doitforme.llc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zvp9x3.tukulhebat7.click/vvy5ma
Effective URL:
https://doitforme.llc/
Submission: On July 11 via api (July 11th 2024, 3:40:42 pm UTC) from GB — Scanned from GB

Summary HTTP 75 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 75 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is doitforme.llc.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.

This is the only time doitforme.llc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.172.128.161 185.172.128.161	216309 (EVILEMPIR...) (EVILEMPIRE-AS)
1 1	198.49.23.145 198.49.23.145	53831 (SQUARESPACE) (SQUARESPACE)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a01:239:100:... 2a01:239:100:0:b19::53	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
75	12

2 185.172.128.161 (Russian Federation)

ASN216309 (EVILEMPIRE-AS, GB)

zvp9x3.tukulhebat7.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.49.23.145 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

difmlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

doitforme.llc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:239:100:0:b19::53 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

difm.s3-eu-central-2.ionoscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ionoscloud.com difm.s3-eu-central-2.ionoscloud.com Failed	823 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 p.clarity.ms — Cisco Umbrella Rank: 9560 c.clarity.ms — Cisco Umbrella Rank: 1823	28 KB
5	gstatic.com fonts.gstatic.com	39 KB
5	doitforme.llc doitforme.llc	253 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 331	173 KB
2	tukulhebat7.click zvp9x3.tukulhebat7.click	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	778 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	880 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2949
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	102 KB
1	difmlaw.com 1 redirects difmlaw.com	160 B
75	11

	Domain	Requested by
9	difm.s3-eu-central-2.ionoscloud.com	doitforme.llc
5	fonts.gstatic.com	fonts.googleapis.com
5	doitforme.llc	doitforme.llc
2	c.clarity.ms	1 redirects
2	p.clarity.ms	www.clarity.ms
2	www.clarity.ms	doitforme.llc www.clarity.ms
2	cdnjs.cloudflare.com	doitforme.llc cdnjs.cloudflare.com
2	zvp9x3.tukulhebat7.click
1	c.bing.com	1 redirects
1	fonts.googleapis.com	doitforme.llc
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	doitforme.llc
1	difmlaw.com	1 redirects
75	13

This site contains links to these domains. Also see Links.

Domain
harborgroupusa.com
omfundinggurus.com
www.mallyfinancial.com
worldmodelhunt.com
ahealthplace.com
laymanlitigation.com
bragsocial.com
kladiscope.com
getmedicalplan.com
onlinemedicalplans.com
wmhindia.com
aeroway.one
www.youtube.com
earthbyhumans.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
tukulhebat7.click R10	`2024-07-09` - `2024-10-07`	3 months	crt.sh
doitforme.llc WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
cmc.ionos.com GeoTrust TLS RSA CA G1	`2024-02-13` - `2024-08-14`	6 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://doitforme.llc/
Frame ID: E04FDF7784FC321E63FCB31EC0F4623D
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DO IT FOR ME LLC - Gateway to Innovation

Page URL History Show full URLs

http://zvp9x3.tukulhebat7.click/vvy5ma HTTP 307
https://zvp9x3.tukulhebat7.click/vvy5ma Page URL
http://difmlaw.com/hone7750773 HTTP 307
https://difmlaw.com/hone7750773 HTTP 302
https://doitforme.llc/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

75
Requests

37 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1423 kB
Transfer

3181 kB
Size

13
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://harborgroupusa.com/

Search URL Search Domain Scan URL

URL: https://omfundinggurus.com/

Search URL Search Domain Scan URL

URL: https://www.mallyfinancial.com/

Search URL Search Domain Scan URL

URL: https://worldmodelhunt.com/

Search URL Search Domain Scan URL

URL: https://ahealthplace.com/

Search URL Search Domain Scan URL

URL: https://laymanlitigation.com/

Search URL Search Domain Scan URL

URL: https://bragsocial.com/

Search URL Search Domain Scan URL

URL: https://kladiscope.com/

Search URL Search Domain Scan URL

URL: https://getmedicalplan.com/

Search URL Search Domain Scan URL

URL: https://onlinemedicalplans.com/

Search URL Search Domain Scan URL

URL: https://wmhindia.com/

Search URL Search Domain Scan URL

URL: https://aeroway.one/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@InfiniteLinux

Search URL Search Domain Scan URL

URL: https://earthbyhumans.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DIFM.LLC

Search URL Search Domain Scan URL

URL: https://www.instagram.com/difm.llc/

Search URL Search Domain Scan URL

URL: https://twitter.com/difm_llc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/doitforme/?originalSubdomain=in

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zvp9x3.tukulhebat7.click/vvy5ma HTTP 307
https://zvp9x3.tukulhebat7.click/vvy5ma Page URL
http://difmlaw.com/hone7750773 HTTP 307
https://difmlaw.com/hone7750773 HTTP 302
https://doitforme.llc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zvp9x3.tukulhebat7.click/vvy5ma HTTP 307
https://zvp9x3.tukulhebat7.click/vvy5ma

Request Chain 12

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&RedC=c.clarity.ms&MXFR=120A52FED34B666904754647D74B68A4 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&MUID=026CBA0CABD46F973BBFAEB5AA6F6ED8

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

vvy5ma
zvp9x3.tukulhebat7.click/
Redirect Chain

http://zvp9x3.tukulhebat7.click/vvy5ma
https://zvp9x3.tukulhebat7.click/vvy5ma

10 KB
4 KB

463ms
300ms

Document
text/html

185.172.128.161
EVILEMPIRE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zvp9x3.tukulhebat7.click/vvy5ma
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software: openresty / PHP/7.2.30
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Jul 2024 15:40:37 GMT
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.30

Redirect headers

Location: https://zvp9x3.tukulhebat7.click/vvy5ma
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

Primary Request / Show response
doitforme.llc/
Redirect Chain

http://difmlaw.com/hone7750773
https://difmlaw.com/hone7750773
https://doitforme.llc/

5 KB
2 KB

660ms
530ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doitforme.llc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43348e3f2b3c6f2e9f67a56d072d2ca936af841e12416008121d687b58632b71

Request headers

Referer: https://zvp9x3.tukulhebat7.click/vvy5ma
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a19e4a448fa6365-LHR
content-encoding: br
content-type: text/html
date: Thu, 11 Jul 2024 15:40:38 GMT
last-modified: Thu, 11 Jul 2024 11:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1nMPaeXAIIitcpB1fgpTlB5WjPJzYVPvF2vv6pZYECF9pq2W%2FjpqDP28O18zy%2FdwNmiAbk7O7mmdluHikAiBawuzedJXx05Dt4vEQV1QjuBsWqnncJfdGiwkeyv9OyCT4t3ddwFpQozQTGv7"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

age: 0
content-length: 0
date: Thu, 11 Jul 2024 15:40:38 GMT
location: https://doitforme.llc/
server: Squarespace
x-contextid: fKaNkLEQ/Jw7dQ52A

GET
H/1.1 404
Not Found favicon.ico
zvp9x3.tukulhebat7.click/ 552 B
363 B 137ms
137ms Other
text/html 185.172.128.161
EVILEMPIRE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zvp9x3.tukulhebat7.click/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://zvp9x3.tukulhebat7.click/vvy5ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 15:40:38 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 220ms
108ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: doitforme.llc
URL: https://doitforme.llc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 65385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wubuWam9SlzahFOfpZ%2Fh%2Fb4LtgMN4lNvlwq9hf66nzwvnPf0OvwtAkpO%2FgZG393B2iwmNs1%2FLeNZD0gURBGvanKGoTT6PMMKi7P5oSJNTVJEKmO7%2B4LH0vClbPbgpNhBTaQQOtWtRVwRyQi0eyXALgKJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a19e4a8acee419b-LHR
expires: Tue, 01 Jul 2025 15:40:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 292ms
71ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YNBW2JSEHX

Requested by

Host: doitforme.llc
URL: https://doitforme.llc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d918ff0e1fbee6ae115d7519de5ae991dfe1b465a085570c702710b9e3a16d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 15:40:39 GMT

GET
H3 200 index-7603e0e7.js Show response
doitforme.llc/assets/ 825 KB
234 KB 890ms
885ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doitforme.llc/assets/index-7603e0e7.js
Requested by: Host: doitforme.llc
URL: https://doitforme.llc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e9412835ca5d336b497c56485961eb3a1b6cf4a056e205526c5aa7f1bc9750

Request headers

Referer: https://doitforme.llc/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Jul 2024 11:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668fc045-ce20f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ey0zM6aafQEenbWUur0ViUrosCyYspZ8ydVhnQJTC8zegRSnfShPrQ1jqieVqhkxfIn%2FOy3CWxYS0npInCridx1kaRaTnvtG9cYoHl3F%2Ba7nOZM8QREOMJawUPwwb3jUNOQYzi23A6%2FzsJlo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a19e4a80e3c6365-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-1077f646.css
doitforme.llc/assets/ 67 KB
13 KB 577ms
571ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doitforme.llc/assets/index-1077f646.css
Requested by: Host: doitforme.llc
URL: https://doitforme.llc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1077f6465a75161d8ca0da58e81779dbd4782b3b4d539867e0ad222d80110cfa

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Jul 2024 11:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668fc045-10af5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqat6UM6Hj2YQHgQ511f5WXXECAi%2Bc9GxkYZcK3fBSMHpJ%2FYY5LID5rjF2nMrPLvUsg9O0Fpvjkt%2FTuvt%2F22PlHP0L7fgwiJEhm38mxXuOWw9a%2FtlH2g%2FxrmF7iOUhd5KJVz1fjZNfe2EDAn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a19e4a80e3f6365-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 k2obx6u7c0 Show response
www.clarity.ms/tag/ 655 B
1019 B 1459ms
246ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/k2obx6u7c0
Requested by: Host: doitforme.llc
URL: https://doitforme.llc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c53d3988a106c3bd19cdacf3176837c5424355bbdbfe20df62feae843ef1612

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 11 Jul 2024 15:40:40 GMT
x-azure-ref: 20240711T154040Z-r1d56846db99cl2vnp57e36a8g000000017000000000fhxu
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 655
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 264ms
60ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YNBW2JSEHX&gtm=45je4790v9172774047za200&_p=1720712439271&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1611319469.1720712439&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720712439&sct=1&seg=0&dl=https%3A%2F%2Fdoitforme.llc%2F&dt=Digital%20Solutions%20Agency%20for%20businesses%20%7C%20DO%20IT%20FOR%20ME%20LLC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1578&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNBW2JSEHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:40:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://doitforme.llc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
154 KB 189ms
40ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:39 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O84cdAGt0dSnJ17X2IqrCCahss7H4kH3viF7WH6TfiUPOxcdU6xqKk%2FQEj%2FRjmvBIFJHCfR4jAWCO8yxYj%2BHYpYYhJHiV%2BopKQg1pw9fVrQva4OAB0UlEWFidFk0J26fc5EQ3a2ro1%2FtI7rboKia%2Fc3i"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a19e4ab893f9472-LHR
expires: Tue, 01 Jul 2025 15:40:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
880 B 1339ms
137ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Requested by

Host: doitforme.llc
URL: https://doitforme.llc/assets/index-1077f646.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5db6ec967fd0dd1e8473af959f75dde8c347b9c5a77e2da6bf6657dab281c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 15:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:13:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 15:40:40 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 36ms
36ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/k2obx6u7c0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:40 GMT
content-encoding: br
last-modified: Thu, 23 May 2024 23:20:12 GMT
etag: W/"0x8DC7B7EE5574D78"
vary: Accept-Encoding
x-azure-ref: 20240711T154040Z-r1d56846db99cl2vnp57e36a8g000000017000000000fhyf
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0f01986d-701e-0001-40ae-cd7107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 457ms
174ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://doitforme.llc
Date: Thu, 11 Jul 2024 15:40:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&RedC=c.clarity.ms&MXFR=120A52FED34B666904754647D74B68A4
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&MUID=026CBA0CABD46F973BBFAEB5AA6F6ED8

42 B
443 B

48ms
47ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&MUID=026CBA0CABD46F973BBFAEB5AA6F6ED8
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:40:40 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:40:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B040A46DD1D34864A0E57E9E6355B0B5 Ref B: LON04EDGE0919 Ref C: 2024-07-11T15:40:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DC186B5E350B48A78530D6E7B075FB63&MUID=026CBA0CABD46F973BBFAEB5AA6F6ED8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 Blog-f197aca3.js Show response
doitforme.llc/assets/ 3 KB
2 KB 356ms
355ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doitforme.llc/assets/Blog-f197aca3.js
Requested by: Host: doitforme.llc
URL: https://doitforme.llc/assets/index-7603e0e7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eecdea0960a58c0ffd9b911e8603550209c56b395524851007d05fc5f8bd9044

Request headers

Referer: https://doitforme.llc/assets/index-7603e0e7.js
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Jul 2024 11:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668fc045-c42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GPeITY8IqsGj3JNs%2BHiW%2FREFCAy2JARMYilr%2FOylQRAV1Q6f74lofM4rQWZBqcTN256rlxwj0kf6akERkP5MguyLEs6HguAW5iD%2BPxjYejAi%2FiimvgUBJa87LOmOWXGUcfZFHzP5zHAGKbz%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a19e4b46f506365-LHR
alt-svc: h3=":443"; ma=86400

GET Logo-3-Light.png
difm.s3-eu-central-2.ionoscloud.com/statics/navbar/ 0
0

GET discoverimg.png
difm.s3-eu-central-2.ionoscloud.com/statics/discover/ 0
0

GET Web.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET App.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET Seo.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET Branding.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET Marketing.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET Resource.svg
difm.s3-eu-central-2.ionoscloud.com/statics/home/ 0
0

GET wmhus.png
difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/ 0
0

GET wmh%20india.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/ 0
0

GET a%20health%20place.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/ 0
0

GET om%20funding.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/ 0
0

GET Aeroway.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET A%20Health%20Place.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Earth%20by%20Humans.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET WMH%20India.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Arsenal.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Bell%20Processing%20Solutions.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Brag%20Social.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Get%20Medical%20Plan.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Kweesha.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Layman%20Litigation.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET The%20Edge%20Media.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET World%20Model%20Hunt.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Tick%20Try.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Maaya%20Laxmi.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Health%20Plan%20Broker.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Funderama.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Blue%20Coast%20Wellnesss%20Group.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Bizorbis.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Gyan%20Guru.png
difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/ 0
0

GET Loader-Small-Final.gif
difm.s3-eu-central-2.ionoscloud.com/statics/common/ 0
0

GET
H/1.1 200
OK Button%201.png
difm.s3-eu-central-2.ionoscloud.com/statics/common/ 101 KB
101 KB 284ms
76ms Image
image/png 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/common/Button%201.png

Requested by

Host: doitforme.llc
URL: https://doitforme.llc/assets/index-1077f646.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

8f66bfe7f177cb43317ab4d9a154cb67bc16434d7da5f532ebe774749f5d4b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Wed, 24 Apr 2024 05:57:16 GMT
server: CloudianS3
x-amz-request-id: 88f7b89a-681e-1ffe-9690-e8ebd335d946
etag: "01be0e8fb886394548009357f7eb7c0d"
x-amz-server-side-encryption: AES256
content-type: image/png
accept-ranges: bytes
content-length: 103322

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 297ms
78ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:10:05 GMT
x-content-type-options: nosniff
age: 192636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:10:05 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 279ms
60ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:01:45 GMT
x-content-type-options: nosniff
age: 193136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:01:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 286ms
67ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 03:04:16 GMT
x-content-type-options: nosniff
age: 45385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jul 2025 03:04:16 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 295ms
76ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:57:20 GMT
x-content-type-options: nosniff
age: 193401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:57:20 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 277ms
58ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://doitforme.llc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:47:37 GMT
x-content-type-options: nosniff
age: 193984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:47:37 GMT

GET
H/1.1 200
OK The%20Harbor%20Group.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/websites/ 134 KB
0 431ms
60ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/websites/The%20Harbor%20Group.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 08:54:05 GMT
server: CloudianS3
x-amz-request-id: 2d58e997-1389-1f4e-9187-e8ebd36f5e1e
etag: "e8c2372e1b904294dc4653362459ce03"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 149927

GET hero2.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 0
0

GET
H/1.1 200
OK Mally%20Financial.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/websites/ 127 KB
128 KB 400ms
66ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/websites/Mally%20Financial.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

589290633ec941e8fa20bc69a373b057f7c7e9cc9204450a5f059abd8a8ca2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 08:54:05 GMT
server: CloudianS3
x-amz-request-id: 8a3083e9-4f96-1f71-aeae-e8ebd36f6a7e
etag: "9709de70b10c95a6ca2c3773b64eb493"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 130166

GET
H/1.1 200
OK hero3.png
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 478 KB
0 260ms
57ms Image
image/png 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero3.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:42 GMT
server: CloudianS3
x-amz-request-id: e250d2ad-1b9a-1f1d-8811-e8ebd335da0e
etag: "d48f9fa43c162822dbcf4dd6967537f8"
x-amz-server-side-encryption: AES256
content-type: image/png
accept-ranges: bytes
content-length: 676358

GET
H/1.1 200
OK hero5.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 173 KB
173 KB 277ms
78ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero5.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

34d8cc2625a35e91956971f112da1be59a4221b6bc9faf2bbd462b4789f033d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:44 GMT
server: CloudianS3
x-amz-request-id: afc60278-e068-1f2e-b8e5-e8ebd335d576
etag: "ae4cf8a7a5a0c42ee3e8e20429f04d6c"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 177108

GET
H/1.1 200
OK hero6.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 197 KB
197 KB 277ms
79ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero6.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

b84c26838ab2712026a2e4e158c511282a302e08ff68c6254e5c8824d8c6ced2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:44 GMT
server: CloudianS3
x-amz-request-id: 5500516b-2f57-1fd7-8590-e8ebd3298fb8
etag: "7750d38407683eb3cbfb5734f20633a1"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 201435

GET
H/1.1 200
OK hero7.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 143 KB
0 430ms
62ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero7.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:45 GMT
server: CloudianS3
x-amz-request-id: 3bdb9ab8-b9ad-1fbe-ba70-e8ebd335d9d6
etag: "bb8cd7069a0a5afe5f36a3bb4ad2e070"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 148702

GET
H/1.1 200
OK hero8.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 26 KB
0 470ms
69ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero8.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:45 GMT
server: CloudianS3
x-amz-request-id: 1a72361d-1144-1f7f-bfc3-e8ebd36f692e
etag: "e164655ab14d1f5fdb8690ae2ea32418"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 178601

GET
H/1.1 200
OK hero9.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 223 KB
224 KB 283ms
83ms Image
image/jpeg 2a01:239:100:0:b19::53
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero9.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:239:100:0:b19::53 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

CloudianS3 /

Resource Hash

9d4a9d6df28d52ee3ee7dca75ac9dce7169a6f98c6c804f1a724f0d86cee4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
x-content-type-options: nosniff
origin: https://dcd.ionos.com
last-modified: Tue, 23 Apr 2024 10:27:45 GMT
server: CloudianS3
x-amz-request-id: 88f7b89c-681e-1ffe-9690-e8ebd335d946
etag: "ce35207877889a47b29a23a17d02c748"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
accept-ranges: bytes
content-length: 228697

GET hero10.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 0
0

GET hero4.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 0
0

GET hero12.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 0
0

GET hero1.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/ 0
0

GET Infinite%20Linux.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/websites/ 0
0

GET Earth%20by%20Humans.jpg
difm.s3-eu-central-2.ionoscloud.com/statics/websites/ 0
0

GET Favicon-2.png
difm.s3-eu-central-2.ionoscloud.com/statics/navbar/ 0
0

GET
H3 200 latestblog Show response
doitforme.llc/api/blog/ 5 KB
2 KB 152ms
150ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://doitforme.llc/api/blog/latestblog
Requested by: Host: doitforme.llc
URL: https://doitforme.llc/assets/index-7603e0e7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8c0c3452a0c1378480ec2b2474ec39bd207d1ddb4cd3a20c44afcb0856b4657f

Request headers

Accept: application/json, text/plain, */*
Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:40:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"12f6-9vdJCVWS6RkPZpgCIabsuciLS/U"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BryqWL%2BGywMErfSZguRS8miFwDmGfExBkG4PCOErzKlBMMYh%2FvpVJQl37yZSVMGFs2tKtFBZGqSzKhJ5gqi5AwCzSicZ0V%2BrF9viBWk7hqCPUH9l5mPso3R1tDviLWgK0khRfbP8YaCaMWsg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8a19e4b6aa5f6365-LHR
alt-svc: h3=":443"; ma=86400

GET How+to+Optimize+Your+Website+for+Maximum+Conversions+(1).jpg
difm.s3-eu-central-2.ionoscloud.com/blogs/ 0
0

GET What+is+an+Internship+and+why+is+it+Important+for+Students.jpg
difm.s3-eu-central-2.ionoscloud.com/blogs/ 0
0

GET Personal+Brand.jpeg
difm.s3-eu-central-2.ionoscloud.com/blogs/ 0
0

GET Boost+Your+Bottom+Line+with+Latest+Web+Tech+Innovations.jpg
difm.s3-eu-central-2.ionoscloud.com/blogs/ 0
0

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 196ms
190ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://doitforme.llc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://doitforme.llc
Date: Thu, 11 Jul 2024 15:40:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/navbar/Logo-3-Light.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/discover/discoverimg.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/Web.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/App.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/Seo.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/Branding.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/Marketing.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/Resource.svg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/wmhus.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/wmh%20india.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/a%20health%20place.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/portfolio/om%20funding.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Aeroway.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/A%20Health%20Place.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Earth%20by%20Humans.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/WMH%20India.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Arsenal.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Bell%20Processing%20Solutions.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Brag%20Social.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Get%20Medical%20Plan.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Kweesha.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Layman%20Litigation.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/The%20Edge%20Media.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/World%20Model%20Hunt.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Tick%20Try.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Maaya%20Laxmi.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Health%20Plan%20Broker.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Funderama.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Blue%20Coast%20Wellnesss%20Group.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Bizorbis.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/logospartner/Gyan%20Guru.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/common/Loader-Small-Final.gif

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero2.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero10.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero4.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero12.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/home/hero/hero1.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/websites/Infinite%20Linux.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/websites/Earth%20by%20Humans.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/statics/navbar/Favicon-2.png

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/blogs/How+to+Optimize+Your+Website+for+Maximum+Conversions+(1).jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/blogs/What+is+an+Internship+and+why+is+it+Important+for+Students.jpg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/blogs/Personal+Brand.jpeg

Domain: difm.s3-eu-central-2.ionoscloud.com
URL: https://difm.s3-eu-central-2.ionoscloud.com/blogs/Boost+Your+Bottom+Line+with+Latest+Web+Tech+Innovations.jpg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
difmlaw.com/	1969-12-31 23:59:59	Name: crumb Value: BU7IC4Ge2KxjNWMwOGVjYmFjMzFjMTIxM2Y2ODg2YzFiMWFkZjNj
.doitforme.llc/	1970-01-21 07:34:32	Name: _ga Value: GA1.1.1611319469.1720712439
.doitforme.llc/	1970-01-21 07:34:32	Name: _ga_YNBW2JSEHX Value: GS1.1.1720712439.1.0.1720712439.0.0.0
www.clarity.ms/	1970-01-21 06:44:08	Name: CLID Value: 52692b7febd3481a8f05df4524dcc3df.20240711.20250711
.doitforme.llc/	1970-01-21 06:44:08	Name: _clck Value: 1o6xylm%7C2%7Cfnd%7C0%7C1653
.doitforme.llc/	1970-01-20 21:59:58	Name: _clsk Value: 17b32km%7C1720712441353%7C1%7C1%7Cp.clarity.ms%2Fcollect
.bing.com/	1970-01-21 07:20:08	Name: MUID Value: 026CBA0CABD46F973BBFAEB5AA6F6ED8
.c.bing.com/	1970-01-20 22:08:37	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:20:08	Name: SRM_B Value: 026CBA0CABD46F973BBFAEB5AA6F6ED8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:20:08	Name: MUID Value: 026CBA0CABD46F973BBFAEB5AA6F6ED8
.c.clarity.ms/	1970-01-20 22:08:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:58:33	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://zvp9x3.tukulhebat7.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
difm.s3-eu-central-2.ionoscloud.com
difmlaw.com
doitforme.llc
fonts.googleapis.com
fonts.gstatic.com
p.clarity.ms
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
zvp9x3.tukulhebat7.click
difm.s3-eu-central-2.ionoscloud.com
13.74.129.1
185.172.128.161
198.49.23.145
20.122.63.128
2001:4860:4802:34::36
2606:4700::6811:190e
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a01:239:100:0:b19::53
2a06:98c1:3120::3
1077f6465a75161d8ca0da58e81779dbd4782b3b4d539867e0ad222d80110cfa
25e9412835ca5d336b497c56485961eb3a1b6cf4a056e205526c5aa7f1bc9750
34d8cc2625a35e91956971f112da1be59a4221b6bc9faf2bbd462b4789f033d5
43348e3f2b3c6f2e9f67a56d072d2ca936af841e12416008121d687b58632b71
589290633ec941e8fa20bc69a373b057f7c7e9cc9204450a5f059abd8a8ca2cf
5db6ec967fd0dd1e8473af959f75dde8c347b9c5a77e2da6bf6657dab281c4f6
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6c53d3988a106c3bd19cdacf3176837c5424355bbdbfe20df62feae843ef1612
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c0c3452a0c1378480ec2b2474ec39bd207d1ddb4cd3a20c44afcb0856b4657f
8d918ff0e1fbee6ae115d7519de5ae991dfe1b465a085570c702710b9e3a16d7
8f66bfe7f177cb43317ab4d9a154cb67bc16434d7da5f532ebe774749f5d4b3d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d4a9d6df28d52ee3ee7dca75ac9dce7169a6f98c6c804f1a724f0d86cee4592
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
b84c26838ab2712026a2e4e158c511282a302e08ff68c6254e5c8824d8c6ced2
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eecdea0960a58c0ffd9b911e8603550209c56b395524851007d05fc5f8bd9044
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

doitforme.llc Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

37 %HTTPS

69 %IPv6

11 Domains

13 Subdomains

12 IPs

4 Countries

1423 kBTransfer

3181 kBSize

13 Cookies

18 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

doitforme.llc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

37 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1423 kB
Transfer

3181 kB
Size

13
Cookies

75 HTTP transactions
0 data transactions