227f7364056341ece3781f1dbee5-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ef98z3HPWdY5rpBdKJtOpgU8mExnHjM%2F9Tbd2YKq24GAZ7NRNxnYQ9DDOFlVW8TqrHmWekJkrzfKhpVkPuOJXU2R5DdCpmwh19deN32awyc%2Fi2rViyHiMJTuYLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c5f19a0-FRA
priority: u=2,i

GET
H3 200 self-service-creator.png
potato.id/img/phaas/ 13 KB
13 KB 584ms
582ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/self-service-creator.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d309f4d5f89083a9a41cab873a51f5f9194b2e17858bd7baa38a1524325e48d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK5TG5EAFPG5BSXK1RPA
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13276
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "1425b7cb23ef451fe09a29b94af2c941-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGc2CGx7%2FaPKpwQ25v79kqVVNFwXUjA4l7JEvKRAu86iSQQD7G0TnHL%2FFSC8Oz6o%2FPeJeBfQOJpfC0Pyjw1%2FUI%2BzPlVw4wDGRyigWpbpOE9xDJ96zACoIlEYv8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c6219a0-FRA
priority: u=2,i

GET
H3 200 payment.png
potato.id/img/phaas/ 76 KB
77 KB 588ms
586ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/payment.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5527b06ef5cd698d5ed58b0adbdde4b47a194ed484804f8d028a47694a093fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK3K5JVJH4R9TNX89FKZ
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 78285
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "a97af35b6206e3c7f795801aff7a3c4b-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnkFfLhRwTvjk4ZEQTFImFNOKJaaws9IT1fhc2CAPeieETUAOexd8mcjJ6mXn%2FF7uXrpDfywu4O7HEeYecaiY6PgZqHAw8Q4j462OeAX%2F9MB4mnhPaSkmXQDWlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c7619a0-FRA
priority: u=3,i

GET
H3 200 lures.png
potato.id/img/phaas/ 14 KB
14 KB 561ms
560ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/lures.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0033958e6d7a15a8a07558c90159380c30f9cefc1971ec665f9bc1956075d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK3T832ZC2A17N16KFKK
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13989
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "ecb0422fdb9f53c249843f522fe1a6c1-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHBwtA4S3vrqBQgQe14f%2B%2FPusZan7JninK6ZKB9wLEqKJFeKsgPQ7vRazMMf%2BcA8l%2ByJ4frZ1voj6mA6ZX7ofETuaaqfNcE5EW3gM3MAD2Acp%2BMLqDI05gyAnBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c7a19a0-FRA
priority: u=3,i

GET
H3 200 anti-bot-verification.png
potato.id/img/phaas/ 12 KB
13 KB 588ms
586ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/anti-bot-verification.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7bc1acd72b1cd3687cf25988eb2d798fdc5e474f6d2604e79a87795d986e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK3QPP4D17KDVZJ8MK8Z
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12651
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "b0e432030626a3181d8f0fad2a1c3702-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZH%2FzH%2B90qh02%2FVpdShlMJ4eUBjwzNW1GfIQW9NCWTNWP8KF4NBefenwqI3dGP2VcZnZ5FjkL7CQR1b7VwnOnrR8jgZyg04LietIQ1XBLED5HKQpHKeBI%2B%2FshLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c7d19a0-FRA
priority: u=3,i

GET
H3 200 facebooklogin.jpeg
potato.id/img/phaas/ 88 KB
89 KB 521ms
520ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/facebooklogin.jpeg

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c311abe999397121ea7dea930b854cb5455a0ab8939817d89090951856c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK43X7X9SAN8F61Y949F
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 90260
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "acf94931ac521869614aed0bb63dc655-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHgBJ%2BoiG9UDxi7A2bNzEp57j3YPGAmFgTcheNJrBgd9bQ7EcePQyBsDe0u5tm35T3%2B9xcUEqziGMWmGfPpN%2FCaC%2B6V7X611QY%2BRGr6DLTj5XS1T6jtcs1tklQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8019a0-FRA
priority: u=3,i

GET
H3 200 check-invoice.png
potato.id/img/phaas/ 24 KB
25 KB 588ms
587ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/check-invoice.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48fa97dd4fdb09e3531a0a088539ff6c640a002533275209cbd990a887fda66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK3XFVCNM16DSZBPMKTS
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 24893
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "fcaed4d723d400cd8bf61617fd94e126-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53IxNsfK6XYrc7ykPgwUIBGiy6HF1E5MDY9ihkPAeXecFfNfjbsykChMArOLKjvyEyw%2FVbKR5TlUPsV8Ud9uBoWtomAOClEaN%2B9mNw9WNWhWvCbaVd5QyFMWEU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8119a0-FRA
priority: u=3,i

GET
H3 200 belidi.png
potato.id/img/phaas/ 71 KB
72 KB 503ms
502ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/phaas/belidi.png

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0efef1458d01e31eb89de3ec957f006b0758c1556ed55b52a29b2dd93b6bed84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK5T44F3QDE7711HR6CQ
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 73051
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "bc0e9d06e76ab14387a4ebb42d2330cf-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdTCWQR4PEMBo%2FJIuX3%2B0Bbi%2FjCNqN%2FeNH6efLzz4bBsnNGeDhUQGIVQaulD824sWA1TRfe2wuRNHD3AzKvbg9MDEP1P%2FsWt3juhUi8EYU9MjYo8HLSaEPHI2Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8319a0-FRA
priority: u=3,i

GET
H3 200 avatar.webp
potato.id/img/ 480 KB
480 KB 562ms
560ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/avatar.webp

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77c166a0d34fd08e34b45f6588d4359449bc929d3040c84e18f5b2d0e665c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWJRAK5TSFHXGXMKRV8XJN85
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 491014
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "e703ae69bfac446bd7e05f597b7e2a05-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFOc3scq3nmYH%2BlJMkcQiNQdclCUseQtI8bgpdcevh2pziOkYDDpiWBS%2BJf4lqku%2F44GbXOvckmG6i9SOMouNDB3PqaGN2clj%2B3Kq%2FoKOePhU53EU%2B8%2BxFaqoMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8619a0-FRA
priority: u=3,i

GET
H2 200 client.js Show response
giscus.app/ 3 KB
2 KB 82ms
25ms Script
application/javascript 76.223.126.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://giscus.app/client.js

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.126.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

515f4abaa2766ee799fc599df471f9d5a9e2bf2c88aef25a96ba5c10c66d98e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Apr 2024 20:00:04 GMT
strict-transport-security: max-age=63072000
age: 82862
x-dns-prefetch-control: on
content-disposition: inline; filename="client.js"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: fra1::d4jc7-1714420804919-b1aaa4ffbac8
x-matched-path: /client.js
etag: W/"fb36d577c8e4b935676d8f79e6ddca40"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=604800
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()

GET
H3 200 home.jpg
potato.id/img/ 23 KB
23 KB 605ms
604ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/home.jpg

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f478c2ba4fcf47d0214d05d046189970e39b54f74936bc1e659fdbbd039a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3NQVX4HXW5EQWAM9ND0R
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 23186
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "4c2e3c221b798162b0d2ae29e95106bd-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbeIm6cgumSpDlX8NwOUQCATF7UW4kznn5%2F5whjulOugtYjPU%2FEtJ2QR%2FLWCVt6%2FxuBBhEaphZqkC6BEaLYvgv7X9xRzvuBeooPs73N19eE0cOP%2BiiBk%2Bq5NU44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200, must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8819a0-FRA
priority: u=3,i

GET
H3 200 email-decode.min.js Show response
potato.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 34ms
32ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6622d9ef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIJfM6kiSt4LVU21bkWNFS%2BKpGcvMrI2uwfoZGyIv2zUfZZhbidRscS0mlQ%2B5CY1SHTdIpkOht2KFkO7TX35jzxjeG0O4kR1Cptdli5IauQUhagpnlLZe1ndVfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 87c1e04e6c6519a0-FRA
expires: Wed, 01 May 2024 20:00:04 GMT

GET
H3 200 menu.js Show response
potato.id/js/ 646 B
879 B 520ms
519ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/js/menu.js

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f72e1c588c6c9cb16f0d06f54072cbef2fd20eb69f5d99e69a26c7e6c39c61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3NRFDV8DJ23GM7TEVWKS
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=723
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"64ad636f06232693dc7d808051843887-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xGhh5%2FOMGPyibI0rnL%2BRjGJoKarfCkGvuP9N6O9MTnJpmjexUp9NVjIQSe2A2dBG38glxZ3f7UH2M8UrrkGqzVyxgZJah9M6UobywyOgJCv2g7sFh%2FrMa4lF7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 87c1e04e6c8a19a0-FRA
priority: u=3,i=?0

GET
H3 200 custom.js Show response
potato.id/js/ 314 B
716 B 496ms
494ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/js/custom.js

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade370c859637ff38eca3394777bdbe39fb327cd94753177fc1fc9dbf4f72f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3KTP241D68FVAH7DX1HS
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=333
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"13f5ea4e09b23b51ff98ba483f010ed0-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZC4cpsKjCmCmsFdSLEoIQe6J%2BQy7zKfHI4sq3QBjgqL2eyXim9QWKwlKEm9KOlfbaj3iQiamTYH%2B2UiCIax%2F0bdPVGVTEZZ4oiN7ITTHSjreGmYsWWQA25qOzcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=43200, must-revalidate
cf-ray: 87c1e04e6c6b19a0-FRA
priority: u=2,i=?0

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 124ms
67ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 87c1e04ebdcba025-FRA

GET
H2 200 ii5leisvaz Show response
www.clarity.ms/tag/ 685 B
1 KB 187ms
118ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ii5leisvaz
Requested by: Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 05b4ac7027a61f42e9c773e6998e59a01375550870723adf1f51dd5909ea6935

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 29 Apr 2024 20:00:05 GMT
x-azure-ref: 20240429T200004Z-15ff45446449x2s7pv80sq17a0000000048000000000407v
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 685
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 loading.gif
potato.id/img/ 33 KB
33 KB 498ms
497ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://potato.id/img/loading.gif

Requested by

Host: potato.id
URL: https://potato.id/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7c97e841d19536893b8a0b2c7020eef3cf322d564ac13ecce69d9609b93d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/css/custom.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3KT1CK4WW802BZG37AYZ
date: Mon, 29 Apr 2024 20:00:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33404
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "b8ffd11c9e306221d33e26a219080c10-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PScnA53dfEIXUsUxP1%2F5UNafvgQEUbZ148YVOIa52mDiGfuc0btAOETdlZ8BR8gMMES39wc%2B6%2F9AIn0UNLph7sTMLiScR9udt450prmL%2F8VeirQwkt33M4slomU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
cf-ray: 87c1e04e6c8d19a0-FRA
priority: u=3,i

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 249248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:45:56 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 19 KB
19 KB 98ms
48ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://potato.id
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:22:46 GMT
x-content-type-options: nosniff
age: 243438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19280
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:22:46 GMT

GET
H2 200 default.css
giscus.app/ 167 B
631 B 72ms
24ms Stylesheet
text/css 76.223.126.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://giscus.app/default.css

Requested by

Host: giscus.app
URL: https://giscus.app/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.126.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5bb2bf782368f14b713a7db2ad175e9aa46aedd92b1d22c89247ee15aaf748d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self';
date: Mon, 29 Apr 2024 20:00:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 77138
x-dns-prefetch-control: on
content-disposition: inline; filename="default.css"
content-length: 167
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: Vercel
x-vercel-id: fra1::w4kt5-1714420804994-0c45f2614838
x-matched-path: /default.css
etag: "32f1ebcfdc7031e5e36e7ecce39c2aee"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges: bytes

GET
H2 200 widget
giscus.app/en/ Frame 13AF 0
0 420ms
377ms Document
text/html 76.223.126.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://giscus.app/en/widget?origin=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&session=&theme=light&reactionsEnabled=1&emitMetadata=0&inputPosition=bottom&repo=laztname%2Flaztname&repoId=R_kgDOLULuVg&category=General&categoryId=DIC_kwDOLULuVs4CdT6m&strict=0&description=This+is+how+a+Threat+actor+from+Indonesia+spreading+a+Phishing+with+social+media+Ads&backLink=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&term=Hacking+Phishing-as-a-Service+-+Ardi+Jonias+Fortuna+%23+potato

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.126.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://potato.id;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://potato.id;
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:05 GMT
etag: W/"1s85tos0y05m1"
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
referrer-policy: strict-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-matched-path: /en/widget
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::xppss-1714420804995-43b7b60c0cbd
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 411 KB
139 KB 129ms
86ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1926937123072670&plah=potato.id&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1926937123072670

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

613d2e5bfd88a739b3994f91f07a491b321fdcad79c7cf969a38ab0c3029298a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142348
x-xss-protection: 0
server: cafe
etag: 6810324256133648447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Apr 2024 20:00:05 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 41ms
41ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ii5leisvaz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:05 GMT
content-encoding: br
last-modified: Sun, 28 Apr 2024 10:11:23 GMT
etag: W/"0x8DC676B8EE909B4"
vary: Accept-Encoding
x-azure-ref: 20240429T200005Z-15ff45446449x2s7pv80sq17a00000000480000000004080
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f0021d99-001e-0079-5609-9ad2ff000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
289 B 541ms
120ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Mon, 29 Apr 2024 20:00:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/ Frame 4019 0
0 65ms
23ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1926937123072670&plah=potato.id&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 19022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 14:43:03 GMT
etag: 5035419970550746386
expires: Mon, 13 May 2024 14:43:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 0390 0
0 247ms
206ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&adk=1812271804&adf=3025194257&lmt=1714420805&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420804995&bpp=8&bdt=656&idt=216&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6935376886824&frm=20&pv=2&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 879
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loading&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
51ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loading&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 23C0 0
0 476ms
436ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=406&slotname=1889468337&adk=1808615975&adf=336132784&pi=t.ma~as.1889468337&w=678&cr_col=4&cr_row=2&fwrn=2&lmt=1714420805&rafmt=9&format=678x406&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805003&bpp=1&bdt=664&idt=228&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=637&ady=3691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 53050
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 4B35 0
0 851ms
812ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=280&adk=3731951021&adf=2409359077&pi=t.aa~a.1043414356~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=1080x280&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805004&bpp=1&bdt=665&idt=235&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406&nras=2&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&fsb=1&dtd=236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40470
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
potato.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 6B77
Redirect Chain

https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://potato.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

8 KB
4 KB

39ms
39ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

Requested by

Host: potato.id
URL: https://potato.id/posts/hacking-phishing-as-a-service/

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

395be04eaca1f5c40b7923bbc2fddc1e7f49d46dfb828eda656baa19646f80bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 20:00:05 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=079X0Xt82P1xe6Vwe%2Bpl5qcdSxq5k8IYZTMmMUmK6XRourr4PGeSpquMClKsPdQmi0UCQqK9MXTvW%2FsWE%2Fb3GFh9aHthIpp4zpTTo4jwu4FxjPhYCz5TKy4wbpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87c1e0533cb019a0-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Mon, 29 Apr 2024 20:00:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DF%2FpwofcZYm%2FnB2CHtsbifrLKkq%2FIxrl0dB2A8EwH%2B6pfMl6g0FKW4bYcDw68xNOi2I0%2BL3N4SYPF7fxtmNoEcZgl1Nl%2BVBwm0UbjjQEnFM2dom6mF3JemmDoAU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control: max-age=300, public
cf-ray: 87c1e051896819a0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i=?0

POST
H3 200 87c1e047993319a0 Show response
potato.id/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6B77 0
579 B 54ms
54ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://potato.id/cdn-cgi/challenge-platform/h/g/jsd/r/87c1e047993319a0
Requested by: Host: potato.id
URL: https://potato.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Apr 2024 20:00:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7%2Fh9U0eQymFpAtsC6E838TD1dvAd88trCzhedXoYQO2assvUWIzjLt2kiigeKEjc6drVViiSXYcR2VzksTV7yktE5cChU3YE5x0sf1u%2Bi2Tq1InatvznutSItc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 87c1e053cdb419a0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1,i

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame D2A9 0
0 318ms
318ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=2469676883&pi=t.aa~a.4100099414~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805874&bpp=1&bdt=1535&idt=-M&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280&nras=3&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 16E1 0
0 520ms
520ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1926937123072670&output=html&h=250&adk=1212138825&adf=3379530707&pi=t.aa~a.877414566~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1714420805&rafmt=1&to=qs&pwprc=3642452345&format=326x250&url=https%3A%2F%2Fpotato.id%2Fposts%2Fhacking-phishing-as-a-service%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714420805874&bpp=1&bdt=1535&idt=0&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C678x406%2C1080x280%2C326x250&nras=4&correlator=6935376886824&frm=20&pv=1&ga_vid=584415281.1714420805&ga_sid=1714420805&ga_hid=992413170&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083069%2C95329718%2C95329832%2C95329829%2C31082606%2C95331042%2C95331556%2C95331687&oid=2&pvsid=652550236069170&tmod=1240283931&uas=0&nvt=1&ref=https%3A%2F%2Fjbd8hg.ktt55.my.id%2F&fc=1920&brdim=260%2C260%2C260%2C260%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 20:00:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
289 B 115ms
115ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Mon, 29 Apr 2024 20:00:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&RedC=c.clarity.ms&MXFR=0F64E3F225DF6EC91E6EF78221DF60FD
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&MUID=318BD7B721DA6C9407A9C3C720DA6DB7

42 B
442 B

54ms
54ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&MUID=318BD7B721DA6C9407A9C3C720DA6DB7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 20:00:06 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 29 Apr 2024 20:00:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15F816DB2824411688AB3092CEA3635C Ref B: FRAEDGE1808 Ref C: 2024-04-29T20:00:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20059E3D6D174EBFA5D6791A657D0670&MUID=318BD7B721DA6C9407A9C3C720DA6DB7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 65ms
64ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240425&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

432c9bf95059728a8c135fe48e7344bb2b3ca504ae566e6b2cac2804fda85cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0

POST
H3 204 rum Show response
potato.id/cdn-cgi/ 0
135 B 30ms
29ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 29 Apr 2024 20:00:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://potato.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 87c1e0594ea019a0-FRA

GET
H3 200 favicon.ico
potato.id/ 99 KB
7 KB 498ms
497ms Other
image/vnd.microsoft.icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://potato.id/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86c56bcfc566c5b55d34ec1f700f82044c1650134442c58caf7c5f8c377abed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/posts/hacking-phishing-as-a-service/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWED3VR4G3W358T77W5CDFNK
date: Mon, 29 Apr 2024 20:00:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"3ab64fb7ce79217d174115c89c772563-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRmiqcjbchDf%2BoSCwYktWpLdIxMyNbjE60FLJk8pL3FVMN0WYUbNFxwB4HTz8COCClR32OvTgFCi9l3TC5sr9mW8cigQLyqYCTn7s1pUW9pB%2BftkHK5DJFF1SW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=0,must-revalidate
cf-ray: 87c1e0594ea919a0-FRA
priority: u=1,i

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 120ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 20:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 20:00:06 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A60E 0
0 23ms
23ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://potato.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 27893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 12:15:13 GMT
expires: Tue, 29 Apr 2025 12:15:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
289 B 116ms
116ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://potato.id/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://potato.id
Date: Mon, 29 Apr 2024 20:00:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240425&jk=652550236069170&bg=!5-Sl5KvNAAYBeExMIXg7ADQBe5WfOI6R0hKfi1NIP4H9VKtc9OBfLHAz4WSTOuag09KnqtPRFhQRSHN_WJHEOC6ijJuHAgAAADFSAAAAAWgBB34ANXGQicdbaBQqjbmZTv_0px2-Q9YfaV_3UVu6MVv6Cfby8YvsQQ6ctP4PUObr_W2xF1VqaINFmQKQJ-ymWm7iOMC4I9-eoRXcL4nef9S2PXk_2hXzMATu-IZzmlSsEV0eGVWSahFjgyM51w5BWTCV76sftRuQJrfIUtOsnmmbA5xvwRby-UatdjDHxAiJSLgQUkIzh5SdwTMh0vaJGD5RJAX9yD58_ri7F51lUXII33g8iFopuEzZiNTOzZkfceEMeDx3AyCZ3Ue6us2-SGYi8hVInVv6Iw7Ozv07mVKlvLxzGHkbYWpSB9U1yQ_1qnMcCEcq9HTlyGS99taH-HHG2YQ6J84r45XiMD05EBUoMxKDuuxsHeLUkxFxsNuDmXYkukr7ZgSwEWKqEcfsVR1Fzov0BlHYDab8TdJlE8jOMqrCP7KLnGyH1miz__UlHpiRpaonTIsO-LdJEULt60p6IcT8LuXlMsGTDP2hCl7UI_WSuOynH644o71QSlTewGignj2o1nJCEhCXXHmX81WtTfURB6MQTp4_Ibw2BRBnQ4jFSIaVgtCcf414Hd65NefSGvAOfnzSSTgSsDdEky5Ao2bN78G6vjHcW0M3RspGM9ppiykjZpftpckH6Bus8A63cCvZ_vsglE3MC_6D2tbweNjrxWytWcW-55HZJRvy4Lp2Y4r1S0grJCY-ozZ4h208YSJ2Pzb3o-Avgkp0hvDHVe31Z4xIoXRS3_lgsg_8BKqYTO3tWTmXu4a8NMAc3C1aFrJTafJp6eKhA3DzlbiqCplQ1dtc4Jvjubj0DGRCv73IvFHDGNnqbBZfuUMQC8ORv8ldrw11aBRhjYiaw0-B2hmAOhWdZ22V5Lcgad1rHzBHdLDP5XZvldg_N1hx_2i5OgtBq0s3jONQvglsNIYZQL_fgx9iqCmSbYnUNGS0OljrtGFNC7xQsdE

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 04:59:16	Name: CLID Value: cc8794a4e3484ae589f779b9bb1a90e4.20240429.20250429
.potato.id/	1970-01-21 04:59:16	Name: _clck Value: od2ml1%7C2%7Cflc%7C0%7C1580
.potato.id/	1970-01-20 20:15:07	Name: _clsk Value: 12rdn4n%7C1714420805731%7C1%7C1%7Cv.clarity.ms%2Fcollect
.potato.id/	1970-01-21 04:59:16	Name: cf_clearance Value: iUB8Ysp1J8vv_EXUMLOtYTLv5X8McqOmqK4sETgRgOQ-1714420805-1.0.1.1-I5llQ_zU8wC_AThSZG63l2icwS1cw.xTpUnNojED9GrWQvswI.fNRVOaaAxXyYEP5QSAuxeZluUvcfc0bVwYcA
.potato.id/	1970-01-21 00:32:52	Name: __eoi Value: ID=cea1190f79bb7c34:T=1714420805:RT=1714420805:S=AA-AfjZbtrlpJ7Ll5kOFmwwfoTFL
.bing.com/	1970-01-21 05:35:16	Name: MUID Value: 318BD7B721DA6C9407A9C3C720DA6DB7
.c.bing.com/	1970-01-20 20:23:45	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:35:16	Name: SRM_B Value: 318BD7B721DA6C9407A9C3C720DA6DB7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:35:16	Name: MUID Value: 318BD7B721DA6C9407A9C3C720DA6DB7
.c.clarity.ms/	1970-01-20 20:23:45	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:13:41	Name: ANONCHK Value: 0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://potato.id/posts/hacking-phishing-as-a-service/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bagasarya.xyz
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
file.gifan.id
fonts.googleapis.com
fonts.gstatic.com
giscus.app
i.ibb.co
i.postimg.cc
jbd8hg.ktt55.my.id
ka-f.fontawesome.com
pagead2.googlesyndication.com
potato.id
static.cloudflareinsights.com
tpc.googlesyndication.com
v.clarity.ms
www.clarity.ms
pagead2.googlesyndication.com
104.17.25.14
104.21.234.35
162.19.58.157
162.19.88.69
172.217.16.193
172.67.139.119
172.67.189.18
188.114.97.3
20.114.189.135
216.58.206.34
2606:4700:3031::ac43:af4c
2606:4700::6810:5049
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:810::2001
2a00:1450:4001:81c::200a
68.219.88.97
76.223.126.88
05b4ac7027a61f42e9c773e6998e59a01375550870723adf1f51dd5909ea6935
0958e4f7cb09689cdff71042d60f84acd1424cf6b869dc1d1fa7bd8c5bc05370
0960d08fe3e7d03eef18f689dcee31b38953946fed2185b2b5b7dd4bcb410730
0efef1458d01e31eb89de3ec957f006b0758c1556ed55b52a29b2dd93b6bed84
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
19489a6b1968bc3b149340be213f69338d27dbfb47605cff8edefe242f8f37cb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
36f417c1307e3d102ebf6c605a1861797e7b303441a5a5846f757e60f061f3ad
395be04eaca1f5c40b7923bbc2fddc1e7f49d46dfb828eda656baa19646f80bf
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f72e1c588c6c9cb16f0d06f54072cbef2fd20eb69f5d99e69a26c7e6c39c61f
431123b75ade5779d7a1184d593d6af1248dbfc33961a77e296d15f4bfd7b25f
432c9bf95059728a8c135fe48e7344bb2b3ca504ae566e6b2cac2804fda85cda
4baaf2946fa6508e234d28450b2256785e612701faf8f5820c4a511201fe310c
515f4abaa2766ee799fc599df471f9d5a9e2bf2c88aef25a96ba5c10c66d98e5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5527b06ef5cd698d5ed58b0adbdde4b47a194ed484804f8d028a47694a093fb5
5b13f4d4106ad0acc96fbc513248cff5cd56a26a5ffa3dc6eebd014a6502da92
5b7fe828decc07f24ab19c7e017da0dedb2c71e1647594f3ddeb6072d743147f
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5bb2bf782368f14b713a7db2ad175e9aa46aedd92b1d22c89247ee15aaf748d9
5d503f8657894fba5129d2e76ef451f8571d89a367776cbbce5f1edf75f29d3f
613d2e5bfd88a739b3994f91f07a491b321fdcad79c7cf969a38ab0c3029298a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63522559221cb1217733189ab984dfaa362299c4d4c81eedc494a0306b65f6f0
7671e56f330d9824493d6167a67ee1cd789f6c323a7363b5d8a8d0cea9c3de1c
76f478c2ba4fcf47d0214d05d046189970e39b54f74936bc1e659fdbbd039a46
7893d2fb081ec23c9fae1f774745dab58213e6892b09087c37689700d56df6a4
7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c
85671d0a860c6e4d2426fee9c31f5a11fb28adc7ec37518685ee9089d0c9ed4a
8a79d34770afc452de32807c9ca8f19d214eb185dabad0a8ed55b4f4046b7b9f
8b0033958e6d7a15a8a07558c90159380c30f9cefc1971ec665f9bc1956075d3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a56546e8f9625727fc8b4fa9f36c9a5e843327f68b786808212868e3a97e04aa
a91406be409029f21ab51d553c7380bf8091f7d0a1f1ccbde6bc5a4629e094c8
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
ac7bc1acd72b1cd3687cf25988eb2d798fdc5e474f6d2604e79a87795d986e2a
ade370c859637ff38eca3394777bdbe39fb327cd94753177fc1fc9dbf4f72f4f
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b86c56bcfc566c5b55d34ec1f700f82044c1650134442c58caf7c5f8c377abed
c091e6f90e11c7cd743f2144f94581f9f50f505eeff42c8dfe93403d5db4153c
d309f4d5f89083a9a41cab873a51f5f9194b2e17858bd7baa38a1524325e48d3
d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1
da7c97e841d19536893b8a0b2c7020eef3cf322d564ac13ecce69d9609b93d04
dcf549183b1ba7ca864292a5d1023ed9b9c5573097603194ae524bccd70db5dc
e1c311abe999397121ea7dea930b854cb5455a0ab8939817d89090951856c90d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bc7e10df7477df7993b5c37253898c6cacd85b5b56923930bdd19f75a116ff
e77c166a0d34fd08e34b45f6588d4359449bc929d3040c84e18f5b2d0e665c91
f48fa97dd4fdb09e3531a0a088539ff6c640a002533275209cbd990a887fda66

potato.id Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

94 %HTTPS

37 %IPv6

15 Domains

18 Subdomains

19 IPs

6 Countries

2447 kBTransfer

3205 kBSize

12 Cookies

6 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

potato.id Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

37 %
IPv6

15
Domains

18
Subdomains

19
IPs

6
Countries

2447 kB
Transfer

3205 kB
Size

12
Cookies

71 HTTP transactions
0 data transactions