| GET fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap |  142.250.178.42 | 200 OK | 4.2 kB |
URL GET fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap IP142.250.178.42:443
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7 ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT
Hashc6115ebf760962021133067fdf3a78a1 591d5bd7ccbcf60ce191b13993c3b5295108befb 6cbdc009197e1afacfbc903823a6557d3b34b86d9d6bb6c3594184fde99e35d2
GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://faceit.showmatch-join.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Apr 2025 22:39:24 GMT
date: Mon, 07 Apr 2025 22:39:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| GET faceit.showmatch-join.com/8pfr90s8fxcd.js |  212.87.222.250 | 200 OK | 366 kB |
URL GET faceit.showmatch-join.com/8pfr90s8fxcd.js IP212.87.222.250:443 ASN#214238 Host Telecom Ltd
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerLet's Encrypt Subjectfaceit.showmatch-join.com FingerprintD4:DE:CE:68:7F:03:1B:ED:6E:15:DC:C7:78:26:C1:0E:F9:F1:8B:3F ValiditySun, 06 Apr 2025 22:29:52 GMT - Sat, 05 Jul 2025 22:29:51 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size366 kB (366391 bytes) Hash0545fd3e7fcb2cb8abc809545a572a4b 0e0b7f7bbd208ba50d6b3e903d3d15fafac90bce 526dc1e827546c98ea77d1d85535b32d6d60d88393114f647d53ece9f2edd546
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /8pfr90s8fxcd.js HTTP/1.1
Host: faceit.showmatch-join.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://faceit.showmatch-join.com/auth
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Apr 2025 22:39:24 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
Last-Modified: Sun, 06 Apr 2025 21:29:13 GMT
ETag: W/"59737-1960d01f38d"
Content-Encoding: gzip
|
|
| GET fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL GET fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 IP142.250.74.35:443
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8 ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18088, version 1.0 Hashf4aa2d622725f1af4e132e2bbaeb47ae 20594962b8a024c0cec8d3b3fe8614bea75d5388 d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
GET /s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faceit.showmatch-join.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18088
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 09:17:17 GMT
expires: Fri, 03 Apr 2026 09:17:17 GMT
cache-control: public, max-age=31536000
age: 393727
last-modified: Thu, 24 Aug 2023 20:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| GET fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL GET fonts.gstatic.com/s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 IP142.250.74.35:443
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8 ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18100, version 1.0 Hash2af0645d8798834a774f014332120c5d c1f9a794c35d75cd3196ec52e457467d33b2405b 42d25e75823f99564c199e3dc486ff8562ce77625ea50ee07385df687296f69f
GET /s/play/v19/6ae84K2oVqwItm4TCpAy2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://faceit.showmatch-join.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 09:22:11 GMT
expires: Fri, 03 Apr 2026 09:22:11 GMT
cache-control: public, max-age=31536000
age: 393433
last-modified: Thu, 24 Aug 2023 19:54:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| POST tmpanel.live/dqjqudxogoaouwbzafmrutkoqocaezwuamociivusjtcin |  172.67.162.247 | 200 OK | 55 B |
URL POST tmpanel.live/dqjqudxogoaouwbzafmrutkoqocaezwuamociivusjtcin IP172.67.162.247:443
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerGoogle Trust Services Subjecttmpanel.live Fingerprint6B:19:A8:EB:F7:60:93:4E:2E:EF:3A:41:4B:0D:93:B4:F0:C6:04:73 ValidityThu, 27 Feb 2025 11:03:01 GMT - Wed, 28 May 2025 12:01:33 GMT
Hashc2d71215a3840b83671f0275a78b0c4c e409bb82dfcf88f65886902e5081690ce15dd4dd a5f405ddad34b50bdaada68d7d14d8b5cead1a4d0aa486f5fad9b69c9fa1edfb
POST /dqjqudxogoaouwbzafmrutkoqocaezwuamociivusjtcin HTTP/1.1
Host: tmpanel.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 163
Origin: https://faceit.showmatch-join.com
DNT: 1
Connection: keep-alive
Referer: https://faceit.showmatch-join.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Apr 2025 22:39:25 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"37-5Am7gt/PiPZYhpAuUIFpDOFd1N0"
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
cf-ray: 92cd055448960b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET faceit.showmatch-join.com/favicon.ico | 212.87.222.250 | 200 OK | 5.4 kB |
URL GET faceit.showmatch-join.com/favicon.ico IP212.87.222.250:443 ASN#214238 Host Telecom Ltd
Requested byhttps://faceit.showmatch-join.com/auth CertificateIssuerLet's Encrypt Subjectfaceit.showmatch-join.com FingerprintD4:DE:CE:68:7F:03:1B:ED:6E:15:DC:C7:78:26:C1:0E:F9:F1:8B:3F ValiditySun, 06 Apr 2025 22:29:52 GMT - Sat, 05 Jul 2025 22:29:51 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashd37e8235c4d8033c6a2d4d8060ebe1a0 8a87548dba6a59fb94165c49929cc95494168c3c 35823a6b96d1200ea297d4e0f860fed749dde7e4cac0e120b8a769af64f26c2f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: faceit.showmatch-join.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://faceit.showmatch-join.com/auth
Cookie: uv=m97nlufi-m21mymlg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Apr 2025 22:39:24 GMT
Content-Type: image/x-icon
Content-Length: 5430
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 06 Apr 2025 21:29:16 GMT
ETag: W/"1536-1960d01fdd5"
|
|
| GET faceit.showmatch-join.com/auth | 212.87.222.250 | 200 OK | 36 kB |
URL User Request GET faceit.showmatch-join.com/auth IP212.87.222.250:443 ASN#214238 Host Telecom Ltd
CertificateIssuerLet's Encrypt Subjectfaceit.showmatch-join.com FingerprintD4:DE:CE:68:7F:03:1B:ED:6E:15:DC:C7:78:26:C1:0E:F9:F1:8B:3F ValiditySun, 06 Apr 2025 22:29:52 GMT - Sat, 05 Jul 2025 22:29:51 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (772), with CRLF line terminators Hashf101903fec35b6bb88aede877f099384 cb23015b321a562c001433ae56404f95789e34c9 e5df1338b2eb3669baeefe66cc5e03076dfaeda09db947712ee96811af576706
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /auth HTTP/1.1
Host: faceit.showmatch-join.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Apr 2025 22:39:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Content-Encoding: gzip
|
|