Report - maxfinishseveral.com/e/crc6oztcquqd

Report Overview

Visited public
2025-01-27 02:08:08
Tags
suspicious
URL
maxfinishseveral.com/e/crc6oztcquqd
Finishing URL
maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
IP / ASN
186.2.163.111
#59692 IQWeb FZ-LLC
Title
Watch mayfair.witches.s02e04.1080p.web.h264-nhtfs.mp4 - VOE | Content Delivery Network (CDN) & Video Cloud
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-22	2.6 kB	201 kB	104.17.24.14
imasdk.googleapis.com	11661	2005-01-25	2014-02-25	2025-01-23	421 B	141 kB	142.250.74.42
rescueaccredited.com	unknown	2025-01-23	2025-01-26	2025-01-26	888 B	1.1 kB	172.240.108.84
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-22	465 B	3.2 kB	142.250.74.10
maxfinishseveral.com	unknown	2025-01-25	2025-01-26	2025-01-26	8.5 kB	462 kB	186.2.163.111

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-26	medium	rescueaccredited.com	Sinkholed
2025-01-26	medium	rescueaccredited.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1	ScriptElement	502 B	2023-12-21	2025-03-09
Pretty URL maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-21 19:29 Last Seen2025-03-09 12:44 Times Seen637 Hash a70fb3ccc190fdfe4c06804cafa694bc 50630603fa35dcf518ed6bbeef164ec2a65ab6ae 2dd7b05386bab0c4528e26a81a13742dc580154aa2980ff125e99e0b4974376d Loading...

	maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1	ScriptElement	87 kB	2025-01-26	2025-03-17
Pretty URL maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-26 05:10 Last Seen2025-03-17 23:05 Times Seen25 Hash 23191dc68c9ffaca05fd369b11271e78 1c30416af1ea0f5a83a33811801c6f4fb6bb9a5e 24aa82a4067269d7a2e0dfdf8d0dca52001a9ec4be9eea08e5b6422487e5d3e5 Loading...

	maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1	ScriptElement	411 B	2025-01-27	2025-01-27
Pretty URL maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-27 02:08 Last Seen2025-01-27 02:08 Times Seen1 Hash c9f659cc74004163bf59a276691f6324 b551a80933659248c31cb67f78928e5ed627570a 494a13bff10fbe177bdf23f61d8955bce0d93109cf9dc75ade6f2d553d560dc1 Loading...

	maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1	ScriptElement	2.0 kB	2025-01-26	2025-02-27
Pretty URL maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-26 05:10 Last Seen2025-02-27 22:41 Times Seen18 Hash 53ec43e321d3f294cecc3772d3ada81b f0bdfa90b7f855adfb5ef52f3cca5331f0bcb145 791fdaceb4286dd4f4dd4981e0b17a1c77aa8189ae9cae5cc0b5dc3edf3505af Loading...

	maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1	ScriptElement	3.9 kB	2024-01-10	2025-04-11
Pretty URL maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 IP 186.2.163.111 ASN #59692 IQWeb FZ-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-10 02:44 Last Seen2025-04-11 02:20 Times Seen618 Hash f646a3bf6021cf9b091ce25e3e02accd fd5856375a2de55c233b98cea458dd45ad731b7f 1e03159bafb1e8ba958c5ee6d609084aea470aaa24fe3a05f4da41c152ab6006 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	ScriptElement	442 kB	2025-01-23	2025-01-28
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-23 19:32 Last Seen2025-01-28 05:47 Times Seen42 Hash 38a800bb0746116d346d3ce3f0640d4b a1cc3969e1ea2a1912b5b6a38ac94c06bee43f54 8cec3b64aa0b26008d5347a68c79cf22a8e3e921c0aeaa9152fe224bd797b122 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-04-29 00:07 Times Seen34593 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

HTTP Transactions (16)

URL IP Response Size

maxfinishseveral.com/e/crc6oztcquqd

186.2.163.111

302 Found

37 kB

URL User Request GET HTTP/2
maxfinishseveral.com/e/crc6oztcquqd
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type
HTML document, ASCII text, with very long lines (743)
Size
37 kB (36682 bytes)
Hash
24e8e7124dd319e1c77d7654146ea422
92970dc70727c5d33f968169f63cb16cd93834bc
0cda8de5a88d3e6632c83bd85c6d89b282beedc6364453251acc4199121906c7

HTTP Headers

GET /e/crc6oztcquqd HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=rhdILtiG8jAqWpsR; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
__ddg10_=1737943662; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
__ddg1_=aPR0adqFo11zNKGX9HJh; Domain=.maxfinishseveral.com; HttpOnly; Path=/; Expires=Tue, 27-Jan-2026 02:07:42 GMT
XSRF-TOKEN=eyJpdiI6IisyTjR2eWE4K1NLTEhFMVljYVhuZ3c9PSIsInZhbHVlIjoicXpVUFVPSjV2clpPZUlQV0V0ZmF2b3JuVWpnQmErbGNUcTNpSE5zTXNPekhlTUlDNUtNZ2ptakNFaDlqeTBaVjREWnlDeHlsZ1podm9CWWVKbjZhczBCeWNBV2pUR3NMYkpIWmI5ekg2ZlZiTTVUUnRudlBhY2xTZXZnbmtGeW0iLCJtYWMiOiI5ZGE3ZTY4MGVmMjI5ZTgxM2IxYzFjZmM2ZGYzYTA1MTdjYjVkYmNkOWEzMjczYWRlYWQxYzFlZjVkNjBjOTYyIiwidGFnIjoiIn0%3D; expires=Mon, 27 Jan 2025 03:37:42 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6Inh3S3VGeEdQdlFNTVRDNUNOeFZRbnc9PSIsInZhbHVlIjoicHpRTmRRdkZKczdzNmNjdHpITFNoeUR2TW5qVURVQkR4NXV5VDZDOTRoUE0zUXN4NGZpclcyQzFjcEZpYjVRaVkrVGs0aDBpV2psTzltalRMSWxpVUM3ckViT2RwWjRWOGFMRXFRR0czQlN4bkEyRVFleUhzWWFCWnNQYkxzUzIiLCJtYWMiOiIzMWQ0NjRiODRiYWQ1MDMyZmEwNWEyNzBiN2NhYjU1YTE0MDZjNjY1NzVlZmFmZmVkY2VhMTJlZWU1MWI5ZWZkIiwidGFnIjoiIn0%3D; expires=Mon, 27 Jan 2025 03:37:42 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
cache-control: no-cache, private
date: Mon, 27 Jan 2025 02:07:42 GMT
location: https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

maxfinishseveral.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d

186.2.163.111

200 OK

24 kB

URL GET HTTP/2
maxfinishseveral.com/s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (52179)
Size
24 kB (23511 bytes)
Hash
72e89292dad5c7e8a82f6101fc52b71a
11917db2f454df110fedaf803ebf640052f953b8
1058329efc2e4de916dc58c5996ae6620836b878c33d13742b90f20ccddabe61

HTTP Headers

GET /s/js/site.min.js?ea7bc466cd21d4b756b621241c671b1d HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Cookie: __ddg8_=hzvR6Iawgp2kzW8M; __ddg9_=91.90.42.154; __ddg10_=1737943662; __ddg1_=aPR0adqFo11zNKGX9HJh; XSRF-TOKEN=eyJpdiI6InYvbEZxY0FtaDgzN0VPWUpRcjNMWUE9PSIsInZhbHVlIjoibUxhQkFHN0JqakxSNVgwaEFsUXY2R2t4WURaRmF1aVVlcFM4RzFucDFueHpzWUhhTzN5a0RvUWxpQ0t2Vjk1ZTBYTkRvQzRQeUxaQ2dIMVVwWXcydVhubVQxMTNzMXliMUZRTlh6WHp1TFNtaDdsSmpIVFppQlVJUmk4cjFZSVYiLCJtYWMiOiJjOTFiMjc1N2UzNmFmYmU1MDI0OTJkNTk0YWMxM2M1NjgzMzAzMTkyODYwNzA5NDk0NGRmZTgxOTZkMmJiOGY0IiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6Ii9XUWYzQjE4VTEyQ0lYUEd0WTE1NEE9PSIsInZhbHVlIjoiSUFvZUQrbDBSYXdMTHRTT3E0ZnB1b3cvWG5Wdlc3eXZrWXBiaTRlSCs4N1JscEZ3dmN6M05CaStYbTNUZFdvYnFadURpTUpGTzlJUmM1RmFHcjJ4ajJJZFhDV1gwVlNER25ZYTdjWlcvVkUwV2hvM1luWXJzMDliOEhuR2pkdEsiLCJtYWMiOiI0MTk3N2Q1YjVmMTZjZmY5NGI3NTNmN2U5ZTY5YmMxMTI3YmRhZmNmNDgzNDZjZThiNjg2ZjJjZTc0NTNmMTQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=8SxPgaflaOCMd6VK; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
__ddg10_=1737943663; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 25 Jan 2025 05:08:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 21 Apr 2024 00:38:03 GMT
etag: W/"66245feb-191d9"
expires: Mon, 24 Feb 2025 05:08:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 161955
content-length: 23511
ddg-cache-status: HIT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js

104.17.24.14

200 OK

83 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (82604 bytes)
Hash
1e59b3a541bcfa025fdda12cbbaa9f6e
b04d134373a70c5c2c536e0246b99dabdde8db9d
88fa861d6c2d711a4a0e9c186234ab06f7e0f77b7bda6da22ae50eae6c892570

HTTP Headers

GET /ajax/libs/hls.js/1.2.7/hls.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 82604
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "636ff6bc-142ac"
last-modified: Sat, 12 Nov 2022 19:40:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 378788
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDVs59n3RxRFyWzSHt62OgHuFjyv5ZtZkeDpbkGWgcwH3Xg7oJJnsldwOFZJrTMh7oLiQjBbHrWZNycd76h%2F3ziwki7LKjFRLnmis7%2BPb1eiBGz0mPFJVIm2CiBErb0KroaStSDU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d86ff15684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
27 kB (27446 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 377525
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhzf0ICPDhKtpVsa7VTpK3eEX%2B89doPb0%2FNCMgdckeYz8EPm0dERbCgy8XexgGuJT%2BvydtWOSwJATqCNIT04EeDKupe5X%2F97SgtJ%2FafXhUxiAcMn0rG8QEoVVJS37ctcAmV5qQZZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d898005684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.min.css

104.17.24.14

200 OK

4.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (32524), with no line terminators
Size
4.5 kB (4503 bytes)
Hash
27a5932e6ea87c90e820203b47311518
9cd7e9b94c01a5cf5ffe0bd27f2d2e2429738e91
6bfc1e307a874e08da7f2529dd89cca1e4a213d32cc06afaa1086ed85179d8b1

HTTP Headers

GET /ajax/libs/plyr/3.7.8/plyr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: text/css; charset=utf-8
content-length: 4503
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "641dd583-1197"
last-modified: Fri, 24 Mar 2023 16:53:23 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 769561
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mezylgu%2BJ8kGkHLljgzJuYoMvI9BHlth%2BotjpFBZ2xexxhD%2BKBKjhTO%2BhTSKDqsBYarYqqICptBN6L4BFu7ZHX8KNtO88YWz%2F0MVNSPGn6KyMQ4BeWBwUZ3Ah4YmLdkdnlIDhxi%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d8a8015684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.polyfilled.min.js

104.17.24.14

200 OK

31 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.polyfilled.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30620 bytes)
Hash
71dc06ef63bafd519190803503d6fdd0
efc20140bd1efe04b3a56bb3635874f0749cd8ca
b0fc604958d3c5d9b393c4a4e48f77e232ab9928ee1a585a0e87e97984b5b024

HTTP Headers

GET /ajax/libs/plyr/3.7.8/plyr.polyfilled.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 30620
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "641dd583-779c"
last-modified: Fri, 24 Mar 2023 16:53:23 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 848576
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERfQPWGJCPhqjFObdn9zEmSX8DRx8wOnNJhzMEtEpGvm2OmO0owQ5YsFskuvMn5pLLHnMiZpq0VFJgNtrCJuMC72ypNWrpBEn9lvuXm5TaN1A2VsGh4fGAd5AEoWdPiNebKrKcse"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d8a8045684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.min.js

104.17.24.14

200 OK

29 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.8/plyr.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29012 bytes)
Hash
4fb2ab36696965f30dd02a36089bfc64
9b165c0e728a0ac4e2cddc944c9a2c5819ca7342
ae7266d9eb50c1614c4f425edba8b3aa805b8b22c97cbbd360ae9a0ea47c02ad

HTTP Headers

GET /ajax/libs/plyr/3.7.8/plyr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 29012
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "641dd583-7154"
last-modified: Fri, 24 Mar 2023 16:53:23 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 946900
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvYgWFa22%2FjAkobXusVBGr34ZvcE%2FHJIjad%2BkFvv9gQN8OBfBZNqv%2Bn%2FxRK%2B2eLN8JCfYTJNYSsEmwwR2BxafoYDCBUNgoY%2F3ErMcI3AvNiDdv7%2F13xmX0T4OYM8eZgFkKNUWbCi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d928395684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js

104.17.24.14

200 OK

21 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
21 kB (21170 bytes)
Hash
2e477967e482f32e65d4ea9b2fd8e106
ddc6e9ead6d16ae9237399ce41e8c1620cc59c36
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c

HTTP Headers

GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maxfinishseveral.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 27 Jan 2025 02:07:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 21170
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-52b2"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 376816
expires: Sat, 17 Jan 2026 02:07:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1bqP%2BND0pwOZoZi2%2Bs5YnkRUeuCQJRwwtvWCuZvsSLiZEtrjvSER7RNA9Xz%2FT%2Bnq6Lpuuaga8PmkjzPIp%2FgUoA9IsdRCr5kXh5X4ZSArFDBPJ4w4y4kSVByVtHoTwEKknV7PFmOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 908530d9383b5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.42

200 OK

140 kB

URL GET HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint60:72:A8:75:0D:97:04:67:31:64:42:C6:E8:8B:7B:1D:2B:F5:04:E9
ValidityMon, 06 Jan 2025 08:37:11 GMT - Mon, 31 Mar 2025 08:37:10 GMT

File type
JavaScript source, ASCII text, with very long lines (2529)
Size
140 kB (140028 bytes)
Hash
38a800bb0746116d346d3ce3f0640d4b
a1cc3969e1ea2a1912b5b6a38ac94c06bee43f54
8cec3b64aa0b26008d5347a68c79cf22a8e3e921c0aeaa9152fe224bd797b122

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Jan 2025 02:07:43 GMT
expires: Mon, 27 Jan 2025 02:07:43 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1231610749840085144
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 140028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rescueaccredited.com/0e/d5/91/0ed591400877d316744c6353cd338f08.js

172.240.108.84

403 Forbidden

0 B

URL GET HTTP/1.1
rescueaccredited.com/0e/d5/91/0ed591400877d316744c6353cd338f08.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectrescueaccredited.com
Fingerprint8F:F5:04:EE:39:81:EA:A2:BD:A5:96:45:EA:EB:D0:52:5A:F0:3A:EC
ValidityThu, 23 Jan 2025 15:56:27 GMT - Wed, 23 Apr 2025 15:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0e/d5/91/0ed591400877d316744c6353cd338f08.js HTTP/1.1
Host: rescueaccredited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Mon, 27 Jan 2025 02:07:43 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: rescueaccredited.com

rescueaccredited.com/0e/d5/91/0ed591400877d316744c6353cd338f08.js

172.240.108.84

403 Forbidden

0 B

URL GET HTTP/1.1
rescueaccredited.com/0e/d5/91/0ed591400877d316744c6353cd338f08.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectrescueaccredited.com
Fingerprint8F:F5:04:EE:39:81:EA:A2:BD:A5:96:45:EA:EB:D0:52:5A:F0:3A:EC
ValidityThu, 23 Jan 2025 15:56:27 GMT - Wed, 23 Apr 2025 15:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0e/d5/91/0ed591400877d316744c6353cd338f08.js HTTP/1.1
Host: rescueaccredited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Mon, 27 Jan 2025 02:07:44 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: rescueaccredited.com

maxfinishseveral.com/android-icon-192x192.png

186.2.163.111

200 OK

7.1 kB

URL GET HTTP/2
maxfinishseveral.com/android-icon-192x192.png
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7068 bytes)
Hash
6e09fa5e43f9f169c8b65bdba9683b46
e986e9353a404b28a522b85dc0b7afb480b6cb27
7940cbb7ef222596bef1a1d1db04e8a1b745dfdeb769ff9a46f4e3717396af0b

HTTP Headers

GET /android-icon-192x192.png HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Cookie: __ddg8_=8SxPgaflaOCMd6VK; __ddg9_=91.90.42.154; __ddg10_=1737943663; __ddg1_=aPR0adqFo11zNKGX9HJh; XSRF-TOKEN=eyJpdiI6InYvbEZxY0FtaDgzN0VPWUpRcjNMWUE9PSIsInZhbHVlIjoibUxhQkFHN0JqakxSNVgwaEFsUXY2R2t4WURaRmF1aVVlcFM4RzFucDFueHpzWUhhTzN5a0RvUWxpQ0t2Vjk1ZTBYTkRvQzRQeUxaQ2dIMVVwWXcydVhubVQxMTNzMXliMUZRTlh6WHp1TFNtaDdsSmpIVFppQlVJUmk4cjFZSVYiLCJtYWMiOiJjOTFiMjc1N2UzNmFmYmU1MDI0OTJkNTk0YWMxM2M1NjgzMzAzMTkyODYwNzA5NDk0NGRmZTgxOTZkMmJiOGY0IiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6Ii9XUWYzQjE4VTEyQ0lYUEd0WTE1NEE9PSIsInZhbHVlIjoiSUFvZUQrbDBSYXdMTHRTT3E0ZnB1b3cvWG5Wdlc3eXZrWXBiaTRlSCs4N1JscEZ3dmN6M05CaStYbTNUZFdvYnFadURpTUpGTzlJUmM1RmFHcjJ4ajJJZFhDV1gwVlNER25ZYTdjWlcvVkUwV2hvM1luWXJzMDliOEhuR2pkdEsiLCJtYWMiOiI0MTk3N2Q1YjVmMTZjZmY5NGI3NTNmN2U5ZTY5YmMxMTI3YmRhZmNmNDgzNDZjZThiNjg2ZjJjZTc0NTNmMTQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=7jSqmo9AfnRuW200; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
__ddg10_=1737943664; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 25 Jan 2025 05:08:30 GMT
content-type: image/png
content-length: 7068
last-modified: Mon, 14 Aug 2023 01:22:26 GMT
etag: "64d981d2-1b9c"
expires: Mon, 24 Feb 2025 05:08:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 161954
ddg-cache-status: HIT
X-Firefox-Spdy: h2

maxfinishseveral.com/favicon-16x16.png

186.2.163.111

200 OK

533 B

URL GET HTTP/2
maxfinishseveral.com/favicon-16x16.png
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
533 B (533 bytes)
Hash
4a1c219d978909f413ca1b9a39f7523d
08859f796b01690ee81a13e4bcc0976f16c473ca
dc91f3be29e28fa5aa027f4c3165a5df794424e66c1627b90a204482b470f0be

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Cookie: __ddg8_=8SxPgaflaOCMd6VK; __ddg9_=91.90.42.154; __ddg10_=1737943663; __ddg1_=aPR0adqFo11zNKGX9HJh; XSRF-TOKEN=eyJpdiI6InYvbEZxY0FtaDgzN0VPWUpRcjNMWUE9PSIsInZhbHVlIjoibUxhQkFHN0JqakxSNVgwaEFsUXY2R2t4WURaRmF1aVVlcFM4RzFucDFueHpzWUhhTzN5a0RvUWxpQ0t2Vjk1ZTBYTkRvQzRQeUxaQ2dIMVVwWXcydVhubVQxMTNzMXliMUZRTlh6WHp1TFNtaDdsSmpIVFppQlVJUmk4cjFZSVYiLCJtYWMiOiJjOTFiMjc1N2UzNmFmYmU1MDI0OTJkNTk0YWMxM2M1NjgzMzAzMTkyODYwNzA5NDk0NGRmZTgxOTZkMmJiOGY0IiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6Ii9XUWYzQjE4VTEyQ0lYUEd0WTE1NEE9PSIsInZhbHVlIjoiSUFvZUQrbDBSYXdMTHRTT3E0ZnB1b3cvWG5Wdlc3eXZrWXBiaTRlSCs4N1JscEZ3dmN6M05CaStYbTNUZFdvYnFadURpTUpGTzlJUmM1RmFHcjJ4ajJJZFhDV1gwVlNER25ZYTdjWlcvVkUwV2hvM1luWXJzMDliOEhuR2pkdEsiLCJtYWMiOiI0MTk3N2Q1YjVmMTZjZmY5NGI3NTNmN2U5ZTY5YmMxMTI3YmRhZmNmNDgzNDZjZThiNjg2ZjJjZTc0NTNmMTQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=wtdGG1ydEIaHS6AM; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
__ddg10_=1737943664; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:44 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 25 Jan 2025 05:08:32 GMT
content-type: image/png
content-length: 533
last-modified: Mon, 14 Aug 2023 01:22:26 GMT
etag: "64d981d2-215"
expires: Mon, 24 Feb 2025 05:08:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 161952
ddg-cache-status: HIT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap

142.250.74.10

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Figtree:wght@400;600;800&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint60:72:A8:75:0D:97:04:67:31:64:42:C6:E8:8B:7B:1D:2B:F5:04:E9
ValidityMon, 06 Jan 2025 08:37:11 GMT - Mon, 31 Mar 2025 08:37:10 GMT

File type
ASCII text, with very long lines (2562), with no line terminators
Size
2.5 kB (2508 bytes)
Hash
fbfaf5c6685f08fa249cbee43a645e11
7157b9afdcff3bc6ce8460d7888d05b292b4ed1f
4019ac3cd23e4ed83b15017c7fe0d7f832d660f28335b091ff8b7112c7650942

HTTP Headers

GET /css2?family=Figtree:wght@400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Jan 2025 02:07:43 GMT
date: Mon, 27 Jan 2025 02:07:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxfinishseveral.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e

186.2.163.111

200 OK

271 kB

URL GET HTTP/2
maxfinishseveral.com/s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Requested by
https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type

Size
271 kB (270624 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/css/site.min.css?cb42e55bbdab3f11540fa3b620a6e66e HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
Cookie: __ddg8_=hzvR6Iawgp2kzW8M; __ddg9_=91.90.42.154; __ddg10_=1737943662; __ddg1_=aPR0adqFo11zNKGX9HJh; XSRF-TOKEN=eyJpdiI6InYvbEZxY0FtaDgzN0VPWUpRcjNMWUE9PSIsInZhbHVlIjoibUxhQkFHN0JqakxSNVgwaEFsUXY2R2t4WURaRmF1aVVlcFM4RzFucDFueHpzWUhhTzN5a0RvUWxpQ0t2Vjk1ZTBYTkRvQzRQeUxaQ2dIMVVwWXcydVhubVQxMTNzMXliMUZRTlh6WHp1TFNtaDdsSmpIVFppQlVJUmk4cjFZSVYiLCJtYWMiOiJjOTFiMjc1N2UzNmFmYmU1MDI0OTJkNTk0YWMxM2M1NjgzMzAzMTkyODYwNzA5NDk0NGRmZTgxOTZkMmJiOGY0IiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6Ii9XUWYzQjE4VTEyQ0lYUEd0WTE1NEE9PSIsInZhbHVlIjoiSUFvZUQrbDBSYXdMTHRTT3E0ZnB1b3cvWG5Wdlc3eXZrWXBiaTRlSCs4N1JscEZ3dmN6M05CaStYbTNUZFdvYnFadURpTUpGTzlJUmM1RmFHcjJ4ajJJZFhDV1gwVlNER25ZYTdjWlcvVkUwV2hvM1luWXJzMDliOEhuR2pkdEsiLCJtYWMiOiI0MTk3N2Q1YjVmMTZjZmY5NGI3NTNmN2U5ZTY5YmMxMTI3YmRhZmNmNDgzNDZjZThiNjg2ZjJjZTc0NTNmMTQxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=fSyyYUQu0AZWpFdi; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
__ddg10_=1737943663; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:43 GMT
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 25 Jan 2025 05:08:28 GMT
content-type: text/css
last-modified: Sun, 25 Aug 2024 05:27:50 GMT
vary: Accept-Encoding
etag: W/"66cac0d6-42120"
expires: Mon, 24 Feb 2025 05:08:28 GMT
cache-control: max-age=2592000
content-encoding: br
age: 161955
content-length: 36210
ddg-cache-status: HIT
X-Firefox-Spdy: h2

maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1

186.2.163.111

200 OK

118 kB

URL User Request GET HTTP/2
maxfinishseveral.com/access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1
IP
186.2.163.111:443
ASN
#59692 IQWeb FZ-LLC

Certificate
IssuerLet's Encrypt
Subjectmaxfinishseveral.com
FingerprintB9:6C:10:F0:4D:BD:B0:1F:2E:B7:07:55:15:F1:09:D9:AA:55:FA:33
ValiditySat, 25 Jan 2025 04:08:01 GMT - Fri, 25 Apr 2025 04:08:00 GMT

File type
HTML document, ASCII text, with very long lines (61175)
Size
118 kB (117477 bytes)
Hash
0206728a950d250838cb522f3bfbfc43
d99a9951b7998abdc55cae3d8c208e3bdcf6902d
35895049dfdeda62446b2ea2e22601703512a68352d858704770d67b43ec6ee0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /access/eyJpdiI6Iktucyt3QWozSzBlR1BybjRkYmt3ZWc9PSIsInZhbHVlIjoiWWNpcFhubWVhMHdVMVA2aVNjbzFUbG11VndtM2wrR081cmFhdGpzem9sVzhzVFd5a2VZampodlJqY2U5QytxUHo3T2R6SlZyR1BhQlhzNUJZYWtZNkFlNkVyVzVmRmwwUDl2YWRHdTFVbkU9IiwibWFjIjoiOTY4M2MyMTQ4OTcwZWE0OTZmZDc3ODQwYjgyOTVhZmFkZDQxYjNiZTc4ZTZhMDE1NmIwNDRlNDkzNGRmOWJlNSIsInRhZyI6IiJ9?o=1 HTTP/1.1
Host: maxfinishseveral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __ddg8_=rhdILtiG8jAqWpsR; __ddg9_=91.90.42.154; __ddg10_=1737943662; __ddg1_=aPR0adqFo11zNKGX9HJh; XSRF-TOKEN=eyJpdiI6IisyTjR2eWE4K1NLTEhFMVljYVhuZ3c9PSIsInZhbHVlIjoicXpVUFVPSjV2clpPZUlQV0V0ZmF2b3JuVWpnQmErbGNUcTNpSE5zTXNPekhlTUlDNUtNZ2ptakNFaDlqeTBaVjREWnlDeHlsZ1podm9CWWVKbjZhczBCeWNBV2pUR3NMYkpIWmI5ekg2ZlZiTTVUUnRudlBhY2xTZXZnbmtGeW0iLCJtYWMiOiI5ZGE3ZTY4MGVmMjI5ZTgxM2IxYzFjZmM2ZGYzYTA1MTdjYjVkYmNkOWEzMjczYWRlYWQxYzFlZjVkNjBjOTYyIiwidGFnIjoiIn0%3D; voe_session=eyJpdiI6Inh3S3VGeEdQdlFNTVRDNUNOeFZRbnc9PSIsInZhbHVlIjoicHpRTmRRdkZKczdzNmNjdHpITFNoeUR2TW5qVURVQkR4NXV5VDZDOTRoUE0zUXN4NGZpclcyQzFjcEZpYjVRaVkrVGs0aDBpV2psTzltalRMSWxpVUM3ckViT2RwWjRWOGFMRXFRR0czQlN4bkEyRVFleUhzWWFCWnNQYkxzUzIiLCJtYWMiOiIzMWQ0NjRiODRiYWQ1MDMyZmEwNWEyNzBiN2NhYjU1YTE0MDZjNjY1NzVlZmFmZmVkY2VhMTJlZWU1MWI5ZWZkIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=hzvR6Iawgp2kzW8M; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
__ddg9_=91.90.42.154; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
__ddg10_=1737943662; Domain=.maxfinishseveral.com; Path=/; Expires=Mon, 27-Jan-2025 02:27:42 GMT
XSRF-TOKEN=eyJpdiI6InYvbEZxY0FtaDgzN0VPWUpRcjNMWUE9PSIsInZhbHVlIjoibUxhQkFHN0JqakxSNVgwaEFsUXY2R2t4WURaRmF1aVVlcFM4RzFucDFueHpzWUhhTzN5a0RvUWxpQ0t2Vjk1ZTBYTkRvQzRQeUxaQ2dIMVVwWXcydVhubVQxMTNzMXliMUZRTlh6WHp1TFNtaDdsSmpIVFppQlVJUmk4cjFZSVYiLCJtYWMiOiJjOTFiMjc1N2UzNmFmYmU1MDI0OTJkNTk0YWMxM2M1NjgzMzAzMTkyODYwNzA5NDk0NGRmZTgxOTZkMmJiOGY0IiwidGFnIjoiIn0%3D; expires=Mon, 27 Jan 2025 03:37:42 GMT; Max-Age=5400; path=/; secure; samesite=none; partitioned
voe_session=eyJpdiI6Ii9XUWYzQjE4VTEyQ0lYUEd0WTE1NEE9PSIsInZhbHVlIjoiSUFvZUQrbDBSYXdMTHRTT3E0ZnB1b3cvWG5Wdlc3eXZrWXBiaTRlSCs4N1JscEZ3dmN6M05CaStYbTNUZFdvYnFadURpTUpGTzlJUmM1RmFHcjJ4ajJJZFhDV1gwVlNER25ZYTdjWlcvVkUwV2hvM1luWXJzMDliOEhuR2pkdEsiLCJtYWMiOiI0MTk3N2Q1YjVmMTZjZmY5NGI3NTNmN2U5ZTY5YmMxMTI3YmRhZmNmNDgzNDZjZThiNjg2ZjJjZTc0NTNmMTQxIiwidGFnIjoiIn0%3D; expires=Mon, 27 Jan 2025 03:37:42 GMT; Max-Age=5400; path=/; secure; httponly; samesite=none; partitioned
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 27 Jan 2025 02:07:42 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2