urlscan.io logo urlscan.io
SecurityTrails logo

portal.doitforme.eu Open in urlscan Pro
185.246.164.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payments.doitforme.eu/
Effective URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Submission: On August 04 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 131 HTTP transactions. The main IP is 185.246.164.157, located in Greece and belongs to FRIKTORIANET, GR. The main domain is portal.doitforme.eu.
TLS certificate: Issued by R11 on August 4th 2024. Valid for: 3 months.
This is the only time portal.doitforme.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 185.246.164.157 204932 (FRIKTORIANET)
30 185.246.164.101 204932 (FRIKTORIANET)
13 2607:f8b0:400... 15169 (GOOGLE)
4 108.138.106.126 16509 (AMAZON-02)
6 2a03:2880:f00... 32934 (FACEBOOK)
5 18.164.96.87 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 52.31.14.104 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
2 151.101.128.176 54113 (FASTLY)
2 8 185.246.164.117 204932 (FRIKTORIANET)
10 157.240.229.35 32934 (FACEBOOK)
4 142.251.174.139 15169 (GOOGLE)
2 157.240.229.1 32934 (FACEBOOK)
1 172.217.197.97 15169 (GOOGLE)
1 18.164.96.52 16509 (AMAZON-02)
131 17
18    185.246.164.157 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-157.volos.friktoria.net
payments.doitforme.eu
keymaker.doitforme.eu
portal.doitforme.eu
backend.portal.doitforme.eu
30    185.246.164.101 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-101.volos.friktoria.net
genius1071.friktoriaservers.net
13    2607:f8b0:400d:c0f::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
6    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
2    2607:f8b0:400d:c1d::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    52.31.14.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-14-104.eu-west-1.compute.amazonaws.com
content.hotjar.io
4    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
8    185.246.164.117 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-117.volos.friktoria.net
auth.doitforme.club
10    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
4    142.251.174.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f139.1e100.net
www.google-analytics.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    172.217.197.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f97.1e100.net
www.googletagmanager.com
1    18.164.96.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-52.jfk50.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
30 friktoriaservers.net
genius1071.friktoriaservers.net
192 KB
18 doitforme.eu
payments.doitforme.eu
keymaker.doitforme.eu
portal.doitforme.eu
backend.portal.doitforme.eu
2 MB
14 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
14 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
553 KB
9 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
68 KB
8 doitforme.club
auth.doitforme.club
2 KB
8 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
89 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
5 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
vc.hotjar.io — Cisco Umbrella Rank: 4716
912 B
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
154 KB
131 10
Domain Requested by
30 genius1071.friktoriaservers.net payments.doitforme.eu
genius1071.friktoriaservers.net
portal.doitforme.eu
14 www.facebook.com payments.doitforme.eu
portal.doitforme.eu
14 www.googletagmanager.com payments.doitforme.eu
www.googletagmanager.com
portal.doitforme.eu
8 auth.doitforme.club 2 redirects payments.doitforme.eu
portal.doitforme.eu
8 connect.facebook.net payments.doitforme.eu
connect.facebook.net
portal.doitforme.eu
6 portal.doitforme.eu payments.doitforme.eu
portal.doitforme.eu
6 www.google-analytics.com www.googletagmanager.com
6 payments.doitforme.eu payments.doitforme.eu
5 script.hotjar.com static.hotjar.com
script.hotjar.com
4 keymaker.doitforme.eu payments.doitforme.eu
portal.doitforme.eu
4 content.hotjar.io script.hotjar.com
4 static.hotjar.com payments.doitforme.eu
portal.doitforme.eu
2 backend.portal.doitforme.eu portal.doitforme.eu
2 js.stripe.com payments.doitforme.eu
1 vc.hotjar.io script.hotjar.com
131 15

This site contains no links.

Subject Issuer Validity Valid
payments.doitforme.eu
R10		 2024-08-04 -
2024-11-02		 3 months crt.sh
genius1071.friktoriaservers.net
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
keymaker.doitforme.eu
R11		 2024-08-04 -
2024-11-02		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
auth.doitforme.club
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
portal.doitforme.eu
R11		 2024-08-04 -
2024-11-02		 3 months crt.sh
backend.portal.doitforme.eu
R11		 2024-08-04 -
2024-11-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Frame ID: 8A7F517C3E3EAD85244D06970ABF893A
Requests: 124 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Doitforme

Page URL History Show full URLs

  1. https://payments.doitforme.eu/ Page URL
  2. https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redir... HTTP 302
    https://payments.doitforme.eu/ Page URL
  3. https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans Page URL
  4. https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redir... HTTP 302
    https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

131
Requests

85 %
HTTPS

25 %
IPv6

10
Domains

15
Subdomains

17
IPs

3
Countries

2940 kB
Transfer

12653 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments.doitforme.eu/ Page URL
  2. https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.eu%2F&state=ad12ab2c-b3a2-4041-8f9f-2331b7f8d64c&response_mode=fragment&response_type=code&scope=openid&nonce=40eb9f14-333c-47f6-b546-20fc0132cd23&prompt=none HTTP 302
    https://payments.doitforme.eu/ Page URL
  3. https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans Page URL
  4. https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&state=93c68a9f-7fb0-48b9-826f-21cf36f174b1&response_mode=fragment&response_type=code&scope=openid&nonce=2b4679c2-0280-488f-8888-f86cb4a41220&prompt=none HTTP 302
    https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.eu%2F&state=ad12ab2c-b3a2-4041-8f9f-2331b7f8d64c&response_mode=fragment&response_type=code&scope=openid&nonce=40eb9f14-333c-47f6-b546-20fc0132cd23&prompt=none HTTP 302
  • https://payments.doitforme.eu/

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
payments.doitforme.eu/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
9ed8e61b95c92efbf949b613d11456152bb90a7b7d865d856ebbc6bab8daae03
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
content-type
text/html
date
Sun, 04 Aug 2024 05:55:04 GMT
etag
W/"66a8d264-ea8"
last-modified
Tue, 30 Jul 2024 11:45:40 GMT
server
nginx
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		894 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Fri, 28 Jun 2024 13:14:05 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224B9AC76
etag
"952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
894
x-xss-protection
1; mode=block
Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		716 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 24 Apr 2023 10:10:57 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224C2B842
etag
"b163565e4f963cd1c3d1faceefb7344f"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
716
x-xss-protection
1; mode=block
Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		288 B
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Wed, 10 Apr 2024 09:54:35 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224D72F09
etag
"daa11ac56f8d8cb60c82865886a40994"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
288
x-xss-protection
1; mode=block
Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		308 B
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 24 Apr 2023 10:11:15 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22509B484
etag
"a0b96700998cbcda0ee7dc0b1e407b28"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 08 Apr 2024 13:42:09 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22427452E
etag
"d6fadc12ab885ed7ddc40509b30d635d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
3618
x-xss-protection
1; mode=block
Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Sat, 01 Apr 2023 15:56:27 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224256076
etag
"53dce1357e881b0c3956a8f8194c41be"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2069
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		315 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96180bcb213e14f5921b15a8688b1910a3b6f2be1da27f5f70d76283248b2fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFM3WL3YS9
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb5ed05fdc6c9d7ddcd6c838b3de8eadf8af3e158fda3ccec699aa12432ae19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103799
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
main.9cd5d309.js
payments.doitforme.eu/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/static/js/main.9cd5d309.js
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
dddd75a9368a5b2034556ea1b074d71448ed33de2592b134b969ba118a797fad
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Tue, 30 Jul 2024 11:46:00 GMT
server
nginx
etag
"66a8d278-17e29c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
1565340
hotjar-3900407.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3900407.js?sv=6
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
99fc522ef569bc839b78379a6aceddea45abebdb633eb7fb22c3b347f745cd7a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/992985318b4bb9ae96a0a9c6ddada7c3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0aSUKMk8aCW8bk0A1TVp5-YfbUMOmq8E7EsKvluON01SxLhzLIE1YA==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
iGDJPfhAmCcCL7701NMU50rXrhV44ZKzKp9pGkxLTpCZrdVpJ0sBUJv2DrT6VG9wYuQzmLxOaO1CqqymLREixg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56M53QV
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7b4457ac9260153c71ef79b5a941e6feba240a58af75f30411b33c6b08aceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73432
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 05:55:05 GMT
gtm.js
www.googletagmanager.com/ 		195 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K24GW87K
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51cdb7e9874a9a62dcd3c19b4be5b2e7386d63846a009aa9d301f1e38beaa850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70986
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 05:55:05 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3900407.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
401519
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
nNI9fuB_GYTzLo5p6e6Hu34HSvb7OSm2mtXNW2v8kLldU29Qs1CQlw==
860789219013684
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/860789219013684?v=2.9.164&r=stable&domain=payments.doitforme.eu&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0c3750500271ba0e2e8105fe618fc52852817c7fbe915b15ce3e363c92bba44
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=65, mss=1297, tbw=64375, tp=-1, tpl=-1, uplat=129, ullat=0
pragma
public
x-fb-debug
yB2x47Hxe5COUmf/o2qdOw2XgRlyRpsQBKW+E/ysTVeJ/6aXu39wo8nuRTqo8DH/aD4BOtkQ0T1I6y4094rWeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1959
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFM3WL3YS9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fb80a85a87bbb4dd17bacbf365eb33d7621ae27debc4bcc4a176b318ecbd839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103801
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VFM3WL3YS9&gtm=45je47v0v9178614702za200zb9123710920&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFM3WL3YS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3900407&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.14.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-14-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8b7f848ab47504464271f23b06078a0da4f8c3d55057a4b6add117b230266097

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 05:55:06 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&rl=&if=false&ts=1722750906084&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750905797&coo=false&rqm=GET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2831, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&rl=&if=false&ts=1722750906084&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750905797&coo=false&rqm=FGET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:06 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158801233631679", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=3149, tp=-1, tpl=-1, uplat=104, ullat=0
pragma
no-cache
x-fb-debug
IjhJc8eFG/pV8YrdTpgNhnMQnbgnTSYjG6Vaod7YxUIppXoh/ToEBoYxyJZTGq47K2m58rjOpxAl2nhwz2XyLw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158801233631679"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
getTranslations
keymaker.doitforme.eu/translations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://keymaker.doitforme.eu/translations/getTranslations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payments.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://payments.doitforme.eu
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
date
Sun, 04 Aug 2024 05:55:07 GMT
server
nginx
getTranslations
keymaker.doitforme.eu/translations/ 		0
0
v3
js.stripe.com/ 		634 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 05:55:07 GMT
via
1.1 varnish
age
4
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
157531
x-request-id
74a10504-d052-4a0b-9571-6c9a147a8b11
x-served-by
cache-yul1970051-YUL
last-modified
Fri, 02 Aug 2024 21:40:59 GMT
server
Fastly
etag
"377b7b7410510b02a0911f1ca8793557"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
keycloakProduction.json
payments.doitforme.eu/ 		192 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/keycloakProduction.json
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:07 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Tue, 30 Jul 2024 11:45:40 GMT
server
nginx
content-encoding
gzip
etag
W/"66a8d264-c0"
x-frame-options
SAMEORIGIN
content-type
application/json
/
payments.doitforme.eu/
Redirect Chain
  • https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.eu%2F&state=ad12ab2c-b3a2-4041-8f9f-2331b7f8d64c&res...
  • https://payments.doitforme.eu/
4 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
9ed8e61b95c92efbf949b613d11456152bb90a7b7d865d856ebbc6bab8daae03
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://payments.doitforme.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
content-type
text/html
date
Sun, 04 Aug 2024 05:55:04 GMT
etag
W/"66a8d264-ea8"
last-modified
Tue, 30 Jul 2024 11:45:40 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Sun, 04 Aug 2024 05:55:07 GMT
location
https://payments.doitforme.eu/#error=login_required&state=ad12ab2c-b3a2-4041-8f9f-2331b7f8d64c
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		894 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Fri, 28 Jun 2024 13:14:05 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224B9AC76
etag
"952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
894
x-xss-protection
1; mode=block
Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		716 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 24 Apr 2023 10:10:57 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224C2B842
etag
"b163565e4f963cd1c3d1faceefb7344f"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
716
x-xss-protection
1; mode=block
Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		288 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Wed, 10 Apr 2024 09:54:35 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224D72F09
etag
"daa11ac56f8d8cb60c82865886a40994"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
288
x-xss-protection
1; mode=block
Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		308 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 24 Apr 2023 10:11:15 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22509B484
etag
"a0b96700998cbcda0ee7dc0b1e407b28"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Mon, 08 Apr 2024 13:42:09 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22427452E
etag
"d6fadc12ab885ed7ddc40509b30d635d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
3618
x-xss-protection
1; mode=block
Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Sat, 01 Apr 2023 15:56:27 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224256076
etag
"53dce1357e881b0c3956a8f8194c41be"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2069
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		315 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96180bcb213e14f5921b15a8688b1910a3b6f2be1da27f5f70d76283248b2fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
js
www.googletagmanager.com/gtag/ 		306 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VFM3WL3YS9
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb5ed05fdc6c9d7ddcd6c838b3de8eadf8af3e158fda3ccec699aa12432ae19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103799
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
main.9cd5d309.js
payments.doitforme.eu/static/js/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/static/js/main.9cd5d309.js
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
dddd75a9368a5b2034556ea1b074d71448ed33de2592b134b969ba118a797fad
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Tue, 30 Jul 2024 11:46:00 GMT
server
nginx
etag
"66a8d278-17e29c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
1565340
hotjar-3900407.js
static.hotjar.com/c/ 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3900407.js?sv=6
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
99fc522ef569bc839b78379a6aceddea45abebdb633eb7fb22c3b347f745cd7a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/992985318b4bb9ae96a0a9c6ddada7c3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0aSUKMk8aCW8bk0A1TVp5-YfbUMOmq8E7EsKvluON01SxLhzLIE1YA==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
iGDJPfhAmCcCL7701NMU50rXrhV44ZKzKp9pGkxLTpCZrdVpJ0sBUJv2DrT6VG9wYuQzmLxOaO1CqqymLREixg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		203 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56M53QV
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7b4457ac9260153c71ef79b5a941e6feba240a58af75f30411b33c6b08aceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73432
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 05:55:05 GMT
gtm.js
www.googletagmanager.com/ 		195 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K24GW87K
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51cdb7e9874a9a62dcd3c19b4be5b2e7386d63846a009aa9d301f1e38beaa850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70986
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 05:55:05 GMT
getTranslations
keymaker.doitforme.eu/translations/ 		83 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://keymaker.doitforme.eu/translations/getTranslations
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 04 Aug 2024 05:55:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
nginx
etag
W/"14bb2-SwUpAe9Zr0ONWBvtc1eEZ01fYOU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://payments.doitforme.eu
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
v3
js.stripe.com/ 		634 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 05:55:07 GMT
via
1.1 varnish
age
4
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
157531
x-request-id
74a10504-d052-4a0b-9571-6c9a147a8b11
x-served-by
cache-yul1970051-YUL
last-modified
Fri, 02 Aug 2024 21:40:59 GMT
server
Fastly
etag
"377b7b7410510b02a0911f1ca8793557"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3900407.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
401519
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
nNI9fuB_GYTzLo5p6e6Hu34HSvb7OSm2mtXNW2v8kLldU29Qs1CQlw==
860789219013684
connect.facebook.net/signals/config/ 		70 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/860789219013684?v=2.9.164&r=stable&domain=payments.doitforme.eu&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0c3750500271ba0e2e8105fe618fc52852817c7fbe915b15ce3e363c92bba44
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=65, mss=1297, tbw=64375, tp=-1, tpl=-1, uplat=129, ullat=0
pragma
public
x-fb-debug
yB2x47Hxe5COUmf/o2qdOw2XgRlyRpsQBKW+E/ysTVeJ/6aXu39wo8nuRTqo8DH/aD4BOtkQ0T1I6y4094rWeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
keycloakProduction.json
payments.doitforme.eu/ 		192 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.doitforme.eu/keycloakProduction.json
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:07 GMT
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 11:45:40 GMT
server
nginx
content-encoding
gzip
etag
W/"66a8d264-c0"
x-frame-options
SAMEORIGIN
content-type
application/json
/
content.hotjar.io/ 		56 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3900407&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.14.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-14-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 05:55:08 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F%23error%3Dlogin_required%26state%3Dad12ab2c-b3a2-4041-8f9f-2331b7f8d64c&rl=&if=false&ts=1722750908208&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=GET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=10, mss=1297, tbw=6487, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F%23error%3Dlogin_required%26state%3Dad12ab2c-b3a2-4041-8f9f-2331b7f8d64c&rl=&if=false&ts=1722750908208&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=FGET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:08 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158810758064026", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1297, tbw=6656, tp=-1, tpl=-1, uplat=34, ullat=0
pragma
no-cache
x-fb-debug
q7XksXgoatSSZ9u54OPp1hz1jSxPk1EQL47BENNsUYRXOPplOeQH8f481xmx++Tg6snzQoq36IxZFIogPHcQIA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158810758064026"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&rl=&if=false&ts=1722750908242&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=GET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4407, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&rl=&if=false&ts=1722750908242&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=FGET
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:08 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158810622217404", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4727, tp=12, tpl=0, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
Bm8s+xoFE2OgoC9v0Leoi4k7foqMKLLOtn0V7vY2zvhqtdcOaJE1rwowv3o9klKXkTzv5Rqpt4IlZ17A1h91oA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158810622217404"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750908017&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=page_view&_ee=1&tfd=901
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VFM3WL3YS9&gtm=45je47v0v9178614702za200&_p=1722750908017&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=page_view&_ee=1&tfd=907
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFM3WL3YS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://payments.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://payments.doitforme.eu
access-control-max-age
3600
content-length
0
date
Sun, 04 Aug 2024 05:55:08 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		73 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://payments.doitforme.eu/
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
www-authenticate
Bearer realm="Doitforme", error="invalid_token", error_description="Token verification failed"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://payments.doitforme.eu
access-control-expose-headers
Access-Control-Allow-Methods
access-control-allow-credentials
true
content-length
73
x-xss-protection
1; mode=block
/
portal.doitforme.eu/el/auth/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Requested by
Host: payments.doitforme.eu
URL: https://payments.doitforme.eu/static/js/main.9cd5d309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
0d1ebc978d72520af683de81e95b29f976ec0c1f8e7e194737a55e84974fc4e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://payments.doitforme.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
content-type
text/html
date
Sun, 04 Aug 2024 05:55:08 GMT
etag
W/"662bd507-bcd"
last-modified
Fri, 26 Apr 2024 16:23:35 GMT
server
nginx
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://payments.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://payments.doitforme.eu
access-control-max-age
3600
content-length
0
date
Sun, 04 Aug 2024 05:55:08 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=&if=false&ts=1722750908272&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=8103, tp=17, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=860789219013684&ev=PageView&dl=https%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=&if=false&ts=1722750908272&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750908075&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:08 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158809015295418", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=26, mss=1232, tbw=8295, tp=19, tpl=0, uplat=34, ullat=0
pragma
no-cache
x-fb-debug
ESP70r1TWTr08ig+2GlSe/p+Rzy/ADcgAi0REFuyX+oGEn2ZZmdAnRbQS6tpwbWzX8tuLE6WeGHhKG/c+eQVZg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158809015295418"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo_light.svg
genius1071.friktoriaservers.net/doitforme/logo/ 		0
0
AllLight.svg
genius1071.friktoriaservers.net/doitforme/morning/app/icons/light/ 		0
0
Medium.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
Medium.woff
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		0
0
Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		894 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Fri, 28 Jun 2024 13:14:05 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224B9AC76
etag
"952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
894
x-xss-protection
1; mode=block
Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		716 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 24 Apr 2023 10:10:57 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224C2B842
etag
"b163565e4f963cd1c3d1faceefb7344f"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
716
x-xss-protection
1; mode=block
Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		288 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Wed, 10 Apr 2024 09:54:35 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224D72F09
etag
"daa11ac56f8d8cb60c82865886a40994"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
288
x-xss-protection
1; mode=block
Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		308 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 24 Apr 2023 10:11:15 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22509B484
etag
"a0b96700998cbcda0ee7dc0b1e407b28"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 08 Apr 2024 13:42:09 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22427452E
etag
"d6fadc12ab885ed7ddc40509b30d635d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
3618
x-xss-protection
1; mode=block
Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Sat, 01 Apr 2023 15:56:27 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224256076
etag
"53dce1357e881b0c3956a8f8194c41be"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2069
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		315 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96180bcb213e14f5921b15a8688b1910a3b6f2be1da27f5f70d76283248b2fd2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
gtm.js
www.googletagmanager.com/ 		203 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56M53QV
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7b4457ac9260153c71ef79b5a941e6feba240a58af75f30411b33c6b08aceb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
main.eb17a8ec.js
portal.doitforme.eu/static/js/ 		964 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
37f6c1de77281230c6218c7f6820fcf4a6ef6efa7527587e025ea0f2efc2e70a
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:09 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Fri, 26 Apr 2024 16:23:36 GMT
server
nginx
content-encoding
gzip
etag
W/"662bd508-f104e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
hotjar-3900391.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3900391.js?sv=6
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
0605d18d430188f2417e81a1f53e0fc4a1d4bc2e21ad51cf4947b5b1585d65f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/89b4ed4af3bf45b622643af3b340ebc8
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
vfDF3bbFIxH9CRjqxggYLCjzZTqs4w5diVNYhTcgRl5z0oX0W2fLug==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
iGDJPfhAmCcCL7701NMU50rXrhV44ZKzKp9pGkxLTpCZrdVpJ0sBUJv2DrT6VG9wYuQzmLxOaO1CqqymLREixg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
2477760679178459
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2477760679178459?v=2.9.164&r=stable&domain=portal.doitforme.eu&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
1c04b84801a9e74af302c8f24afd319615769af8f2aeafc2d51e2c98d94856af
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:09 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4359, tp=9, tpl=0, uplat=60, ullat=0
pragma
public
x-fb-debug
7cLm5HdH2+649NxvmEqax1zu0u+22+jXdFJD7EW20LnwZjxznscWyQhSBp0KV/xbOvSXlS9HR/TwYrXDxWlc9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		315 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56M53QV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b81329d9092b6378129952c3c1235912dcfa27273d67ab83cb55abd78c463e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106541
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:09 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920z89127055357za200zb9127055357&_p=1722750909066&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&dr=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme&en=page_view&tfd=866
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3900391.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
401519
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
nNI9fuB_GYTzLo5p6e6Hu34HSvb7OSm2mtXNW2v8kLldU29Qs1CQlw==
3900391
vc.hotjar.io/sessions/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3900391?s=0.25&r=0.23539114300934316
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-52.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 05:55:09 GMT
cache-control
no-store
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
tKnGlv6GN3hvgz-qTJ1mWBs9gbKYqbhcoRvRlzFTq9QDXiDfFtlRqQ==
x-cache
Miss from cloudfront
/
content.hotjar.io/ 		56 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3900391&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.14.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-14-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ac8daead8e4507f57212f7eb5e4bf7d6460978245f5d03d46dc9fab6f3ed2454

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 05:55:09 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=https%3A%2F%2Fpayments.doitforme.eu%2F&if=false&ts=1722750909224&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=other&cdl=API_unavailable&it=1722750909092&coo=false&rqm=GET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=28, mss=1232, tbw=10196, tp=24, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=https%3A%2F%2Fpayments.doitforme.eu%2F&if=false&ts=1722750909224&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=other&cdl=API_unavailable&it=1722750909092&coo=false&rqm=FGET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:09 GMT
document-policy
force-load-at-top
x-fb-server-load
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158815218654816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=28, mss=1232, tbw=10388, tp=26, tpl=0, uplat=47, ullat=0
pragma
no-cache
x-fb-debug
y6s8hoiwBSkm+5o3/NYULKgvr/a72iZhRsnsHzVWaPmGjQ/i8fX32zjB8rm8ssrsJRvIm1YsxPYHbWzfpZxrlA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158815218654816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
getTranslations
keymaker.doitforme.eu/translations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://keymaker.doitforme.eu/translations/getTranslations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://portal.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://portal.doitforme.eu
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
date
Sun, 04 Aug 2024 05:55:10 GMT
server
nginx
getTranslations
keymaker.doitforme.eu/translations/ 		0
0
keycloakProduction.json
portal.doitforme.eu/ 		192 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/keycloakProduction.json
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Fri, 26 Apr 2024 16:23:35 GMT
server
nginx
content-encoding
gzip
etag
W/"662bd507-c0"
x-frame-options
SAMEORIGIN
content-type
application/json
favicon.ico
genius1071.friktoriaservers.net/doitforme/logo/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/logo/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Wed, 20 Jul 2022 22:13:19 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D341A36343
etag
"7b120589dd07c56f9bf801d296c616fb"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
accept-ranges
bytes
content-length
9662
x-xss-protection
1; mode=block
Primary Request /
portal.doitforme.eu/el/auth/
Redirect Chain
  • https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpaymen...
  • https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
3 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
0d1ebc978d72520af683de81e95b29f976ec0c1f8e7e194737a55e84974fc4e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
content-type
text/html
date
Sun, 04 Aug 2024 05:55:08 GMT
etag
W/"662bd507-bcd"
last-modified
Fri, 26 Apr 2024 16:23:35 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Sun, 04 Aug 2024 05:55:10 GMT
location
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans#error=login_required&state=93c68a9f-7fb0-48b9-826f-21cf36f174b1
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		894 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Fri, 28 Jun 2024 13:14:05 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224B9AC76
etag
"952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
894
x-xss-protection
1; mode=block
Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		716 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 24 Apr 2023 10:10:57 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224C2B842
etag
"b163565e4f963cd1c3d1faceefb7344f"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
716
x-xss-protection
1; mode=block
Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		288 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Wed, 10 Apr 2024 09:54:35 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224D72F09
etag
"daa11ac56f8d8cb60c82865886a40994"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
288
x-xss-protection
1; mode=block
Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		308 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 24 Apr 2023 10:11:15 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22509B484
etag
"a0b96700998cbcda0ee7dc0b1e407b28"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		4 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Mon, 08 Apr 2024 13:42:09 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D22427452E
etag
"d6fadc12ab885ed7ddc40509b30d635d"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
3618
x-xss-protection
1; mode=block
Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Sat, 01 Apr 2023 15:56:27 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D224256076
etag
"53dce1357e881b0c3956a8f8194c41be"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2069
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		315 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96180bcb213e14f5921b15a8688b1910a3b6f2be1da27f5f70d76283248b2fd2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
gtm.js
www.googletagmanager.com/ 		203 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56M53QV
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7b4457ac9260153c71ef79b5a941e6feba240a58af75f30411b33c6b08aceb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:05 GMT
content-encoding
br
last-modified
Sun, 04 Aug 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 05:55:05 GMT
main.eb17a8ec.js
portal.doitforme.eu/static/js/ 		964 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
37f6c1de77281230c6218c7f6820fcf4a6ef6efa7527587e025ea0f2efc2e70a
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:09 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
last-modified
Fri, 26 Apr 2024 16:23:36 GMT
server
nginx
content-encoding
gzip
etag
W/"662bd508-f104e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
hotjar-3900391.js
static.hotjar.com/c/ 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3900391.js?sv=6
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
0605d18d430188f2417e81a1f53e0fc4a1d4bc2e21ad51cf4947b5b1585d65f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/89b4ed4af3bf45b622643af3b340ebc8
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
vfDF3bbFIxH9CRjqxggYLCjzZTqs4w5diVNYhTcgRl5z0oX0W2fLug==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 05:55:05 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
iGDJPfhAmCcCL7701NMU50rXrhV44ZKzKp9pGkxLTpCZrdVpJ0sBUJv2DrT6VG9wYuQzmLxOaO1CqqymLREixg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
getTranslations
keymaker.doitforme.eu/translations/ 		76 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://keymaker.doitforme.eu/translations/getTranslations
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
8950384864b172837571bd566c05d3021dace930890835d17a73713ef518efdf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
nginx
etag
W/"1305d-5R9A0ENy+qhvqZhO91dLWdL8JiA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.doitforme.eu
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3900391.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
401519
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
nNI9fuB_GYTzLo5p6e6Hu34HSvb7OSm2mtXNW2v8kLldU29Qs1CQlw==
2477760679178459
connect.facebook.net/signals/config/ 		76 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2477760679178459?v=2.9.164&r=stable&domain=portal.doitforme.eu&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
1c04b84801a9e74af302c8f24afd319615769af8f2aeafc2d51e2c98d94856af
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Aug 2024 05:55:09 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4359, tp=9, tpl=0, uplat=60, ullat=0
pragma
public
x-fb-debug
7cLm5HdH2+649NxvmEqax1zu0u+22+jXdFJD7EW20LnwZjxznscWyQhSBp0KV/xbOvSXlS9HR/TwYrXDxWlc9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
keycloakProduction.json
portal.doitforme.eu/ 		192 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.doitforme.eu/keycloakProduction.json
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
0840c1f2ca9a7e89c114d12b3ad161d143ba326af0f45d15f1b2db01c7fab0f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
content-security-policy
default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
x-content-type-options
nosniff
last-modified
Fri, 26 Apr 2024 16:23:35 GMT
server
nginx
content-encoding
gzip
etag
W/"662bd507-c0"
x-frame-options
SAMEORIGIN
content-type
application/json
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
16644183
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
MdEhsYmJBThuyaeP67Io2OACpoKIuFnlJreEAOCMnnvrao6ZDXFtgw==
/
content.hotjar.io/ 		56 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3900391&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.14.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-14-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6266621d3e2aadd5d81427f0e9cc27aed3e938a846f3d8a9bd7a91b6b8e3342c

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 05:55:10 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans%23error%3Dlogin_required%26state%3D93c68a9f-7fb0-48b9-826f-21cf36f174b1&rl=&if=false&ts=1722750910542&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750910484&coo=false&rqm=GET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=29, mss=1232, tbw=11412, tp=30, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans%23error%3Dlogin_required%26state%3D93c68a9f-7fb0-48b9-826f-21cf36f174b1&rl=&if=false&ts=1722750910542&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750910484&coo=false&rqm=FGET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:10 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158818024677494", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=29, mss=1232, tbw=11892, tp=36, tpl=0, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
K/uxGMnjHRYQuYluwOtJG08ohEN9tvaJVvYmiyem1Vubt0O7qm3VP/BmyWEA/zMXaCqbDprocf8yGMTDwaUnvw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158818024677494"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=&if=false&ts=1722750910560&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750910484&coo=false&rqm=GET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=29, mss=1232, tbw=11700, tp=34, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Aug 2024 05:55:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2477760679178459&ev=PageView&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&rl=&if=false&ts=1722750910560&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722750906082.980159902933383380&cs_est=true&ler=empty&cdl=API_unavailable&it=1722750910484&coo=false&rqm=FGET
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/el/auth/?redirectUri=https://payments.doitforme.eu/en/my-plans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 04 Aug 2024 05:55:10 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399158817677160470", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=29, mss=1232, tbw=12772, tp=37, tpl=0, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
euxDc1yCbnpHGonMOA+/zg3DA2hCgXYJCV5q9yAmGJfwefpRg9QvRa+rfxs62rbEnyWkjT1Jx/BclwrpV8NBzQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399158817677160470"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750910415&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&dt=Doitforme&en=page_view&_ee=1&tfd=371
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4WG5JZSC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 05:55:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.doitforme.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://portal.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://portal.doitforme.eu
access-control-max-age
3600
content-length
0
date
Sun, 04 Aug 2024 05:55:10 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		73 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
edaa61df2a34cbad85471a81963545e3c853a07f4191ae1ab9055055741a1374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://portal.doitforme.eu/
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
www-authenticate
Bearer realm="Doitforme", error="invalid_token", error_description="Token verification failed"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://portal.doitforme.eu
access-control-expose-headers
Access-Control-Allow-Methods
access-control-allow-credentials
true
content-length
73
x-xss-protection
1; mode=block
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0
userinfo
auth.doitforme.club/realms/Doitforme/protocol/openid-connect/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-117.volos.friktoria.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://portal.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
https://portal.doitforme.eu
access-control-max-age
3600
content-length
0
date
Sun, 04 Aug 2024 05:55:10 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
favicon.ico
genius1071.friktoriaservers.net/doitforme/logo/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/logo/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
094e3b7fb5de9e5db1386a4cbfc8220def9f619310ed840ef6f67deb0b43f222
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:10 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
last-modified
Wed, 20 Jul 2022 22:13:19 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D341A36343
etag
"7b120589dd07c56f9bf801d296c616fb"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
accept-ranges
bytes
content-length
9662
x-xss-protection
1; mode=block
logo_light.svg
genius1071.friktoriaservers.net/doitforme/logo/ 		0
0
AllLight.svg
genius1071.friktoriaservers.net/doitforme/morning/app/icons/light/ 		0
0
Medium.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		0
0
Medium.woff
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Medium.woff
Requested by
Host: genius1071.friktoriaservers.net
URL: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
200bdcc58f2f49c0602baf01b253b2162fc1bc7907426f77a8e3c5ef664187a7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Origin
https://portal.doitforme.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:11 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Jul 2022 23:11:19 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D3793A9381
etag
"8a1ecd5bbdbab4b2dd4dd09e8175e0e3"
vary
Origin, Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
73400
x-xss-protection
1; mode=block
getCountryByIp
backend.portal.doitforme.eu/users/ 		127 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.portal.doitforme.eu/users/getCountryByIp
Requested by
Host: portal.doitforme.eu
URL: https://portal.doitforme.eu/static/js/main.eb17a8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash
b6d76a5b7289623ee4dc42f9e2bce9c6df46c9e2268ef4233462fbc3b64730bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.doitforme.eu/
Authorization
false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:11 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
nginx
etag
W/"7f-dsL5fAEXQP4UEFtAi5AvARZDHlg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.doitforme.eu
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
getCountryByIp
backend.portal.doitforme.eu/users/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.portal.doitforme.eu/users/getCountryByIp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.157 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-157.volos.friktoria.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://portal.doitforme.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://portal.doitforme.eu
access-control-expose-headers
X-Xsrf-Token, X-Socket-Token
date
Sun, 04 Aug 2024 05:55:11 GMT
server
nginx
Password.svg
genius1071.friktoriaservers.net/doitforme/morning/app/erised/ 		176 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://genius1071.friktoriaservers.net/doitforme/morning/app/erised/Password.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.doitforme.eu/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:11 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=63072000
last-modified
Thu, 02 Feb 2023 08:52:15 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D3A990A26C
etag
"11bbd0044860255f7d0ee90ce705736c"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
234196
x-xss-protection
1; mode=block
Bold.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Bold.woff2
Requested by
Host: genius1071.friktoriaservers.net
URL: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
74d1477db313a7d036395dfede14eff9290592fa9f3b82919ce3fe432c800028
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Origin
https://portal.doitforme.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:11 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Jul 2022 23:11:21 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D3AA242BA6
etag
"bdaed2b7db4df7f979c759d79f5e9a4d"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
50264
x-xss-protection
1; mode=block
Light.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Light.woff2
Requested by
Host: genius1071.friktoriaservers.net
URL: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS
185-246-164-101.volos.friktoria.net
Software
nginx/1.18.0 /
Resource Hash
598e2fc9fce2cfbc04a35c6144c5f4848cc0280533e3404982b7d6c3d444b2e5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Origin
https://portal.doitforme.eu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 05:55:11 GMT
content-security-policy
block-all-mixed-content
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Jul 2022 23:11:47 GMT
server
nginx/1.18.0
x-amz-request-id
17E870D3AA1DF112
etag
"ab6668148c81732c14fab0bf0fc5a181"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
50640
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
keymaker.doitforme.eu
URL
https://keymaker.doitforme.eu/translations/getTranslations
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=scroll&epn.percent_scrolled=90&_et=14&tfd=4065
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=user_engagement&_et=2087&tfd=4065
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VFM3WL3YS9&gtm=45je47v0v9178614702za200zb9123710920&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=scroll&epn.percent_scrolled=90&_et=72&tfd=4072
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VFM3WL3YS9&gtm=45je47v0v9178614702za200zb9123710920&_p=1722750905562&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1722750905&sct=1&seg=0&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=user_engagement&_et=1951&tfd=4073
Domain
auth.doitforme.club
URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/logo/logo_light.svg
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/morning/app/icons/light/AllLight.svg
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Medium.woff2
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200&_p=1722750908017&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=scroll&epn.percent_scrolled=90&_et=22&tfd=1703
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VFM3WL3YS9&gtm=45je47v0v9178614702za200&_p=1722750908017&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme%20%7C%20Payments&en=scroll&epn.percent_scrolled=90&_et=13&tfd=1704
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Medium.woff
Domain
keymaker.doitforme.eu
URL
https://keymaker.doitforme.eu/translations/getTranslations
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200zb9127055357&_p=1722750909066&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&dr=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme&en=scroll&epn.percent_scrolled=90&_et=2&tfd=2124
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N4WG5JZSC7&gtm=45je47v0v9123710920za200zb9127055357&_p=1722750909066&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=617068526.1722750906&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1722750905&sct=1&seg=1&dl=https%3A%2F%2Fportal.doitforme.eu%2Fel%2Fauth%2F%3FredirectUri%3Dhttps%3A%2F%2Fpayments.doitforme.eu%2Fen%2Fmy-plans&dr=https%3A%2F%2Fpayments.doitforme.eu%2F&dt=Doitforme&en=user_engagement&_et=1254&tfd=2125
Domain
auth.doitforme.club
URL
https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/logo/logo_light.svg
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/morning/app/icons/light/AllLight.svg
Domain
genius1071.friktoriaservers.net
URL
https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Medium.woff2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings function| fbq function| _fbq function| gtag object| dataLayer function| _ object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

12 Cookies

Domain/Path Name / Value
auth.doitforme.club/realms/Doitforme/ Name: AUTH_SESSION_ID
Value: 310bc958-7659-4336-a312-bdc6a7b6f104
auth.doitforme.club/realms/Doitforme/ Name: AUTH_SESSION_ID_LEGACY
Value: 310bc958-7659-4336-a312-bdc6a7b6f104
.doitforme.eu/ Name: _ga
Value: GA1.1.617068526.1722750906
.doitforme.eu/ Name: _hjSessionUser_3900407
Value: eyJpZCI6IjI0NzE0ZDU4LTQwYjQtNWVhOC1iNzhjLTE4Y2ZjOGFmODY4MyIsImNyZWF0ZWQiOjE3MjI3NTA5MDYwMjEsImV4aXN0aW5nIjp0cnVlfQ==
.doitforme.eu/ Name: _hjSession_3900407
Value: eyJpZCI6IjMxNTJjY2JlLTE3MGItNDgwZC1hMDRkLTlkZjU1NTcxZmE0ZSIsImMiOjE3MjI3NTA5MDYwMjIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.doitforme.eu/ Name: _fbp
Value: fb.1.1722750906082.980159902933383380
.doitforme.eu/ Name: _ga_VFM3WL3YS9
Value: GS1.1.1722750905.1.1.1722750908.0.0.0
payments.doitforme.eu/ Name: menu_options
Value: {%22theme%22:%22light%22%2C%22lang%22:%22el%22%2C%22region%22:%22Greece%22}
.doitforme.eu/ Name: _hjSessionUser_3900391
Value: eyJpZCI6IjkyNjYxOGJiLTU1ZDItNWY4NS05YTdjLTk4YWYwODhmOGVlNCIsImNyZWF0ZWQiOjE3MjI3NTA5MDkyMDgsImV4aXN0aW5nIjp0cnVlfQ==
.doitforme.eu/ Name: _hjSession_3900391
Value: eyJpZCI6IjE4MmRjZTQ5LWZjMDMtNDE1My1iYTE1LTc1M2NlZDI2YzJkNyIsImMiOjE3MjI3NTA5MDkyMDksInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.doitforme.eu/ Name: _ga_N4WG5JZSC7
Value: GS1.1.1722750905.1.1.1722750910.0.0.0
portal.doitforme.eu/ Name: menu_options
Value: {%22theme%22:%22light%22%2C%22lang%22:%22en%22%2C%22region%22:%22Greece%22}

2 Console Messages

Source Level URL
Text
network error URL: https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://auth.doitforme.club/realms/Doitforme/protocol/openid-connect/userinfo
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' wss://ws.hotjar.com http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.doitforme.club
backend.portal.doitforme.eu
connect.facebook.net
content.hotjar.io
genius1071.friktoriaservers.net
js.stripe.com
keymaker.doitforme.eu
payments.doitforme.eu
portal.doitforme.eu
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
auth.doitforme.club
genius1071.friktoriaservers.net
keymaker.doitforme.eu
www.google-analytics.com
108.138.106.126
142.251.174.139
151.101.128.176
157.240.229.1
157.240.229.35
172.217.197.97
18.164.96.52
18.164.96.87
185.246.164.101
185.246.164.117
185.246.164.157
2607:f8b0:400d:c0f::61
2607:f8b0:400d:c1d::64
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
52.31.14.104
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
0605d18d430188f2417e81a1f53e0fc4a1d4bc2e21ad51cf4947b5b1585d65f4
0840c1f2ca9a7e89c114d12b3ad161d143ba326af0f45d15f1b2db01c7fab0f6
094e3b7fb5de9e5db1386a4cbfc8220def9f619310ed840ef6f67deb0b43f222
0d1ebc978d72520af683de81e95b29f976ec0c1f8e7e194737a55e84974fc4e5
1c04b84801a9e74af302c8f24afd319615769af8f2aeafc2d51e2c98d94856af
200bdcc58f2f49c0602baf01b253b2162fc1bc7907426f77a8e3c5ef664187a7
2fb80a85a87bbb4dd17bacbf365eb33d7621ae27debc4bcc4a176b318ecbd839
37f6c1de77281230c6218c7f6820fcf4a6ef6efa7527587e025ea0f2efc2e70a
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
51cdb7e9874a9a62dcd3c19b4be5b2e7386d63846a009aa9d301f1e38beaa850
598e2fc9fce2cfbc04a35c6144c5f4848cc0280533e3404982b7d6c3d444b2e5
6266621d3e2aadd5d81427f0e9cc27aed3e938a846f3d8a9bd7a91b6b8e3342c
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
74d1477db313a7d036395dfede14eff9290592fa9f3b82919ce3fe432c800028
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
8950384864b172837571bd566c05d3021dace930890835d17a73713ef518efdf
8b7f848ab47504464271f23b06078a0da4f8c3d55057a4b6add117b230266097
96180bcb213e14f5921b15a8688b1910a3b6f2be1da27f5f70d76283248b2fd2
99fc522ef569bc839b78379a6aceddea45abebdb633eb7fb22c3b347f745cd7a
9ed8e61b95c92efbf949b613d11456152bb90a7b7d865d856ebbc6bab8daae03
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8daead8e4507f57212f7eb5e4bf7d6460978245f5d03d46dc9fab6f3ed2454
b0c3750500271ba0e2e8105fe618fc52852817c7fbe915b15ce3e363c92bba44
b6d76a5b7289623ee4dc42f9e2bce9c6df46c9e2268ef4233462fbc3b64730bc
b81329d9092b6378129952c3c1235912dcfa27273d67ab83cb55abd78c463e49
ba7b4457ac9260153c71ef79b5a941e6feba240a58af75f30411b33c6b08aceb
bcb5ed05fdc6c9d7ddcd6c838b3de8eadf8af3e158fda3ccec699aa12432ae19
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
dddd75a9368a5b2034556ea1b074d71448ed33de2592b134b969ba118a797fad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
edaa61df2a34cbad85471a81963545e3c853a07f4191ae1ab9055055741a1374
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0