auth.doitforme.club Open in urlscan Pro
185.246.164.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payments.doitforme.club/
Effective URL:
https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F...
Submission: On February 08 via automatic, source certstream-suspicious (February 8th 2023, 11:21:59 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 185.246.164.117, located in Greece and belongs to FRIKTORIANET, GR. The main domain is auth.doitforme.club.
TLS certificate: Issued by R3 on January 30th 2023. Valid for: 3 months.

This is the only time auth.doitforme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	185.246.164.117 185.246.164.117	204932 (FRIKTORIANET) (FRIKTORIANET)
6	185.246.164.101 185.246.164.101	204932 (FRIKTORIANET) (FRIKTORIANET)
12	2

6 185.246.164.117 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-117.volos.friktoria.net

payments.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keymaker.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.doitforme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.246.164.101 (Greece)

ASN204932 (FRIKTORIANET, GR)
PTR: 185-246-164-101.volos.friktoria.net

genius1071.friktoriaservers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	friktoriaservers.net genius1071.friktoriaservers.net	10 KB
6	doitforme.club payments.doitforme.club keymaker.doitforme.club auth.doitforme.club	171 KB
12	2

	Domain	Requested by
6	genius1071.friktoriaservers.net	payments.doitforme.club
3	payments.doitforme.club	payments.doitforme.club
2	keymaker.doitforme.club	payments.doitforme.club
1	auth.doitforme.club	payments.doitforme.club
12	4

This site contains no links.

Subject Issuer	Validity	Valid
akihiko.doitforme.club R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
genius1071.friktoriaservers.net R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
keymaker.doitforme.club R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
auth.doitforme.club R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.club%2F&state=218df1af-cc2a-4853-820f-5ded67177af0&response_mode=fragment&response_type=code&scope=openid&nonce=591fa075-879d-4e22-873c-adbe3782d71d&prompt=none
Frame ID: A523C4AAA5CC7787B81E4A7340805117
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

502 Bad Gateway

Page URL History Show full URLs

https://payments.doitforme.club/ Page URL
https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redi... Page URL

Page Statistics

12
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

181 kB
Transfer

577 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payments.doitforme.club/ Page URL
https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.club%2F&state=218df1af-cc2a-4853-820f-5ded67177af0&response_mode=fragment&response_type=code&scope=openid&nonce=591fa075-879d-4e22-873c-adbe3782d71d&prompt=none Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
payments.doitforme.club/ 1 KB
2 KB 197ms
53ms Document
text/html 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

c4d493b1dc82b6e44ec2febb6a3b51bd3b54290f798a59f6a095544100e7a27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1299
content-type: text/html
date: Wed, 08 Feb 2023 11:21:54 GMT
etag: "63beae86-513"
last-modified: Wed, 11 Jan 2023 12:41:42 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 Color_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 694 B
1 KB 375ms
60ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Color_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

d3d2f2ed4997f9c5f0cde7e19dc0c76897c6284888d06ad04ae6bb6c14ca9d0a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Tue, 20 Sep 2022 13:00:45 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587A9C2CB15
etag: "aa7e6b591a0b103808d56c70a2ff11bb"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 694
x-xss-protection: 1; mode=block

GET
H2 200 Shadow_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 716 B
1 KB 379ms
65ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Shadow_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Tue, 20 Sep 2022 13:00:49 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587A9F08A39
etag: "b163565e4f963cd1c3d1faceefb7344f"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 716
x-xss-protection: 1; mode=block

GET
H2 200 Normalise_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 288 B
713 B 418ms
105ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Normalise_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Mon, 06 Feb 2023 10:24:51 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587AA2CEF57
etag: "daa11ac56f8d8cb60c82865886a40994"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 288
x-xss-protection: 1; mode=block

GET
H2 200 Layout_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 306 B
730 B 417ms
104ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Layout_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

4181006292f9b5e0e400d43549af4e65414a6c4a979ffa9b7a7faa1c37f5afd6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Tue, 20 Sep 2022 13:00:47 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587AA1C02F4
etag: "3b973ac4b7761350a2516585c9a2e0da"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 306
x-xss-protection: 1; mode=block

GET
H2 200 Typography_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 3 KB
4 KB 417ms
105ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Typography_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

a3dd1b3f539780ef040248630ec53c8e666676c4125c9c22fd0aca01f69b5cd5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Tue, 24 Jan 2023 12:17:23 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587AA44FF19
etag: "02d0a5688432540dfe77acb7db41177c"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 3370
x-xss-protection: 1; mode=block

GET
H2 200 Adaptation_.css
genius1071.friktoriaservers.net/doitforme/morning/styles/constants/ 2 KB
2 KB 379ms
67ms Stylesheet
text/css 185.246.164.101
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://genius1071.friktoriaservers.net/doitforme/morning/styles/constants/Adaptation_.css

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.246.164.101 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-101.volos.friktoria.net

Software

nginx/1.18.0 /

Resource Hash

ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000
last-modified: Tue, 20 Sep 2022 13:00:52 GMT
server: nginx/1.18.0
x-amz-request-id: 1741D587A9FD04EB
etag: "53dce1357e881b0c3956a8f8194c41be"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 2069
x-xss-protection: 1; mode=block

GET
H2 200 main.3d136376.js Show response
payments.doitforme.club/static/js/ 567 KB
167 KB 63ms
63ms Script
application/javascript 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.doitforme.club/static/js/main.3d136376.js

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

cad529dd3697e3050d6c32cacfc3f3e41a08aa1decc551f793ba1cf6a3fb442d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.doitforme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 12:41:44 GMT
server: nginx
content-encoding: gzip
etag: W/"63beae88-8dd84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-robots-tag: none
x-xss-protection: 1; mode=block

POST
H2 403 getTranslations
keymaker.doitforme.club/translations/ 548 B
876 B 53ms
53ms XHR
text/html 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL: https://keymaker.doitforme.club/translations/getTranslations
Requested by: Host: payments.doitforme.club
URL: https://payments.doitforme.club/static/js/main.3d136376.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS: 185-246-164-117.volos.friktoria.net
Software: nginx /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://payments.doitforme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: https://payments.doitforme.club
access-control-expose-headers: X-Xsrf-Token, X-Socket-Token
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
content-length: 548

GET
H2 200 keycloakProduction.json
payments.doitforme.club/ 194 B
457 B 53ms
53ms XHR
application/json 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.doitforme.club/keycloakProduction.json

Requested by

Host: payments.doitforme.club
URL: https://payments.doitforme.club/static/js/main.3d136376.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),

Reverse DNS

185-246-164-117.volos.friktoria.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://payments.doitforme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:21:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 12:41:42 GMT
server: nginx
etag: "63beae86-c2"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-robots-tag: none
content-length: 194
x-xss-protection: 1; mode=block

OPTIONS
H2 204 getTranslations
keymaker.doitforme.club/translations/ 0
0 216ms
53ms Preflight 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL: https://keymaker.doitforme.club/translations/getTranslations
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS: 185-246-164-117.volos.friktoria.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.doitforme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Keep-Alive, Origin, X-Requested-With, Content-Type, Accept, X-Xsrf-Token, X-Socket-Token, Lang
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://payments.doitforme.club
access-control-expose-headers: X-Xsrf-Token, X-Socket-Token
date: Wed, 08 Feb 2023 11:21:55 GMT
server: nginx

GET
H2 502 Primary Request auth Show response
auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/ 552 B
620 B 242ms
54ms Document
text/html 185.246.164.117
FRIKTORIANET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.club%2F&state=218df1af-cc2a-4853-820f-5ded67177af0&response_mode=fragment&response_type=code&scope=openid&nonce=591fa075-879d-4e22-873c-adbe3782d71d&prompt=none
Requested by: Host: payments.doitforme.club
URL: https://payments.doitforme.club/static/js/main.3d136376.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.246.164.117 , Greece, ASN204932 (FRIKTORIANET, GR),
Reverse DNS: 185-246-164-117.volos.friktoria.net
Software: nginx /
Resource Hash: 5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e

Request headers

Referer: https://payments.doitforme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 552
content-type: text/html
date: Wed, 08 Feb 2023 11:21:55 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://keymaker.doitforme.club/translations/getTranslations Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://auth.doitforme.club/realms/Demo-Realm/protocol/openid-connect/auth?client_id=erised-web-app&redirect_uri=https%3A%2F%2Fpayments.doitforme.club%2F&state=218df1af-cc2a-4853-820f-5ded67177af0&response_mode=fragment&response_type=code&scope=openid&nonce=591fa075-879d-4e22-873c-adbe3782d71d&prompt=none Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.doitforme.club
genius1071.friktoriaservers.net
keymaker.doitforme.club
payments.doitforme.club
185.246.164.101
185.246.164.117
4181006292f9b5e0e400d43549af4e65414a6c4a979ffa9b7a7faa1c37f5afd6
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e
a3dd1b3f539780ef040248630ec53c8e666676c4125c9c22fd0aca01f69b5cd5
c4d493b1dc82b6e44ec2febb6a3b51bd3b54290f798a59f6a095544100e7a27d
c67532449d49837d42436a5e0b442ef4215035336e49296e876c408e01a9d04b
cad529dd3697e3050d6c32cacfc3f3e41a08aa1decc551f793ba1cf6a3fb442d
d3d2f2ed4997f9c5f0cde7e19dc0c76897c6284888d06ad04ae6bb6c14ca9d0a
ebb054977182bd3b97763037de546a544986d2fa091c96116071a396626285a3
ef7eb2182646707a5974fcbda501d3e5fb2d54798d2226c9038e09c171c9d5c0

auth.doitforme.club Open in urlscan Pro 185.246.164.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

75 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

2 IPs

1 Countries

181 kBTransfer

577 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

auth.doitforme.club Open in urlscan Pro
185.246.164.117 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

181 kB
Transfer

577 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions