auth-play.site Open in urlscan Pro
104.21.8.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://auth-play.site/
Effective URL:
https://auth-play.site/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 17 via api (December 17th 2023, 3:47:31 pm UTC) from IT — Scanned from IT

Summary HTTP 30 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 104.21.8.89, located in and belongs to CLOUDFLARENET, US. The main domain is auth-play.site.
TLS certificate: Issued by GTS CA 1P5 on December 17th 2023. Valid for: 3 months.

This is the only time auth-play.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.130.102 172.67.130.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.21.8.89 104.21.8.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
4	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1	104.17.62.50 104.17.62.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::ac43:8266	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
30	7

1 172.67.130.102 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth-play.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.21.8.89 (None, )

ASN13335 (CLOUDFLARENET, US)

auth-play.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

svgshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.62.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.faceit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8266 (United States)

ASN13335 (CLOUDFLARENET, US)

auth-play.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	auth-play.site 1 redirects auth-play.site	69 KB
10	svgshare.com svgshare.com — Cisco Umbrella Rank: 563234	12 KB
6	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364 imgur.com — Cisco Umbrella Rank: 5239	88 KB
3	gstatic.com fonts.gstatic.com	43 KB
1	faceit.com cdn.faceit.com — Cisco Umbrella Rank: 554094	70 KB
30	5

	Domain	Requested by
11	auth-play.site	1 redirects auth-play.site
10	svgshare.com	auth-play.site
4	i.imgur.com	auth-play.site
3	fonts.gstatic.com	auth-play.site
2	imgur.com	auth-play.site
1	cdn.faceit.com	auth-play.site
30	6

This site contains links to these domains. Also see Links.

Domain
ggbet-online.club
buff.market
cq-esports.com
skins.cash
support.faceit.com

Subject Issuer	Validity	Valid
auth-play.site GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
svgshare.com GTS CA 1D4	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth-play.site/
Frame ID: CB590E02C5C0F1851099B2C9C7A9D904
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FACEIT

Page URL History Show full URLs

http://auth-play.site/ HTTP 301
https://auth-play.site/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

30
Requests

100 %
HTTPS

13 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

282 kB
Transfer

719 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ggbet-online.club/ru/
Title: GO

Search URL Search Domain Scan URL

URL: https://buff.market/
Title: GO

Search URL Search Domain Scan URL

URL: https://cq-esports.com/
Title: GO

Search URL Search Domain Scan URL

URL: https://skins.cash/
Title: GO

Search URL Search Domain Scan URL

URL: https://support.faceit.com/
Title: Contact FACEIT Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://auth-play.site/ HTTP 301
https://auth-play.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
auth-play.site/
Redirect Chain

http://auth-play.site/
https://auth-play.site/

43 KB
10 KB

776ms
278ms

Document
text/html

104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83704df1a9d80d80-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfEjx%2BKl9sZHNrxmM7y1lyW%2F%2Bdy2ph4fjQeui1GlWeN4kjFdEqfFOJasfwEFUXPuVixEaKJGnLvQ24nyj5fuoW8cSAaNXog2rz8GAfCEQn1ztPIYLsJZ7YASHPrI90rmPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 83704dee0ec511bc-MRS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 17 Dec 2023 15:47:24 GMT
Expires: Sun, 17 Dec 2023 16:47:24 GMT
Location: https://auth-play.site/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmwJJTh2PQ%2F2GkhoKXiA0LuRK9BxrP%2FvtqBZpvDVmbSzQ%2FlrcMlZ4XOTs8QceLzn6Z4nALAHo0NepCOjhBP9yfN%2BgKZMDOEcWaCDYNEnF5BlK1TkWiyDkT%2BJmtxtSkRUfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
auth-play.site/FACEIT_files/ 43 KB
10 KB 993ms
992ms Stylesheet
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/FACEIT_files/style.css
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlGsmw6agqD56tVrLKepZKxP7ySA7gRAByjfQnwqBaiREtQLsv9x8OVN%2FMcqrzZUkUbJZzM4MxHBxQ9Ecj8%2FhWrRTz8FA5m2C8oado4EBQDZKR61ad8%2BaxqEf0gd0Jpg1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704df37cc70d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
auth-play.site/FACEIT_files/ 43 KB
10 KB 181ms
180ms Stylesheet
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/FACEIT_files/css2
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkG%2B4c14aOAzJDDAbOSn53SgBbFXXiYDmY372jDCC2QArjPoOULK%2FX5I6jL0Ids1LQtAbBqqy5w0ralJtPtiUwlmuKJpB4%2BmqrJ2UrqT6AgruabCVtNusQKwrWJK3vfUDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 83704df37cc90d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 1bdd3b5.js Show response
auth-play.site/ 43 KB
10 KB 1011ms
1010ms Script
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/1bdd3b5.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Cu6lGCVOPk%2BL3W9TSzNwjRWAlE9nV4lzxdFGRx2Us7GD9mlgWqa5fw%2Bm6u%2FSoeAjeDkDZZr3dw%2BDBG0J4TAUW%2B%2F0%2BNG3rZwDn2ipmxy2rfzow%2FJMPwUb8V%2BoJBY8jo65Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704df37ccb0d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 952301f.js Show response
auth-play.site/ 43 KB
10 KB 1012ms
1011ms Script
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/952301f.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rnw3FCc%2Fqe%2BEn0OiyyiIvGea2Xjkdw76ApViJvVImaYp30W4y68wQJ1PzInt%2Bm8uiQ22XFZ4Rpsn0mubFbF5Qoq7IUjfVZRrntwMe%2FgUWh9%2BjUOYC2FCU2l4zK9bBGVgTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704df37ccd0d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 c66d7b8.js Show response
auth-play.site/ 43 KB
10 KB 994ms
994ms Script
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/c66d7b8.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ku8tO47dBP6PyPgXafW9UbpijhfdQo%2BC27UsxzndtrU4OUfKN1Ty%2FrrFLfcwKh%2F%2B3j561Br7Rpu2oE4d9wdgJ%2Bd5EmzI8n%2Bz9EtUr8pId80x2jh8D0r7WyozRV7SFkdeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704df37ccf0d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 33cac06.js Show response
auth-play.site/ 43 KB
10 KB 616ms
616ms Script
text/html 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/33cac06.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJkn3hGfn58QOl%2Bue8sLHVRqaIWBus9YifvQ4Wg4cMkipOhHBmfUvwzJivO7PyDT02fyMieSrDiML2DRiO2u1qe%2FowsFlC5mWxKnhIXKIDTqKRHDZ9IkbAogBng%2F4jVO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704df37cd30d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 294c3a8.js
auth-play.site/ 107 KB
0 1011ms
1011ms Script
text/javascript 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/294c3a8.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60MCxA1EQtOlrXYWwnwhqlZTbCFAChdufndOty6uAd9S2AlqrGMCbjHPtwp1qwbL12fOtM0BcbBQ5jrWyHAKj1zDly9sstdSp%2FZbwyQnyGeQ%2BAVu9SDhmtRZPuCWDQw2Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 83704df37cd60d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 e2e35bc.js
auth-play.site/ 86 KB
0 1011ms
1010ms Script
text/javascript 104.21.8.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-play.site/e2e35bc.js
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 15:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5Ma8PKLmj46ne3AK19ywwGf14ooAz%2B85yhnlWZGLcWbg9vE41lRTVr%2B2h64qGiF8uMXSp55DbyNuzp9z9S1PNb7ICkKrpDd4fGFjMi3elMkebFNsY4xBSr17R3u0Ys0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 83704df37cd70d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 wUh.svg
svgshare.com/i/ 1 KB
901 B 642ms
641ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wUh.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 5e3b83bac722cd251c08c5191d719e55f552a14402f7a23b23f4978b629c0e69

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-3YU1MGMhnnbzvv2T09NmkY1XeJQ= sha256-XjuDuscizSUcCMUZHXGeVfVSoUQC96I7I/SXi2KcDmk=
content-type: image/svg+xml
x-cloud-trace-context: 28e9e59efed124fdc1f5c95de033758d
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wVC.svg
svgshare.com/i/ 959 B
653 B 720ms
719ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wVC.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: ef576999ef5aafb5ed8cc87ff86dfde50df18d6f9a28d3c72c3cea4634140ab6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-gxKzsZnAi9tYG1cAEN9ffcYg9Ro= sha256-71dpme9ar7XtjMh/+G395Q3xjW+aKNPHLDzqRjQUCrY=
content-type: image/svg+xml
x-cloud-trace-context: 53fc34f54e9835c7748e2486acb44978
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wUg.svg
svgshare.com/i/ 3 KB
770 B 635ms
634ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wUg.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 95541da075b2627ed7def0805c7317d8dcfaca84428ae6d009d6397aab92c6e3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-emnnt/wni0/Cqks1BvsV+75Hdzk= sha256-lVQdoHWyYn7X3vCAXHMX2Nz6yoRCiubQCdY5equSxuM=
content-type: image/svg+xml
x-cloud-trace-context: 219b68cf7821c8921e8d39ebe74cfcff
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wVh.svg
svgshare.com/i/ 1 KB
711 B 637ms
636ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wVh.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 3aefe7236ed8e47a13b3199c3f1e07e040ca826b99bcf7a9677c37194f0a5180

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-yzdrleYTInO82zKLEB3ilIaRLsw= sha256-Ou/nI27Y5HoTsxmcPx4H4EDKgmuZvPepZ3w3GU8KUYA=
content-type: image/svg+xml
x-cloud-trace-context: 23295ff0627a245343983ec0e82240ef
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wVt.svg
svgshare.com/i/ 2 KB
748 B 636ms
634ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wVt.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 36001262b3d0e983decd7c7f7af6f21fb7443c79585c1b62fe0bf8fea1e9bac2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-6usEJ0NAesIx+R97NP1daPnZaGU= sha256-NgASYrPQ6YPezXx/evbyH7dEPHlYXBti/gv4/qHpusI=
content-type: image/svg+xml
x-cloud-trace-context: fc42acdd590bef0feff7862f2b8d10ac
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wVP.svg
svgshare.com/i/ 7 KB
3 KB 1181ms
266ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wVP.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: ed37342cc2924ab69c693c4a3bf4ddfbea6126f41a23030953e14a9b5aadc6b8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:26 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-0jT0AmL7PWQe2+EZC1pnx15B3t4= sha256-7Tc0LMKSSracaTxKO/Td++phJvQaIwMJU+FKm1qtxrg=
content-type: image/svg+xml
x-cloud-trace-context: d134db721ca9eb38cca7a067f53a0f76
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wTy.svg
svgshare.com/i/ 661 B
590 B 1275ms
361ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wTy.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 22cee156479c1683dda08116410c9cc9fbeac5fc39c08c443bd9c737a526c9ab

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:26 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-31ZLsaywyK/4LELisihlvqjwHf0= sha256-Is7hVkecFoPdoIEWQQycyfvqxfw5wIxEO9nHN6Umyas=
content-type: image/svg+xml
x-cloud-trace-context: 48b611a9ed25d884366a02a324b623e8
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wVB.svg
svgshare.com/i/ 7 KB
3 KB 429ms
429ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wVB.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: a7b877257688ee35979d7de7648bf6ae4edf69f52240946dff629d8be37836cc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:26 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-nWsxe5sDsgxZR1g6NQNXSqxooCY= sha256-p7h3JXaI7jWXnX3nZIv2rk7fafUiQJRt/2Kdi+N4Nsw=
content-type: image/svg+xml
x-cloud-trace-context: 0d196a017c440b834046568e8a0d8c7f;o=1
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 qNHzUsg.jpeg
i.imgur.com/ 28 KB
28 KB 683ms
64ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qNHzUsg.jpeg

Requested by

Host: auth-play.site
URL: https://auth-play.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

efd5d9760ff0f68704deae2b3e3dea2362480f0d95ac2a7110df83daeee11549

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 3036386
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 28403
x-served-by: cache-iad-kjyo7100056-IAD, cache-fra-eddf8230124-FRA
last-modified: Sun, 13 Aug 2023 15:22:56 GMT
server: cat factory 1.0
x-timer: S1702828047.258324,VS0,VE2
etag: "cccf74dfe6bf506efe87e847cc296232"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: J4H8l77VEj7983z5S9CCZjUOpJ5Ju3hQRXyXsyanM-me53BJQwyYgg==
x-cache-hits: 51, 1

GET
H2 200 RtXKpew.jpeg
i.imgur.com/ 14 KB
14 KB 324ms
64ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/RtXKpew.jpeg

Requested by

Host: auth-play.site
URL: https://auth-play.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

da7aec69cdfb96b645b23da9302d01ff5e53aa5517730cb9c11313d9128fdeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 2343471
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 14000
x-served-by: cache-iad-kcgs7200094-IAD, cache-fra-eddf8230124-FRA
last-modified: Sun, 13 Aug 2023 15:24:54 GMT
server: cat factory 1.0
x-timer: S1702828047.258302,VS0,VE2
etag: "f508f4d69a6234c15fafd2ea7390abc3"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QjsJUN_adaFazh4SiXA3XPyow7JpzPXijUv5jNmDNOlc09OY-eHuoQ==
x-cache-hits: 1, 1

GET
H2 200 J5r6MP0.jpeg
i.imgur.com/ 25 KB
25 KB 399ms
148ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/J5r6MP0.jpeg

Requested by

Host: auth-play.site
URL: https://auth-play.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

23305fa9e4a550c35a1f438b95b2fb501b6ca99692a5404f4e431e9836cee1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 3305880
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 25141
x-served-by: cache-iad-kcgs7200067-IAD, cache-fra-eddf8230124-FRA
last-modified: Sun, 13 Aug 2023 15:25:33 GMT
server: cat factory 1.0
x-timer: S1702828047.258264,VS0,VE5
etag: "641599f0e669c2e07a70577064c8fe60"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ovhs4GiQ3LqhmNUHX0WvEkGXxGf0Lj1MSRd3IX3GAO5MMUXn1M4POg==
x-cache-hits: 7, 1

GET
H2 200 tM3Xbgj.jpeg
i.imgur.com/ 21 KB
21 KB 314ms
64ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/tM3Xbgj.jpeg

Requested by

Host: auth-play.site
URL: https://auth-play.site/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e44d7fe958301aaa22367fe7446cc30c1191a68f482ddf5bee0dc6897db22296

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 4072885
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 21096
x-served-by: cache-iad-kjyo7100089-IAD, cache-fra-eddf8230124-FRA
last-modified: Sun, 13 Aug 2023 15:26:11 GMT
server: cat factory 1.0
x-timer: S1702828047.258303,VS0,VE2
etag: "8ece64f1741ebdd9a9abc813983512ba"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MgJ6aBINGy1_XzGPretRbyamGAuPgJpNvpazB7cozUrite3ECi_XLw==
x-cache-hits: 69, 1

GET
H2 200 wTz.svg
svgshare.com/i/ 945 B
680 B 642ms
642ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wTz.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 427672bd72ef313536b7312e90a2f451421a78c3b159715aa6f4b80068696c8b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-35yeyi2GSggs99nH1UhA15/UNck= sha256-QnZyvXLvMTU2tzEukKL0UUIaeMOxWXFapvS4AGhpbIs=
content-type: image/svg+xml
x-cloud-trace-context: 6e862fd8f729a12cc6e4de6a0f67b119
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 wUh.svg
svgshare.com/i/ 1 KB
969 B 636ms
635ms Image
image/svg+xml 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svgshare.com/i/wUh.svg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 5e3b83bac722cd251c08c5191d719e55f552a14402f7a23b23f4978b629c0e69

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: gzip
server: Google Frontend
etag: sha1-3YU1MGMhnnbzvv2T09NmkY1XeJQ= sha256-XjuDuscizSUcCMUZHXGeVfVSoUQC96I7I/SXi2KcDmk=
content-type: image/svg+xml
x-cloud-trace-context: ebeec8796ec14dbc2715c2c3d11856f0
cache-control: public, max-age=315360000
link: <https://webmention.herokuapp.com/api/webmention>; rel="webmention"

GET
H2 200 world-map-min.jpg
cdn.faceit.com/assets/images/ 69 KB
70 KB 620ms
130ms Image
image/jpeg 104.17.62.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.faceit.com/assets/images/world-map-min.jpg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.62.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7226dfd40e6fefdc31db3d066808d9a6d707fff90fe4984a5f201a2a0eeec0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
cf-cache-status: HIT
x-amz-request-id: 4K2C55GEF9P9QX4R
age: 536826
cf-polished: origSize=89257
alt-svc: h3=":443"; ma=86400
content-length: 70992
x-amz-id-2: xudovcRftVorpNTVR1gxepDYrpWG3uOoC2ol0SPoZqTUMNb1pp+cT26Irb+GFUKYQIvleumu27k=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Sep 2018 14:00:41 GMT
server: cloudflare
etag: "6a65903c9f0e122b145f9d37753a8629"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83704e00c807374e-MXP
expires: Mon, 16 Dec 2024 15:47:27 GMT

GET
H2 200 1FKgxoh
imgur.com/ 0
0 474ms
72ms Image
text/html 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgur.com/1FKgxoh
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 NYj30ko
imgur.com/ 0
0 454ms
52ms Image
text/html 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgur.com/NYj30ko
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 404 ready-background.jpg
auth-play.site/img/ 535 B
535 B 178ms
177ms Image
text/html 2606:4700:3031::ac43:8266
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth-play.site/img/ready-background.jpg
Requested by: Host: auth-play.site
URL: https://auth-play.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8266 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36948e71d1048a445cb061f0c0ca9d4b37c4f7849ca99575f2997f67f7af54af

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://auth-play.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:47:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiTrLSYKZG17V85ReVfLwlmiM9y75PCya3Jw58VUW5wMx5qqaRGOPqhNXw18CiEJB5f9dsXNAXHasYpaKSKj0no2q1UnMy3ldCEfejKPoqjcpJKEEGAmFQppcp8noayHS9Eiye7aJpL2FbUzwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 83704dfdadca22b5-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v17/ 17 KB
17 KB 621ms
115ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2

Requested by

Host: auth-play.site
URL: https://auth-play.site/FACEIT_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-play.site/
Origin: https://auth-play.site
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:41:38 GMT
x-content-type-options: nosniff
age: 522349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17216
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:54:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 14:41:38 GMT

GET
H2 200 6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v17/ 17 KB
17 KB 668ms
163ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2

Requested by

Host: auth-play.site
URL: https://auth-play.site/FACEIT_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-play.site/
Origin: https://auth-play.site
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:32 GMT
x-content-type-options: nosniff
age: 456475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17164
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:59:32 GMT

GET
H2 200 6aez4K2oVqwIvtE2H68T.woff2
fonts.gstatic.com/s/play/v17/ 9 KB
10 KB 557ms
59ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtE2H68T.woff2

Requested by

Host: auth-play.site
URL: https://auth-play.site/FACEIT_files/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-play.site/
Origin: https://auth-play.site
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:43:24 GMT
x-content-type-options: nosniff
age: 191043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9248
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:43:24 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| openConnectPopup function| openTermsPopup function| disableBtn

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.faceit.com/	1970-01-20 17:00:29	Name: __cf_bm Value: zSrLWU1k2EY2UxQhP.dihpnH6fFRWhUCcPnIcHlBct0-1702828047-1-AfbjiDlwK5FaPi3XR/s8avYIwHmb5NAm0CV7P6mxiDo0684c0vV9EZJZoOhsaehjssazPduOkuTWQefS40tFvZUTBGkVofDTyhzsD8W5GVgH
			.faceit.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 4xscRET1YdhTgioeQnrHDuVs10UxR9NKoj57TjQwOpk-1702828047518-0-604800000

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth-play.site/294c3a8.js Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://auth-play.site/e2e35bc.js Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://auth-play.site/img/ready-background.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-play.site
cdn.faceit.com
fonts.gstatic.com
i.imgur.com
imgur.com
svgshare.com
104.17.62.50
104.21.8.89
146.75.116.193
172.67.130.102
199.232.192.193
216.239.36.21
216.58.206.35
2606:4700:3031::ac43:8266
22cee156479c1683dda08116410c9cc9fbeac5fc39c08c443bd9c737a526c9ab
23305fa9e4a550c35a1f438b95b2fb501b6ca99692a5404f4e431e9836cee1aa
36001262b3d0e983decd7c7f7af6f21fb7443c79585c1b62fe0bf8fea1e9bac2
36948e71d1048a445cb061f0c0ca9d4b37c4f7849ca99575f2997f67f7af54af
3aefe7236ed8e47a13b3199c3f1e07e040ca826b99bcf7a9677c37194f0a5180
427672bd72ef313536b7312e90a2f451421a78c3b159715aa6f4b80068696c8b
5e3b83bac722cd251c08c5191d719e55f552a14402f7a23b23f4978b629c0e69
5e7226dfd40e6fefdc31db3d066808d9a6d707fff90fe4984a5f201a2a0eeec0
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
8f752b81dc0a3aa29edaa55262ebc397a6c947b15c1965698656f6f94162a787
95541da075b2627ed7def0805c7317d8dcfaca84428ae6d009d6397aab92c6e3
a7b877257688ee35979d7de7648bf6ae4edf69f52240946dff629d8be37836cc
da7aec69cdfb96b645b23da9302d01ff5e53aa5517730cb9c11313d9128fdeed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44d7fe958301aaa22367fe7446cc30c1191a68f482ddf5bee0dc6897db22296
ed37342cc2924ab69c693c4a3bf4ddfbea6126f41a23030953e14a9b5aadc6b8
ef576999ef5aafb5ed8cc87ff86dfde50df18d6f9a28d3c72c3cea4634140ab6
efb6c48a309eff78b9b9e483f9dc6ede1f3191d536c30f7c3f4a82505ff5986e
efd5d9760ff0f68704deae2b3e3dea2362480f0d95ac2a7110df83daeee11549

auth-play.site Open in urlscan Pro 104.21.8.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

13 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

282 kBTransfer

719 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth-play.site Open in urlscan Pro
104.21.8.89 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

13 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

282 kB
Transfer

719 kB
Size

2
Cookies

30 HTTP transactions
0 data transactions