| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/18/04/thumb/j8WEhhAba.jpg?crop=2988:1992;6,0&resize=1250:830 |  151.101.2.114 | 200 OK | 284 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/18/04/thumb/j8WEhhAba.jpg?crop=2988:1992;6,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-19 Last Seen2025-07-15 Times Seen68 Size284 kB (283938 bytes) MD59003cc08ec407c083d72ff5e454c4be2 SHA1b59365447fe6754f3e08b8748ed97e8f60cd58dc SHA256abfe72c31a003b296a528a08382e665f3b764e2961b28d608e767334c007f745 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/18/04/thumb/j8WEhhAba.jpg?crop=2988:1992;6,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "9B+QZI4pdRLv2w9gIXDUN00+CH2C4VgvqpC6xZNbNGQ"
fastly-io-info: ifsz=3472916 idim=3000x1992 ifmt=jpeg ofsz=283938 odim=1250x830 ofmt=jpeg
fastly-io-served-by: img02-us-east4
fastly-stats: io=1
x-amz-id-2: w0o4kN5UnD1zPn69EC4pS8MZ3X5GTKluvMEZe8nFxhI6T4J0MGeH8wsmvurN/vpPrqc3Rb65WUY=
x-amz-request-id: EXGHWYCK3FXWSEWS
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
age: 1798578
date: Mon, 14 Jul 2025 09:10:12 GMT
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kiad7000071-IAD, cache-iad-kiad7000071-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 12362, 0
x-timer: S1752484212.198842,VS0,VE1
vary: X-BF-Canary
content-length: 283938
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/17/12/thumb/pUzI6gxNv.jpg?crop=1245:830;3,0&resize=1250:830 | 151.101.2.114 | 200 OK | 157 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/17/12/thumb/pUzI6gxNv.jpg?crop=1245:830;3,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-19 Last Seen2025-07-15 Times Seen70 Size157 kB (157434 bytes) MD5df0ad08145d65731c7bdff6b540f4681 SHA10a91a371d2d9da4e2db3265230124470988bfdb8 SHA256bed71890aba0143e4a8659a682f4f225ade47f6ae400b63dbcf7229d7de0fe66 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/17/12/thumb/pUzI6gxNv.jpg?crop=1245:830;3,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "WcsTVKcwi2qXnNIy7GdYQLdJJL8b+pc6wbGVg8WiFY8"
fastly-io-info: ifsz=680401 idim=1250x830 ifmt=jpeg ofsz=157434 odim=1250x830 ofmt=jpeg
fastly-io-served-by: vpop-kiad7010215
fastly-stats: io=1
x-amz-id-2: K69sxnLXhM3ZFzt1fzZT+L6C5TA6R8X93ybuMT+tZ8ZSWKN9kLvtwFNJt+lm9qn87p1rRToefPQ=
x-amz-request-id: RXXNKDSW6C6WXD2K
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
age: 2305087
date: Mon, 14 Jul 2025 09:10:12 GMT
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 29100, 0
x-timer: S1752484212.176833,VS0,VE1
vary: X-BF-Canary
content-length: 157434
X-Firefox-Spdy: h2
|
|
| GET matchrally.net/_astro/Favicon.s-klkQDh.js |  172.67.156.50 | 200 OK | 284 B |
URL GET HTTPS matchrally.net/_astro/Favicon.s-klkQDh.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size284 B (284 bytes) MD5eec40dcf9edcacf2dad0131baf46093d SHA1578f34d3e47cc977b39578a5ca3068532b2607d6 SHA2561387fd8ae4dbbf72167dd3692138590a4669189d6c0150dcf9761ee5f80ca209 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/Favicon.s-klkQDh.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCQ3TkY3qqGWhCgGIae1TynRoAO2naTAluw79wrBqBA4XgoDLhwxBd9aJcchV4kB4LoXUBgHsqY7CE%2FuwG%2BNvfsbfzHFEMbleIizqe64lcNiOW4ZChpnha877mOuljyL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-11c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b5dd6cb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2310&min_rtt=484&rtt_var=1548&sent=202&recv=266&lost=0&retrans=0&sent_bytes=17138&recv_bytes=15858&delivery_rate=974913&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=430&inflight_dur=40&x=40"
|
|
| GET matchrally.net/_astro/HomePageSport.DsKVN4Xp.js | 172.67.156.50 | 200 OK | 929 B |
URL GET HTTPS matchrally.net/_astro/HomePageSport.DsKVN4Xp.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (928) First Seen2025-06-24 Last Seen2025-08-01 Times Seen85 Size929 B (929 bytes) MD576ad9fdcfd248765dfdaa5c261ca2841 SHA12c965c391ec15560543f4142e6d633d21a0931d5 SHA25631d4aeca3c7a10fae08e62f77e1f720c1ec28c7ef856934a30ca68ff249474d3 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/HomePageSport.DsKVN4Xp.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2B9b0xcISqqAy53VFqJ%2Fm6%2Fje72H8T2JZm3lWRMCDJWCpktFB5sAkW6OkbHN26aFIWh2kapSHsFA2MmAHnNfI9UuO8QAvr7pO1u9YaZr7bmu59sW8RmANVhG%2FBFr3sk1yg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-3a1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b61d71b4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1619&min_rtt=484&rtt_var=1399&sent=213&recv=270&lost=0&retrans=0&sent_bytes=22375&recv_bytes=16035&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=458&inflight_dur=52&x=40"
|
|
| GET matchrally.net/_astro/jsxRuntime.module.rIB0llmI.js | 172.67.156.50 | 200 OK | 431 B |
URL GET HTTPS matchrally.net/_astro/jsxRuntime.module.rIB0llmI.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJavaScript source, ASCII text, with very long lines (430) First Seen2025-02-11 Last Seen2025-08-03 Times Seen1609 Size431 B (431 bytes) MD5e94794479beecd36a2045dcb956b255e SHA18a8a014ecaf73a18ecc16bf4a20d0a4b7484be27 SHA256462d69c43ef7c5e4e9f8d78254c1021eebe67589694f613c2f2cfe6d7f3bce3a Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/jsxRuntime.module.rIB0llmI.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/_astro/HomePageSport.DsKVN4Xp.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JA7p7M0NyNPux98%2FwI2eDNyQIElhrg9mrUTWYgZl%2FQeNROHZfv1Ky0IOfBheCkV8Z1cxQ%2FVkRE8iA%2BoO2YZBiywS5AJjq4X25bsNzF1PKqFSkTU9u4mxA6jaCPVwO3Z5UA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-1af"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b98d8fb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5323&min_rtt=484&rtt_var=7857&sent=228&recv=278&lost=0&retrans=0&sent_bytes=27140&recv_bytes=17576&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1001&inflight_dur=96&x=40"
|
|
| GET matchrally.net/_astro/useCurrentUrl.Br89aQSt.js | 172.67.156.50 | 200 OK | 439 B |
URL GET HTTPS matchrally.net/_astro/useCurrentUrl.Br89aQSt.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (438) First Seen2025-06-23 Last Seen2025-08-03 Times Seen295 Size439 B (439 bytes) MD5fc5a445ada8afacbcdeda508052ec0d5 SHA1aacf791da3d71d2714687fe8a8a7eed131f77526 SHA25601fe6cd93594b528f5e12898aa29af0b7e07a08b0596196a78234d73a5f2abf7 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/useCurrentUrl.Br89aQSt.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/_astro/HomePageSport.DsKVN4Xp.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1OHWUw2NO4GSpPrN33%2B5WYCqC14SjeDm1yZ5UYrnYTEy75SZQ1An%2BUcyFfslI57nAS0960zLFZjpfxVgAOOUbsXY3dix8b%2BfAorZ38Xuc5W67ym1RdRXzDQ9vjZ%2BtJ95w%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-1b7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b98d90b4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4737&min_rtt=484&rtt_var=7064&sent=230&recv=279&lost=0&retrans=0&sent_bytes=28159&recv_bytes=17622&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1001&inflight_dur=96&x=40"
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/26/21/thumb/C5Kgpkttm.jpg?crop=1245:830;2,0&resize=1250:830 | 151.101.2.114 | 200 OK | 71 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/26/21/thumb/C5Kgpkttm.jpg?crop=1245:830;2,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-27 Last Seen2025-07-15 Times Seen27 Size71 kB (71350 bytes) MD57832572394639edecc14bdfb047b9ac6 SHA16fbdc1cab797a71b74d9b31976e879bd31d98deb SHA2567f63d6f2e4f265b6fafd9781856b6058d1bba02aef0b2781be5b0e9e5db62d62 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/26/21/thumb/C5Kgpkttm.jpg?crop=1245:830;2,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "RjvOm8rzCSUMAPM0/9FP8PkeFOevPRgP/aa5fSTCcTM"
fastly-io-info: ifsz=272773 idim=1249x830 ifmt=jpeg ofsz=71350 odim=1250x830 ofmt=jpeg
fastly-io-served-by: img07-us-east4
fastly-stats: io=1
x-amz-id-2: chv4F0zxSjrqJkkSw3Y1WdJTdFOt/KalEFcTH4jJf4P1LT1mxJKERxRYXvQHlrYXYfe4vHBexh8=
x-amz-request-id: XKBMRPRHVCWMG1A4
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 1498197
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kiad7000152-IAD, cache-iad-kiad7000152-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 888, 37
x-timer: S1752484212.180638,VS0,VE0
vary: X-BF-Canary
content-length: 71350
X-Firefox-Spdy: h2
|
|
| GET matchrally.net/templates/sport/logo.webp | 172.67.156.50 | 404 Not Found | 146 B |
URL GET HTTPS matchrally.net/templates/sport/logo.webp IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeHTML document, ASCII text, with CRLF line terminators First Seen2023-03-07 Last Seen2025-08-04 Times Seen211853 Size146 B (146 bytes) MD58eec510e57f5f732fd2cce73df7b73ef SHA13c0af39ecb3753c5fee3b53d063c7286019eac3b SHA25655f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /templates/sport/logo.webp HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NCBoTv%2BC%2BUS6LJPAvz%2FFsYnfc1Pio6j6VV8MvQ863ipCsO1SCoypWtgKI%2BJcc%2Blhd8eLmesv%2Fo7m0JNRg2936uFl6Cbdiiwih77flg%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 95efe2b56cf3b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET matchrally.net/_astro/hooks.module.BrsKpn_h.js | 172.67.156.50 | 200 OK | 2.7 kB |
URL GET HTTPS matchrally.net/_astro/hooks.module.BrsKpn_h.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJavaScript source, ASCII text, with very long lines (2714) First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size2.7 kB (2715 bytes) MD5d9e68fcdc92350132c2dfe97f9ad2e27 SHA1a99539e77f974df3a3dd4e0d03ae22a6d6eb0c2b SHA256b68c11f46142eef10893934d0b37fd5cad6dc2622ee5444b2a578957b1be9cd7 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/hooks.module.BrsKpn_h.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/_astro/Favicon.s-klkQDh.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kv8LpvTNIDi3bSwdM7dfefOmTxhxUZkkcRs5x05GyDTdEh%2BAdBRyOSs29aiXbX9FenJhBk%2BjARKZxbiVvV8AMnaFmvyTwCTHp%2Bu%2FRaVQNI2nKc4vYvYsZejxp15EFlCm0A%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-a9b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b97d8db4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5905&min_rtt=484&rtt_var=8925&sent=222&recv=277&lost=0&retrans=0&sent_bytes=23794&recv_bytes=17530&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=997&inflight_dur=93&x=40"
|
|
| GET matchrally.net/favicon.ico | 172.67.156.50 | 404 Not Found | 146 B |
URL GET HTTPS matchrally.net/favicon.ico IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeHTML document, ASCII text, with CRLF line terminators First Seen2023-03-07 Last Seen2025-08-04 Times Seen211853 Size146 B (146 bytes) MD58eec510e57f5f732fd2cce73df7b73ef SHA13c0af39ecb3753c5fee3b53d063c7286019eac3b SHA25655f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzeFaa90cmB93pG8MTxUriw1gOJVv%2BLUii96NEOyOlUks8zyUtAriGBSwZmCusJd8cpY5Y6QFpsXBaauCOUXVqRli3lxJSCwdn5vTpJWs25eQlQTLqUu6GT81dVsJigBGA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 95efe2ba1d95b4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3061&min_rtt=437&rtt_var=4453&sent=237&recv=284&lost=0&retrans=0&sent_bytes=34367&recv_bytes=18086&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=18126&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1073&inflight_dur=101&x=40"
|
|
| GET matchrally.net/_astro/_slug_.BcV8LkCb.css | 172.67.156.50 | 200 OK | 48 kB |
URL GET HTTPS matchrally.net/_astro/_slug_.BcV8LkCb.css IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeUnicode text, UTF-8 text, with very long lines (47566) First Seen2025-06-20 Last Seen2025-07-16 Times Seen512 Size48 kB (47575 bytes) MD55359e57d6fe8450e7965c2b0643eb4ea SHA126103c39c21a1595f5714e14176b45ba938371ca SHA2561e1a1c0b317d92689bcae0975f56a449f0692acd00265891a45786d6b5bf5c0f Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/_slug_.BcV8LkCb.css HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 01 Jul 2025 09:12:52 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "6863a694-b9d7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
age: 6031
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=s7hvyHN4LQEut6qbNTyEBxu1%2B%2Fy72zZT0tlLpnX0YYfAcVGZembaMODnzs3zWrwKRtTWUVD1tmjER55c52J9qhqsmBCeCkwKoRts0Q%3D%3D"}]}
cf-ray: 95efe2b54cd4b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/19/13/thumb/kRae88EBb.jpg?crop=1245:830;3,0&resize=1250:830 | 151.101.2.114 | 200 OK | 109 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/19/13/thumb/kRae88EBb.jpg?crop=1245:830;3,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-20 Last Seen2025-07-15 Times Seen68 Size109 kB (108921 bytes) MD58fe907dafd4a3acd71cb1cb389570f90 SHA163cc9b4ec04a21f1f5547b0140610e73605ecf5e SHA25666a63701feb2e4aeb57c7614246452de10f837950c54442e518516aa08f53149 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/19/13/thumb/kRae88EBb.jpg?crop=1245:830;3,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "KX6IlozeKUtOB7YS5W84B/Be5gYr9XAbKvJ72KMsP5s"
fastly-io-info: ifsz=422468 idim=1250x830 ifmt=jpeg ofsz=108921 odim=1250x830 ofmt=jpeg
fastly-io-served-by: vpop-kiad7010214
fastly-stats: io=1
x-amz-id-2: QFAZD24Sq1l348+3mFhaVi3+CkG3rI8VypIrD8RVLEb0f8JfMr6muGNLS7u5aBwgbq3UWzVu5yk=
x-amz-request-id: 25QF2YQ0EZBB8FHK
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 2119516
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kjyo7100172-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 6131, 33
x-timer: S1752484212.184225,VS0,VE0
vary: X-BF-Canary
content-length: 108921
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/14/20/thumb/pmjWuXj9l.jpg?crop=1245:830;3,0&resize=1250:830 | 151.101.2.114 | 200 OK | 126 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/14/20/thumb/pmjWuXj9l.jpg?crop=1245:830;3,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-19 Last Seen2025-07-15 Times Seen70 Size126 kB (126123 bytes) MD5475619bc3831d7e6e7bcefa056f29a2a SHA12af43d2e6b74a1e0bcc951cab81f524840f159bf SHA256a2c275bbf8f900ff94596f2dea460dc64b2b89906f028005215430dae34df563 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/14/20/thumb/pmjWuXj9l.jpg?crop=1245:830;3,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "1tHIej3pWwktsvaT/BB93PEtONwf3udxmaQG3k8TNNY"
fastly-io-info: ifsz=563476 idim=1250x830 ifmt=jpeg ofsz=126123 odim=1250x830 ofmt=jpeg
fastly-io-served-by: vpop-kiad7010214
fastly-stats: io=1
x-amz-id-2: rfq316Qt9lKl4Zj7RUp/ZjdFr9X89z1PfCkF5a2c56PheHXnj+/oO95XSwIqshjaRaFApT55Kgs=
x-amz-request-id: QEBNS7CFJ3P8KTCM
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 2534930
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kjyo7100153-IAD, cache-iad-kjyo7100153-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 19520, 43
x-timer: S1752484212.176892,VS0,VE0
vary: X-BF-Canary
content-length: 126123
X-Firefox-Spdy: h2
|
|
| GET matchrally.net/_astro/client.BJ-h5zJB.js | 172.67.156.50 | 200 OK | 2.1 kB |
URL GET HTTPS matchrally.net/_astro/client.BJ-h5zJB.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJavaScript source, ASCII text, with very long lines (1951) First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size2.1 kB (2135 bytes) MD59f7eaa5a0d8648df09713277a27c0499 SHA1f01664770e8d78dfc2243c91108701f97785fe01 SHA2560202f093420936bc98a7f41c5f33a3a3e07dec2e19c7e127a526db32a5ee1fe9 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/client.BJ-h5zJB.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMMSmZGKk76QZ%2Bf2pq6AngulJuq7f4Xb8zFvzMNr8aA63fOExhZCRMU5InUZGTc79niJZw5NqnyZcyIKxeZv%2FT7lMJtIiPz3JQ%2BcRm4Hc6%2BuenXFnwlnlMCEh2dkslFQmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-857"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b5dd6bb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2432&min_rtt=484&rtt_var=1739&sent=200&recv=265&lost=0&retrans=0&sent_bytes=15243&recv_bytes=15814&delivery_rate=552347&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=428&inflight_dur=38&x=40"
|
|
| GET matchrally.net/_astro/Redirect.Clx2E6_M.js | 172.67.156.50 | 200 OK | 407 B |
URL GET HTTPS matchrally.net/_astro/Redirect.Clx2E6_M.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (406) First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size407 B (407 bytes) MD5abd1558f5df618c1ff13a6209045074d SHA1f1a50c3a6a2d9af27deb328d8088e466137ad62c SHA25631d6ad2ec5a5af908c66cafc341726e871833e1bcbf358164d363e5f5b3e37b2 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/Redirect.Clx2E6_M.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoo3SXP9ovAVfN2TT8mfyTrc0aTbk3vHqtViyYy54g6RCax%2BMzEA9apOikSlKqyA1FtAMFiLgCCWhxlcZbbYnnpVUHhpddSvcVK3lyNjMqagDsuFMtQLexZ6ksK1fT2f0g%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-197"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b5fd6db4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2310&min_rtt=484&rtt_var=1548&sent=204&recv=266&lost=0&retrans=0&sent_bytes=18054&recv_bytes=15858&delivery_rate=974913&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=431&inflight_dur=40&x=40"
|
|
| GET matchrally.net/_astro/ScriptLoader.MC1aaNF-.js | 172.67.156.50 | 200 OK | 613 B |
URL GET HTTPS matchrally.net/_astro/ScriptLoader.MC1aaNF-.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (612) First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size613 B (613 bytes) MD5d3bfc7a125e1ffef4e375566e83ded22 SHA1a2d6ec7c6a94c9aee1c6a5327e2216d99c819519 SHA25660d40e26f78e67d78d59d7972865477a30a563da85fac47080f5a9528e2d8dc6 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/ScriptLoader.MC1aaNF-.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2iIFEBZhidl0CeEqs9Hu7%2B3f9mZmysdVtPkmf%2BlcwkLuz7J4cubjaDwFBGn5h5acsz6yiV1o227i49GrGQrYcpWS15Qcxi673kTVXyleVgdztNTk0bIGAWHjX1XzX9oPg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-265"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b60d6fb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1619&min_rtt=484&rtt_var=1399&sent=211&recv=270&lost=0&retrans=0&sent_bytes=21312&recv_bytes=16035&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=448&inflight_dur=45&x=40"
|
|
| POST matchrally.net/sync-metrics | 172.67.156.50 | 200 OK | 17 B |
URL POST HTTPS matchrally.net/sync-metrics IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJSON text data First Seen2023-04-05 Last Seen2025-08-04 Times Seen25610 Size17 B (17 bytes) MD55b64e8b89092b2e3dfd448b10700627f SHA1484b3032619fa1acd135d114565b0a5166281c22 SHA256f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 74
Origin: https://matchrally.net
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/json; charset=utf-8
content-length: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VezYdrgmHtbiE6aaUw%2Bnjdu4KBJnNC2RfqKJKDvPkO6v%2BUPkFJhYrOLdSGOaa9IEqvh13JgS0c1%2BlFlVE0s5%2BtOXw1jzW1AxXzUGmYNLRrDqRUD8dOT5PgX1fJORmrLieA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-trace-id: e329bdb5f7b1b924590aefbe190068d8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://matchrally.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 95efe2baadadb4ee-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3475&min_rtt=437&rtt_var=4167&sent=239&recv=286&lost=0&retrans=0&sent_bytes=35134&recv_bytes=18495&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=18126&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1201&inflight_dur=127&x=40"
|
|
| GET matchrally.net/_astro/GalaksionMeta.BaXnHUlD.js | 172.67.156.50 | 200 OK | 393 B |
URL GET HTTPS matchrally.net/_astro/GalaksionMeta.BaXnHUlD.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (392) First Seen2025-07-01 Last Seen2025-08-03 Times Seen317 Size393 B (393 bytes) MD5cd9f61dbf94b0bafa9e35a1fed785b60 SHA16b479f0348ff688b46b7ffb4c27ad1956be1834f SHA256d8a45a6cc622fb47f1dbfa6751c3ba4b382aecca022d48d200b4b95d78499575 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/GalaksionMeta.BaXnHUlD.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hksQrcPFzqoYHEHVEu%2BFrOjrieBoQM%2BHFngOyPFqoUY1SFD6Oxp%2FKUcVvy3Yx%2FOM8Z2aGOnvaAiwdFGM%2FIFWuciScUcuwFY0lpHVlC9iMfPBHu5Y96annN19vAhpy57AtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-189"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b5fd6eb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1763&min_rtt=484&rtt_var=1482&sent=208&recv=269&lost=0&retrans=0&sent_bytes=20300&recv_bytes=15991&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=439&inflight_dur=43&x=40"
|
|
| GET matchrally.net/_astro/preact.module.NIwkvMQy.js | 172.67.156.50 | 200 OK | 10 kB |
URL GET HTTPS matchrally.net/_astro/preact.module.NIwkvMQy.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJavaScript source, ASCII text, with very long lines (10404) First Seen2025-02-11 Last Seen2025-08-03 Times Seen1958 Size10 kB (10405 bytes) MD51bff1ff4eaa6a0ec7980b854644752ef SHA1f095330ae2791590bdf40df8c0dde616bb92f32e SHA2566bf0886b208c9b4c92e8fc05b8ce440b344696bece86d3d70941e8b43c68ff5f Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/preact.module.NIwkvMQy.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/_astro/client.BJ-h5zJB.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQ%2FDjEFxpPBNDckN7yDlN9NENKoKQoksqW4C5yMO6oGKTP4Thxz6XjZaaggZAaEbjEY0I%2Blr7U2u4AvOog6O6Y5D50T%2B8BwvV92s88FgpfnKPqlULcQx5%2FmVTHEjncqLOg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-28a5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b97d8cb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4737&min_rtt=484&rtt_var=7064&sent=231&recv=279&lost=0&retrans=0&sent_bytes=29087&recv_bytes=17622&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1002&inflight_dur=97&x=40"
|
|
| | 172.67.156.50 | 200 OK | 25 kB |
URL User Request GET HTTPS matchrally.net/ IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Resource Info File typeHTML document, Unicode text, UTF-8 text, with very long lines (25184), with no line terminators First Seen2025-07-02 Last Seen2025-07-14 Times Seen3 Size25 kB (25233 bytes) MD54f9ac3e741828771b91f83578f03df9d SHA1e7f52d151fd2f1c9bcdb4a6af2bef9f2c57209f9 SHA2562724c7c80abce4908448aa78a1af177c20ed4b4c6be6f306522d51463fa9f2c7 Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 14 Jul 2025 09:10:11 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2F4%2B%2BBXa68p7ehku%2FX8I7It8CBivQ%2B%2FrViSih9i0Iom5DFsoHEL1BV1Pt3ewgjBsDtYVO6hgKCazvRdyNH3FsTUfATxPyuLhbFcYH5A%3D%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95efe2b32a2cb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/26/19/thumb/jBciXqLvN.jpg?crop=3000:2000;0,0&resize=1250:830 | 151.101.2.114 | 200 OK | 103 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/26/19/thumb/jBciXqLvN.jpg?crop=3000:2000;0,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-07-01 Last Seen2025-07-16 Times Seen35 Size103 kB (103185 bytes) MD57999fac2cde2abc8dbbd7ddf4a30dbe5 SHA1bb3908aacf12fef1dc3b5ee210ef3f5d98c63041 SHA2565f470d4468f7286d9426f97486da122d827ca2e61679f8be45480387edaef744 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/26/19/thumb/jBciXqLvN.jpg?crop=3000:2000;0,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "9LD7pt8t1kzWzClDYjd+W0YOjMlvfS4wOO3gzj5xIEc"
fastly-io-info: ifsz=1296918 idim=3000x2000 ifmt=jpeg ofsz=103185 odim=1250x830 ofmt=jpeg
fastly-io-served-by: img03-us-east4
fastly-stats: io=1
x-amz-id-2: eJFEj53vlYTAYHnlYz9NIWskrkN7NkjWHkXmwlJy8gFMIQEiXeVgkbpMq4RBXLgmXEN3STzHSpg=
x-amz-request-id: BPB9TX2GAB51YQQA
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 1517817
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kcgs7200099-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 10767, 86
x-timer: S1752484212.175948,VS0,VE0
vary: X-BF-Canary
content-length: 103185
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/26/19/thumb/vueUI7U66.jpg?crop=1245:830;3,0&resize=1250:830 | 151.101.2.114 | 200 OK | 121 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/26/19/thumb/vueUI7U66.jpg?crop=1245:830;3,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-07-01 Last Seen2025-07-15 Times Seen26 Size121 kB (120991 bytes) MD5be8234da9872ccf417ef836d43f1705c SHA150b197ecdb73f20e40e1cc4535712c822cf0f6bd SHA256433fca4db0739fce6b4e29cd96742ae843197f9ba5afbb0fc16c56b9f79bd055 Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/26/19/thumb/vueUI7U66.jpg?crop=1245:830;3,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "50kDebxNBHDXk7N/0kNBborWA2wHTLkS2U42Im2hWBM"
fastly-io-info: ifsz=434214 idim=1250x830 ifmt=jpeg ofsz=120991 odim=1250x830 ofmt=jpeg
fastly-io-served-by: vpop-kiad7010247
fastly-stats: io=1
x-amz-id-2: sdEidkI6Krf91NXDvPun2N2gQCrJsnYWbJp9XJ13izZtAx0x/VapTgbs1ZwDCcN5vQAxqJc0kjc=
x-amz-request-id: FSWFE3EMW24M4FKX
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 1425606
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kjyo7100067-IAD, cache-iad-kjyo7100067-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 860, 36
x-timer: S1752484212.183120,VS0,VE0
vary: X-BF-Canary
content-length: 120991
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/19/11/thumb/7u_oB_7OL.jpg?crop=1245:830;3,0&resize=1250:830 | 151.101.2.114 | 200 OK | 138 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/19/11/thumb/7u_oB_7OL.jpg?crop=1245:830;3,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-21 Last Seen2025-07-15 Times Seen63 Size138 kB (138304 bytes) MD5ff142b57ad8de9936561d388cd3c834e SHA1529fda79c5eec824c94cb6a9fc6a011885a7746c SHA256fcfe58ec89d71fda9cb7c1b5edb457913aca0a460a9da150d970343357baa6dc Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/19/11/thumb/7u_oB_7OL.jpg?crop=1245:830;3,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "pO1k+a3cMLHhxJkHKsse/x1NZSBMlEehtPXZ2dVhKtY"
fastly-io-info: ifsz=481380 idim=1250x830 ifmt=jpeg ofsz=138304 odim=1250x830 ofmt=jpeg
fastly-io-served-by: img10-us-east4
fastly-stats: io=1
x-amz-id-2: 0lpSQdnzwnirmpIsXC3yLyW49lvffFuU7gMAPpkiZVtGsCV46icFm2AoPFIxIlvFYBB3jw8A9H087YWooEk7dxpaUVfPHnjk
x-amz-request-id: 7E66TPRVZYQ2KP6Z
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
date: Mon, 14 Jul 2025 09:10:12 GMT
age: 2120707
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kcgs7200052-IAD, cache-iad-kcgs7200052-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 14723, 1625
x-timer: S1752484212.184467,VS0,VE0
vary: X-BF-Canary
content-length: 138304
X-Firefox-Spdy: h2
|
|
| GET img.buzzfeed.com/buzzfeed-static/static/2025-06/11/15/thumb/7Czgvez3j.jpg?crop=1245:830;2,0&resize=1250:830 | 151.101.2.114 | 200 OK | 130 kB |
URL GET HTTPS img.buzzfeed.com/buzzfeed-static/static/2025-06/11/15/thumb/7Czgvez3j.jpg?crop=1245:830;2,0&resize=1250:830 IP / ASN 151.101.2.114 #54113 FASTLY Requested byhttps://matchrally.net/ Resource Info File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1250x830, components 3 First Seen2025-06-13 Last Seen2025-07-15 Times Seen81 Size130 kB (130400 bytes) MD5c0ca3e57c53844df6d750ce246e3e0c6 SHA1630efe0f8a1fa8ec075dcab894d783b1b655d8c5 SHA256903d8dd202f6d3a512b77ad42abb3ebbd81f00556d205e3bf70db31b455beb1f Certificate Info IssuerGlobalSign nv-sa Subject*.buzzfeed.com Fingerprint00:7D:75:13:17:09:CF:27:1D:F5:A7:5A:28:09:00:72:D1:77:29:42 ValidityMon, 23 Sep 2024 21:56:03 GMT - Sat, 25 Oct 2025 21:56:02 GMT GET /buzzfeed-static/static/2025-06/11/15/thumb/7Czgvez3j.jpg?crop=1245:830;2,0&resize=1250:830 HTTP/1.1
Host: img.buzzfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
etag: "N9i/HBdQG9gt1TNgfoK7L4fgErAAxUooWKPfZFUyhes"
fastly-io-info: ifsz=611902 idim=1249x830 ifmt=jpeg ofsz=130400 odim=1250x830 ofmt=jpeg
fastly-io-served-by: vpop-kiad7010226
fastly-stats: io=1
x-amz-id-2: zYa7BUKvjk/uYc2jCLUbNm0yNadBsqakkmoH6NKpnFL4ViaV5Z8rIYmamT4fxxOV27S5IN8OwF4=
x-amz-request-id: ADDZ9MCXQGFJBK63
x-amz-server-side-encryption: AES256
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
server: FastlyIO
cache-control: public, max-age=86400
accept-ranges: bytes
age: 1721858
date: Mon, 14 Jul 2025 09:10:12 GMT
timing-allow-origin: *
access-control-allow-origin: *
x-served-by: cache-iad-kcgs7200163-IAD, cache-iad-kcgs7200163-IAD, cache-hel1410020-HEL
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 15821, 0
x-timer: S1752484212.178261,VS0,VE1
vary: X-BF-Canary
content-length: 130400
X-Firefox-Spdy: h2
|
|
| GET matchrally.net/_astro/FeaturesProvider.ClzCAEsp.js | 172.67.156.50 | 200 OK | 966 B |
URL GET HTTPS matchrally.net/_astro/FeaturesProvider.ClzCAEsp.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, ASCII text, with very long lines (965) First Seen2025-06-23 Last Seen2025-08-03 Times Seen557 Size966 B (966 bytes) MD5ef84a0dc3569642c269c5fa07a8ed741 SHA1a0a22e601779d5aba78ccba082141ab6b25ff129 SHA256154552341f68ae2cac4bd994ba8ef168da900b6f29eefd7134fdccc705bc4e9a Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/FeaturesProvider.ClzCAEsp.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OW4nqjzSoc4Jcd4iguh0srVyHsSkOLHZ9%2BqXieXobApUCMeR6Quxc3HIP7SCIO02oQpJeYP2Q6J85oOq64PVIUxx0OIXYJ4itX0mgDkLaT2%2BGOsUwsK6db0o%2BwsC4FBUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-3c6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b5dd6ab4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2310&min_rtt=484&rtt_var=1548&sent=207&recv=266&lost=0&retrans=0&sent_bytes=19064&recv_bytes=15858&delivery_rate=974913&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=432&inflight_dur=42&x=40"
|
|
| GET matchrally.net/_astro/index.HyJ_FFZ4.js | 172.67.156.50 | 200 OK | 1.6 kB |
URL GET HTTPS matchrally.net/_astro/index.HyJ_FFZ4.js IP / ASN 172.67.156.50 #13335 CLOUDFLARENET Requested byhttps://matchrally.net/ Resource Info File typeJava source, Unicode text, UTF-8 text, with very long lines (1614) First Seen2025-06-24 Last Seen2025-08-01 Times Seen85 Size1.6 kB (1616 bytes) MD573eecc7ca34c2ebd0cbba018642faf4d SHA10e2684f9d7b2027863ade9e8ce38c0b202442171 SHA2564b0712d064a44e3bc54cd834c8eeb5d23de242a5ecd54d6ef684fc20adef902b Certificate Info IssuerGoogle Trust Services Subjectmatchrally.net FingerprintC2:95:B4:F0:02:54:6E:C8:1A:63:98:EB:9D:B1:91:D8:A5:70:37:15 ValidityWed, 18 Jun 2025 12:54:41 GMT - Tue, 16 Sep 2025 13:52:11 GMT | Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_astro/index.HyJ_FFZ4.js HTTP/1.1
Host: matchrally.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matchrally.net/_astro/HomePageSport.DsKVN4Xp.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 14 Jul 2025 09:10:12 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6XGmoxl%2F17B12VB65cCF13kUlW0%2F6pRDkyuzzjJ6HM%2Bz0H3VBdyBSgedoI9IPJ07yEdztFWLiWnslB1596yDM4c5WRuuYGh4G%2BomQXT9boJjQEQyC3S333WzRB4VPhbXg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 01 Jul 2025 09:12:53 GMT
vary: Accept-Encoding
etag: W/"6863a695-650"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
content-encoding: br
cf-ray: 95efe2b98d8eb4ee-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5323&min_rtt=484&rtt_var=7857&sent=225&recv=278&lost=0&retrans=0&sent_bytes=25760&recv_bytes=17576&delivery_rate=1785778&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=5557f3cacf8c14f2&ts=1000&inflight_dur=95&x=40"
|
|