auth.doitforme.club Open in urlscan Pro
185.246.164.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth-clone.doitforme.club/
Effective URL:
https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Faut...
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2024, 12:53:05 am UTC) — Scanned from DE

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 185.246.164.117, located in Greece and belongs to FRIKTORIANET, GR. The main domain is auth.doitforme.club.
TLS certificate: Issued by R3 on May 26th 2024. Valid for: 3 months.

This is the only time auth.doitforme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	185.246.164.117 185.246.164.117	204932 (FRIKTORIANET) (FRIKTORIANET)
17	185.246.164.101 185.246.164.101	204932 (FRIKTORIANET) (FRIKTORIANET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
42	10

13 185.246.164.117 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-117.volos.friktoria.net

auth-clone.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keymaker.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.246.164.101 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-101.volos.friktoria.net

genius1071.friktoriaservers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	friktoriaservers.net genius1071.friktoriaservers.net	154 KB
13	doitforme.club auth-clone.doitforme.club keymaker.doitforme.club auth.doitforme.club	823 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	149 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641	61 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	48 KB
0	hotjar.com Failed static.hotjar.com Failed
42	8

	Domain	Requested by
17	genius1071.friktoriaservers.net	auth-clone.doitforme.club auth.doitforme.club genius1071.friktoriaservers.net
7	auth.doitforme.club	auth-clone.doitforme.club auth.doitforme.club
4	auth-clone.doitforme.club	auth-clone.doitforme.club
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	connect.facebook.net	auth-clone.doitforme.club connect.facebook.net
2	ajax.googleapis.com	auth.doitforme.club
2	keymaker.doitforme.club	auth-clone.doitforme.club
1	px4.ads.linkedin.com	auth-clone.doitforme.club
1	snap.licdn.com	auth-clone.doitforme.club
1	www.googletagmanager.com	auth-clone.doitforme.club
0	static.hotjar.com Failed	auth-clone.doitforme.club
42	11

This site contains links to these domains. Also see Links.

Domain
portal.doitforme.eu

Subject Issuer	Validity	Valid
adsnap.doitforme.club R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
genius1071.friktoriaservers.net R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-06` - `2024-08-04`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
keymaker.doitforme.club R11	`2024-07-05` - `2024-10-03`	3 months	crt.sh
auth.doitforme.club R3	`2024-05-26` - `2024-08-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none
Frame ID: 479DE2DDFB3ED162783F882186D45FEB
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Doitforme | Authentication errorClub

Page URL History Show full URLs

https://auth-clone.doitforme.club/ Page URL
https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_u... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

83 %
HTTPS

56 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1251 kB
Transfer

3677 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.doitforme.eu/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth-clone.doitforme.club/ Page URL
https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F&e_ipv6=AQIawg2sh6FR8QAAAZD205K9_oHJdr_jKsRDbUratBldZA9_UQbYO4igtDMsHH5ZNTOYkLs

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
auth-clone.doitforme.club/ 5 KB
2 KB 211ms
71ms Document
text/html 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

e9b71ee422f3743bff6f61530396636d22545b0fcee8553d5d863e7f06538623

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 28 Jul 2024 00:52:58 GMT
etag: W/"66a22157-1377"
last-modified: Thu, 25 Jul 2024 09:56:39 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: all

GET
H2 200 Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 894 B
1 KB 635ms
145ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Fri, 28 Jun 2024 13:14:05 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C99E227F
etag: "952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 894
x-xss-protection: 1; mode=block

GET
H2 200 Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 716 B
1 KB 634ms
144ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Mon, 24 Apr 2023 10:10:57 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C96F8863
etag: "b163565e4f963cd1c3d1faceefb7344f"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block

GET
H2 200 Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 288 B
713 B 573ms
84ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Wed, 10 Apr 2024 09:54:35 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C957981B
etag: "daa11ac56f8d8cb60c82865886a40994"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 288
x-xss-protection: 1; mode=block

GET
H2 200 Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 308 B
733 B 633ms
144ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Mon, 24 Apr 2023 10:11:15 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C96594B3
etag: "a0b96700998cbcda0ee7dc0b1e407b28"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 308
x-xss-protection: 1; mode=block

GET
H2 200 Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 4 KB
4 KB 572ms
83ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Mon, 08 Apr 2024 13:42:09 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C930A63C
etag: "d6fadc12ab885ed7ddc40509b30d635d"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3618
x-xss-protection: 1; mode=block

GET
H2 200 Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 2 KB
2 KB 632ms
143ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Sat, 01 Apr 2023 15:56:27 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C94CFE09
etag: "53dce1357e881b0c3956a8f8194c41be"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 2069
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 126 KB
48 KB 42ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10c5160b1153caa3c338636c69528d43e21343e0ab0605325f191183c6f86f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49161
x-xss-protection: 0
last-modified: Sun, 28 Jul 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jul 2024 00:52:59 GMT

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 main.a73460c7.js Show response
auth-clone.doitforme.club/static/js/ 3 MB
804 KB 71ms
70ms Script
application/javascript 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-clone.doitforme.club/static/js/main.a73460c7.js

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

ca83042499198cb81bb01df50e9316dcb91257c3fd74b02bb665d7f29e2a8ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 25 Jul 2024 09:57:08 GMT
server: nginx
etag: W/"66a22174-285b0d"
content-type: application/javascript
x-robots-tag: all

GET
H2 200 main.1eec203c.css
auth-clone.doitforme.club/static/css/ 3 KB
1 KB 67ms
67ms Stylesheet
text/css 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-clone.doitforme.club/static/css/main.1eec203c.css

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

7ff84329b4f2f29a39ac238329b5e7dcd5d499e2175cfbebe552b0f515460329

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 25 Jul 2024 09:59:04 GMT
server: nginx
etag: W/"66a221e8-af8"
content-type: text/css
x-robots-tag: all

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 41ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77dd1010819e0adfdffb9545cd993516e52e4bf712a2e7269b1183f8d70ca82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jul 2024 00:52:59 GMT
content-md5: yMGV08ARRQoiepjmNUN2QA==
document-policy: force-load-at-top
x-fb-server-load: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=64183, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: 43KUEWgSr3iolt+rtdGYlhK9+7ImCX3AKMuC0DOAXduKXVOGxirn2jrQgGmQR3vgBhsTQnCbl7EQx0/SqUbZsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 00bfed9950588e5c5e894bdd84d052dc
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "09e4e412ad572c320b30eed3a0d23366"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 28 Jul 2024 00:57:24 GMT

GET hotjar-.js
static.hotjar.com/c/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jul 2024 00:52:59 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: VLU6wi7VUMPwlAriLTCTaeEyjPDFwiy7Ozslsofq+Nkn67Hk4vR+x046X7Q2EwK9S7JwFlWGMOx74G7wOJjA0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 36ms
7ms Script
application/javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84689
accept-ranges: bytes
content-length: 14597

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
811 B 210ms
182ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8A409EE32EE04CE4A65A0E51230ECF46 Ref B: FRAEDGE1120 Ref C: 2024-07-28T00:52:59Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYeRCp02vu7oIMeUBwhaw==
x-fs-uuid: 00061e442a74dafbbba0831e501c216b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F&e_ipv6=AQIawg2sh6FR8QAAAZD205K9_oHJdr_jKsRDbUratBldZA9_UQbYO4igtDMsHH5Z...

0
265 B

228ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F&e_ipv6=AQIawg2sh6FR8QAAAZD205K9_oHJdr_jKsRDbUratBldZA9_UQbYO4igtDMsHH5ZNTOYkLs
Requested by: Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CF8A6216963248B3918B462856C9E574 Ref B: FRAEDGE1121 Ref C: 2024-07-28T00:52:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeRCp4nKqVTMQiHt9Lkw==

Redirect headers

date: Sun, 28 Jul 2024 00:52:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0E98C82EE6F5411E800698F6A574F65C Ref B: FRAEDGE1319 Ref C: 2024-07-28T00:52:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5711721&time=1722127979078&url=https%3A%2F%2Fauth-clone.doitforme.club%2F&e_ipv6=AQIawg2sh6FR8QAAAZD205K9_oHJdr_jKsRDbUratBldZA9_UQbYO4igtDMsHH5ZNTOYkLs
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeRCp1G8mQDUP/vNDNdw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 19ms
11ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0028982b1d1a692a5d5ab5f278082289

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

fd540f72f3f6a653b4d264a07caa80d392ab30ba2afac9626e089419fbd8136b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://auth-clone.doitforme.club/
Origin: https://auth-clone.doitforme.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jul 2024 00:52:59 GMT
content-md5: wK0GZn9kHapTQYeG6znfjA==
document-policy: force-load-at-top
x-fb-server-load: 46
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89084
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-ua-compatible: IE=edge
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4288, tp=9, tpl=0, uplat=4, ullat=-1
x-fb-debug: geqLLZX/+l0P6R5e/h7O6G5hRjm+8i7O1oPD//qGSeTlHijFfJHVyEM9HV0/iwDgR/AxykKwh0smfBECbEJ2fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2b38331a592db583dfa93fd0229c1c93
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f1831675ab070f4da1678800ceb02a10"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 27 Jul 2025 23:35:01 GMT

OPTIONS
H2 204 getTranslations
keymaker.doitforme.club/translations/ 0
0 206ms
64ms Preflight 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL: https://keymaker.doitforme.club/translations/getTranslations
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS: 185-246-164-117.volos.friktoria.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auth-clone.doitforme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://auth-clone.doitforme.club
access-control-expose-headers: X-Xsrf-Token, X-Socket-Token
date: Sun, 28 Jul 2024 00:52:59 GMT
server: nginx

POST
H2 200 getTranslations
keymaker.doitforme.club/translations/ 34 KB
0 168ms
167ms XHR
application/json 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://keymaker.doitforme.club/translations/getTranslations

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/static/js/main.a73460c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
server: nginx
etag: W/"35352-S/so6lVjQsukXHoMpgc8q8123ow"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth-clone.doitforme.club
access-control-expose-headers: X-Xsrf-Token, X-Socket-Token
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang

GET
H2 200 keycloakStaging.json
auth-clone.doitforme.club/ 187 B
341 B 67ms
66ms XHR
application/json 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-clone.doitforme.club/keycloakStaging.json

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/static/js/main.a73460c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 25 Jul 2024 09:56:40 GMT
server: nginx
etag: W/"66a22158-bb"
content-type: application/json
x-robots-tag: all

POST
H2 204 /
px.ads.linkedin.com/wa/ 0
201 B 182ms
181ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A3B4623A53924DE59739421B71D45A37 Ref B: FRAEDGE1319 Ref C: 2024-07-28T00:52:59Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://auth-clone.doitforme.club
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYeRCp8swXH0spV6QNeMg==

GET
H2 200 favicon.ico
genius1071.friktoriaservers.net/doitforme/logo/ 9 KB
10 KB 76ms
76ms Other
image/x-icon 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/logo/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Wed, 20 Jul 2022 22:13:19 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45F40C647F
etag: "7b120589dd07c56f9bf801d296c616fb"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/x-icon
accept-ranges: bytes
content-length: 9662
x-xss-protection: 1; mode=block

GET
H2 400 Primary Request auth Show response
auth.doitforme.club/realms/Club/protocol/openid-connect/ 8 KB
9 KB 244ms
103ms Document
text/html 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none

Requested by

Host: auth-clone.doitforme.club
URL: https://auth-clone.doitforme.club/static/js/main.a73460c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

899a13a7c71670ae3fad83fad5ad62ce1e730d482bed6c2b3bd1555d80e5e615

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth-clone.doitforme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-language: en
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Sun, 28 Jul 2024 00:52:59 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: auth.doitforme.club
URL: https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:50:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:09:46 GMT

GET
H2 200 authHelper.css
auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/ 31 B
337 B 76ms
70ms Stylesheet
text/css 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/authHelper.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

90004714cd977b897d87fb2d002510843b5e20d3550aea49eb1f8d5247abd06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H2 200 authGlobal.css
auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/ 11 KB
3 KB 78ms
72ms Stylesheet
text/css 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/authGlobal.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

976f5fb4262c50e45e760fa04572a80806d9f8b8cea9d5013bdb76bd075c7072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H2 200 helpers.js Show response
auth.doitforme.club/resources/tuhah/login/doitforme%20email/js/ 6 KB
2 KB 81ms
75ms Script
text/javascript 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/js/helpers.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

8ceb3555b36ea9208bc1194d3ca8c33ec17ae73727fa4ca97c854b5c4d217d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H2 404 /
auth.doitforme.club/resources/tuhah/login/doitforme%20email/ 0
0 78ms
72ms Script
application/json 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block

GET
H2 200 Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 894 B
0 1ms
1ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Fri, 28 Jun 2024 13:14:05 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C99E227F
etag: "952d6ab5a9b0cb2ddd8edfe5feafe12d"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 894
x-xss-protection: 1; mode=block

GET
H2 200 Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 716 B
0 2ms
2ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Mon, 24 Apr 2023 10:10:57 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C96F8863
etag: "b163565e4f963cd1c3d1faceefb7344f"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block

GET
H2 200 Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 288 B
0 2ms
2ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Wed, 10 Apr 2024 09:54:35 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C957981B
etag: "daa11ac56f8d8cb60c82865886a40994"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 288
x-xss-protection: 1; mode=block

GET
H2 200 Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 308 B
0 3ms
3ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Mon, 24 Apr 2023 10:11:15 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C96594B3
etag: "a0b96700998cbcda0ee7dc0b1e407b28"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 308
x-xss-protection: 1; mode=block

GET
H2 200 Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 4 KB
0 4ms
4ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Mon, 08 Apr 2024 13:42:09 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C930A63C
etag: "d6fadc12ab885ed7ddc40509b30d635d"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3618
x-xss-protection: 1; mode=block

GET
H2 200 Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 2 KB
0 4ms
4ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:52:58 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
last-modified: Sat, 01 Apr 2023 15:56:27 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A45C94CFE09
etag: "53dce1357e881b0c3956a8f8194c41be"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 2069
x-xss-protection: 1; mode=block

GET
H2 200 Error.svg
genius1071.friktoriaservers.net/doitforme/morning/app/helmsdeep/ 25 KB
26 KB 76ms
75ms Image
image/svg+xml 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/app/helmsdeep/Error.svg

Requested by

Host: auth.doitforme.club
URL: https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/authGlobal.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

37d676e48195051ce3446f5402337a88da946eaca6bc888742808c1b4d8b796e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Thu, 02 Feb 2023 10:41:24 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A460C071FC7
etag: "0b36fd2e219b8fd6e42db2f64db7c495"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 25975
x-xss-protection: 1; mode=block

GET
H2 200 Medium.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 50 KB
50 KB 228ms
78ms Font
application/octet-stream 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Medium.woff2

Requested by

Host: genius1071.friktoriaservers.net
URL: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ec9584d35fee757c3bf58103a022c17641f6872591b1fcfec99627220b4c20c6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Origin: https://auth.doitforme.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 20 Jul 2022 23:11:18 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A461508F837
etag: "3cb1542ad56eadf0aab8c1e241d0dc8d"
vary: Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 50716
x-xss-protection: 1; mode=block

GET
H2 200 Bold.woff2
genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/ 49 KB
50 KB 369ms
219ms Font
application/octet-stream 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/monica/fonts/ceraPro/Bold.woff2

Requested by

Host: genius1071.friktoriaservers.net
URL: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

74d1477db313a7d036395dfede14eff9290592fa9f3b82919ce3fe432c800028

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css
Origin: https://auth.doitforme.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 20 Jul 2022 23:11:21 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A46151431BD
etag: "bdaed2b7db4df7f979c759d79f5e9a4d"
vary: Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 50264
x-xss-protection: 1; mode=block

GET
H2 200 authLight.css
auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/ 627 B
590 B 72ms
72ms Stylesheet
text/css 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/authLight.css

Requested by

Host: auth.doitforme.club
URL: https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/js/helpers.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

c9995b5d71fe75b2591a249681384135ff308c8a694e2bd35a18708057b6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-robots-tag: all
x-xss-protection: 1; mode=block

GET
H2 200 logo_light.svg
genius1071.friktoriaservers.net/doitforme/logo/ 8 KB
9 KB 78ms
78ms Image
image/svg+xml 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://genius1071.friktoriaservers.net/doitforme/logo/logo_light.svg

Requested by

Host: auth.doitforme.club
URL: https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/css/authLight.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

358f0195a9916fa7f8c3c3b771b88144d280f4ab09f997a8eb8b9b33c8238398

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Wed, 20 Jul 2022 22:13:19 GMT
server: nginx/1.18.0
x-amz-request-id: 17E63A4610A6C0E0
etag: "4d311cc88738625f1ab3660064034089"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 8600
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
auth.doitforme.club/resources/tuhah/login/doitforme%20email/img/ 0
160 B 72ms
72ms Other
text/plain 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:53:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-length: 0
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-.js?sv=6

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-21 07:07:43	Name: bcookie Value: "v=2&3503fada-3eb1-4b55-82d8-d5eeb974142c"
.linkedin.com/	1970-01-21 02:41:19	Name: li_gc Value: MTswOzE3MjIxMjc5Nzk7MjswMjF2WMGg3GTv6lF2ibMf/hoLlM+qJ9SGmTic3ps12nsa5g==
.linkedin.com/	1970-01-20 22:23:34	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2929:u=1:x=1:i=1722127979:t=1722214379:v=2:sig=AQEoiofdpeCxq3IksO8uoVTj8SVfbqD5"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/ Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://auth.doitforme.club/realms/Club/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fauth-clone.doitforme.club%2F&state=a8f59c2f-4615-4435-a3ed-cd2974ce1a68&response_mode=fragment&response_type=code&scope=openid&nonce=b97052cb-6d0d-45e4-88b2-b91432258e2e&prompt=none Message: Refused to execute script from 'https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/' because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://auth.doitforme.club/resources/tuhah/login/doitforme%20email/img/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
auth-clone.doitforme.club
auth.doitforme.club
connect.facebook.net
genius1071.friktoriaservers.net
keymaker.doitforme.club
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.hotjar.com
www.googletagmanager.com
static.hotjar.com
www.googletagmanager.com
13.107.42.14
157.240.253.1
185.246.164.101
185.246.164.117
2620:1ec:21::14
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a02:26f0:480:15::213:7e63
2a03:2880:f084:105:face:b00c:0:3
05249e526bd0bd469ef0564938d5770705f9bcd0c5551edac0b4566ee01b4c31
10c5160b1153caa3c338636c69528d43e21343e0ab0605325f191183c6f86f85
358f0195a9916fa7f8c3c3b771b88144d280f4ab09f997a8eb8b9b33c8238398
37d676e48195051ce3446f5402337a88da946eaca6bc888742808c1b4d8b796e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
74d1477db313a7d036395dfede14eff9290592fa9f3b82919ce3fe432c800028
77dd1010819e0adfdffb9545cd993516e52e4bf712a2e7269b1183f8d70ca82f
7ff84329b4f2f29a39ac238329b5e7dcd5d499e2175cfbebe552b0f515460329
8588cc986974bbc5b7dd8a68bac032b3bfba33ae01c39569bbb2a5f81f36abde
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
899a13a7c71670ae3fad83fad5ad62ce1e730d482bed6c2b3bd1555d80e5e615
8ceb3555b36ea9208bc1194d3ca8c33ec17ae73727fa4ca97c854b5c4d217d08
90004714cd977b897d87fb2d002510843b5e20d3550aea49eb1f8d5247abd06e
976f5fb4262c50e45e760fa04572a80806d9f8b8cea9d5013bdb76bd075c7072
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
c9995b5d71fe75b2591a249681384135ff308c8a694e2bd35a18708057b6800e
ca83042499198cb81bb01df50e9316dcb91257c3fd74b02bb665d7f29e2a8ce7
d15e3b68bd7b8f53edd05a9c900b557fd823701453c7c9607aba0cfa81bc2d31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b71ee422f3743bff6f61530396636d22545b0fcee8553d5d863e7f06538623
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
ec9584d35fee757c3bf58103a022c17641f6872591b1fcfec99627220b4c20c6
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0
fd540f72f3f6a653b4d264a07caa80d392ab30ba2afac9626e089419fbd8136b

auth.doitforme.club Open in urlscan Pro 185.246.164.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

83 %HTTPS

56 %IPv6

8 Domains

11 Subdomains

10 IPs

3 Countries

1251 kBTransfer

3677 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth.doitforme.club Open in urlscan Pro
185.246.164.117 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

83 %
HTTPS

56 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1251 kB
Transfer

3677 kB
Size

3
Cookies

42 HTTP transactions
0 data transactions