Report - embedmax.site/tvl/cazetv1.php

Report Overview

Visited public
2024-06-16 04:32:20
Tags
URL
embedmax.site/tvl/cazetv1.php
Finishing URL
embedmax.site/tvl/cazetv1.php
IP / ASN
104.21.93.251
#13335 CLOUDFLARENET
Title
embedmax.site/tvl/cazetv1.php

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
abc.embedmax.site	unknown	unknown	No data	No data	6.7 kB	660 kB	104.21.93.251
loaptaijuw.com	unknown	2024-05-29	2024-05-29 15:53:27	2024-06-10 07:23:44	2.2 kB	40 kB	139.45.197.243
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-06-14 18:43:38	459 B	742 B	139.45.195.8
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-15 18:20:48	981 B	2.7 kB	23.36.76.226
embedmax.site	unknown	unknown	No data	No data	2.0 kB	198 kB	104.21.93.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-16	medium	loaptaijuw.com	Sinkholed
2024-06-16	medium	loaptaijuw.com	Sinkholed
2024-06-16	medium	loaptaijuw.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (29)

	URL	From	Size	First Seen	Last Seen
	abc.embedmax.site/microtemplates/source[9]	Function	3.5 kB	2023-05-18	2025-04-13
Pretty URL abc.embedmax.site/microtemplates/source[9] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-18 09:46 Last Seen2025-04-13 19:11 Times Seen99 Hash 3e0c4e5e4e9bcf723473f5c433f52582 5903203de1a0a89a1887375756225de22bc68756 a83bba0688ca8b10a8dafd3661660c2a1d7f1767a60a6d21dc8b9b96e524d2f9 Loading...

	abc.embedmax.site/flu/player/clappr.b144fd41d286a094cb29.js	ScriptElement	625 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/clappr.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 936020c9d9ad58e9ecae0863682d51d2 9ee1f7cb6c6bd4bc06ce716172d2debfb9453756 8b02542be00b018d44f2847742cf746e010900a18bd20c21e56d59679237cef9 Loading...

	abc.embedmax.site/microtemplates/source[1]	Function	1.0 kB	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[1] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash 5e2ed454c6413b9151bbc48a76269aca 4b9a68320d2b524b323ed747a86b60dab30ea55a 0a805ac0fec821d7685a0541f20815f962f473c2df86b3c41fb7aa3a947c4766 Loading...

	abc.embedmax.site/microtemplates/source[7]	Function	279 B	2023-06-04	2025-04-16
Pretty URL abc.embedmax.site/microtemplates/source[7] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-04 21:53 Last Seen2025-04-16 05:38 Times Seen129 Hash d81302b310d9ae322faa91d4af5069f2 2681df42c88bb551bd9661e3a383a24e6d791561 88c7f28232129a926a5ec47f63a16534baba40d4d8fdaee1fce4d6553649fb62 Loading...

	abc.embedmax.site/microtemplates/source[11]	Function	1.0 kB	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[11] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash fc65248c174f5d089dab9394f0c5d57b c769e0e7ce88c0cc9443b169d949131fbad9acae 2e947f62f110ea4832b14a312781d189c9a57ceeab64398a33c385d0729d62f4 Loading...

	abc.embedmax.site/flu/player/panzoom.b144fd41d286a094cb29.js	ScriptElement	12 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/panzoom.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 73b24512ea8be15f8f3b274b5f44c641 6756cbcc7df9467efe97cf4222a94dd6964bfe44 d687fcc882314733bd40542394b147b937aef77beedb6f2c552c5d872f6b2542 Loading...

	abc.embedmax.site/microtemplates/source[0]	Function	304 B	2023-06-18	2025-04-13
Pretty URL abc.embedmax.site/microtemplates/source[0] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2025-04-13 03:29 Times Seen12 Hash 23756143182bfe818b40b22a103bd83c de066e54975508c69a492687b83a6d95e9490b0d a7ebbaeae09e8cac7088305e08c12f17afdb39e0f66a8a1f3e2adbb5269bbfa9 Loading...

	abc.embedmax.site/microtemplates/source[10]	Function	265 B	2023-05-11	2025-02-11
Pretty URL abc.embedmax.site/microtemplates/source[10] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-05-11 01:17 Last Seen2025-02-11 07:53 Times Seen55 Hash 7bdd29ebe3b75e03ffab7f48701f031a 2f6b80f5f0ef86dcd9688ed1009a7be072de1eb3 eae8d2b79548d94da36a4b94098e365facb7803e4f170035dfb2589b363b37b2 Loading...

	embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip	ScriptElement	446 B	2024-08-19	2024-08-19
Pretty URL embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 6e43fd1fb478d51a7ccadf5fe5aa8448 6ad464ce618182814a1f37ec35afabbb349e7f93 e90ca173277d2c1191108940a9fef6a47abf3d817775ac62dd46816ce2affc16 Loading...

	abc.embedmax.site/microtemplates/source[6]	Function	220 B	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[6] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash 46ec1112b79d3558d51172e1144c483c ebeeec3a01bfd1cfecedd2cd07ed6767b3d9db66 dfaeb63680a16725c954164c3ac9b1be7345fdb2e032bc06127bb9824c0ef680 Loading...

	abc.embedmax.site/flu/player/shaka-player.b144fd41d286a094cb29.js	ScriptElement	375 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/shaka-player.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash aaa41fd0857bf6290346152f21e33f1e f899167934f8f93112bdce6fc5ae0b43bb2e961d 689199e89cc7dd232066fda20771cc65ca9502775172f06687eff90496654d49 Loading...

	abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip	ScriptElement	0 B	0001-01-01	2025-04-26
Pretty URL abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-04-26 01:52 Times Seen4535622 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	abc.embedmax.site/microtemplates/source[4]	Function	264 B	2023-06-04	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[4] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-04 21:53 Last Seen2024-08-19 19:50 Times Seen1 Hash bc3380c993f3da4c982ae815bdbcdf40 535bf7b1c1fc722cc041066b0abd5ac23260464e d19a824f7fbe45dddbffa63ed39cebe86d8d38ae4a86421f4f54ea22e5bf82c0 Loading...

	abc.embedmax.site/microtemplates/source[2]	Function	790 B	2023-04-21	2025-04-19
Pretty URL abc.embedmax.site/microtemplates/source[2] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-21 16:21 Last Seen2025-04-19 02:49 Times Seen83 Hash 7e5b16f1a8e1a982372e2fc1e7c9d395 bf8c22c739fe0656b68b47a305543b87e500eccf 9c89f40b1f71e4a857cc7f43c8afe559616fe59deea436c65e8776421d9bd8ca Loading...

	abc.embedmax.site/microtemplates/source[8]	Function	525 B	2023-06-04	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[8] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-04 21:53 Last Seen2024-08-19 19:50 Times Seen1 Hash 83a27a5185f45df0b4b2a3520971d7b5 27374f6203ae164df3857f7b98f9d1d401acadec e8651bb1af2252151099f1cf55c3dd8244db1065bd1dfc18b5f63d687267ae26 Loading...

	abc.embedmax.site/microtemplates/source[12]	Function	791 B	2023-06-18	2025-01-23
Pretty URL abc.embedmax.site/microtemplates/source[12] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2025-01-23 08:07 Times Seen6 Hash aa12f600db7a50ab0dad75575b70dcba 24b77c51286f871b3dd5671efbcfb593cb41ed83 0c55fa5fe64856fe28f3b309892aaa6f016c9e7a501a7049bfebc1bd7bdf0ea0 Loading...

	abc.embedmax.site/flu/player/core-js.b144fd41d286a094cb29.js	ScriptElement	72 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/core-js.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 6a942165c637eda02c18803744889ff4 052d54ed9ca43bfeff0d24ccfb91751d02835b55 a37e54f55226bcf76893c14d7945025674d5ec9d33ab7a4f37a6d4156715f08c Loading...

	abc.embedmax.site/flu/player/flussonic.b144fd41d286a094cb29.js	ScriptElement	101 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/flussonic.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash fa62216a9d2fdd478bd3402cc38f2c26 be3ca2586dd5ef4d88bbeff9c21bb22cdeeed206 9c46f9bc8cd2be37bd1ce9d979d38bbae28a60bc57e995dc3c75fbe8f518c9ce Loading...

	abc.embedmax.site/microtemplates/source[0]	Function	1.0 kB	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[0] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash cdf6f4ab5557d303fab25ab3ebb6f729 3feeb41129d65123e3351829ec3f10b848745a81 07a949699feef7d2c7c911ffc959610ba58cf505c1bd45490f17b81af2c5d1fc Loading...

	unknown	ScriptElement	172 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 0c523a324ad5d3d339928d6198e47c87 c4139945cf14c337c186234ff33040739b47474c 5813e4eaf93e9ea94ed0697a925cf6a33678b5495b93570bf54209a0f703b7bf Loading...

	embedmax.site/scriptBox.js	ScriptElement	274 B	2024-08-19	2024-08-19
Pretty URL embedmax.site/scriptBox.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 100734eeab406aa3ae9d27a98b9dc77b 9ea1e9b36b56f02e25721ea480d879e18d00feb0 03cbb659dc57577c6ebde22b0dd7e7cab7b71d73c139b43afce357defb3486f5 Loading...

	abc.embedmax.site/flu/player/sentry.b144fd41d286a094cb29.js	ScriptElement	75 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/sentry.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 9524aa47620aa024c7cfbc9caaa4a2f4 ccdfbe9343495a58c20f039c65528ceaf17c1f86 4d3a62774ca0e4cb7e9eef12f4ea8a317dccf74cb3692f7049fdacdc98f80722 Loading...

	loaptaijuw.com/tag.min.js	ScriptElement	93 kB	2024-06-15	2024-08-19
Pretty URL loaptaijuw.com/tag.min.js IP 139.45.197.243 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-15 09:50 Last Seen2024-08-19 19:56 Times Seen72 Hash a995a1e3619ea0c15b4dc31f5e427427 ff4d714778849da83f457f34d517c73ccfb3d4c3 d519ddc867934c0321ae85f81ae44b1a7baa10712ace65c892e607621ca8249c Loading...

	abc.embedmax.site/microtemplates/source[5]	Function	426 B	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[5] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash 242c03b9c642d7e0fa85e44bf0457a55 ec5ca7c57b4446527982800dd4c54ee71f3718c4 18240c5675d6d54c980aa514c6ae54145fc00129559b0e4e7b6e5b1ffe11db41 Loading...

	abc.embedmax.site/microtemplates/source[13]	Function	1.2 kB	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[13] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash b69c74a90557ee6f296dec842a87dedf a8e047c8409d06e916c4730f3beaa75fed5ee1f8 efbaf61335780c2b124d940121e190fb1d06c44471487272d9031a05cde3053f Loading...

	abc.embedmax.site/microtemplates/source[14]	Function	2.4 kB	2023-06-18	2024-08-19
Pretty URL abc.embedmax.site/microtemplates/source[14] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-06-18 01:47 Last Seen2024-08-19 19:50 Times Seen1 Hash 8099e1190bce7b43ed115416fd1b40c1 6fc81a1c1f63b2000602a612eb476a2b3cbf498d 493c2afac592d26c68359b506fb55196e01bc8772f4a9da4c2cf11c04599343f Loading...

	embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip	ScriptElement	4.3 kB	2024-08-19	2024-08-19
Pretty URL embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 0ff17fd55ede32a85f47442d72eb0b0e 83e86e9b662a0925ac2b7c37b7b7012100be309c 13de466a3a9116b4ca0e290ad4fc20b3909de8410568a7378067dcd6fa563c5a Loading...

	abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.js	ScriptElement	610 kB	2024-08-19	2024-08-19
Pretty URL abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.js IP 104.21.93.251 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:50 Last Seen2024-08-19 19:50 Times Seen1 Hash 02c54db2f9df415b102cb36f5f2da143 fa9912c6b55be8d2b3d9839e95fcb0b9d8f50468 114734435ff7fb8629092d6e2487e9e86c5ad00cdbb8e7497f2a5eef6ee3d7b8 Loading...

	abc.embedmax.site/microtemplates/source[3]	Function	420 B	2023-04-13	2025-04-23
Pretty URL abc.embedmax.site/microtemplates/source[3] IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 17:29 Last Seen2025-04-23 06:17 Times Seen569 Hash f40933e603a05e3c1f59b8b335ff9a02 8bdf38370eab8e6c148cfc2f9f3b6858882ece80 eae854849ff9fe52b79b43b513b33644249e07c3db14c00377dda3840b913747 Loading...

HTTP Transactions (22)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
5c35a3180482afadf4e89f4cc249fa7b
8a088c184606fe3e4e0da8cd90b6eb5e6d30fb97
146fe131cf8436e3de4832a23b351400b4819dbd9b9716302248d3ab447f000c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "146FE131CF8436E3DE4832A23B351400B4819DBD9B9716302248D3AB447F000C"
Last-Modified: Sat, 15 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7732
Expires: Sun, 16 Jun 2024 06:40:44 GMT
Date: Sun, 16 Jun 2024 04:31:52 GMT
Connection: keep-alive

embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip

104.21.93.251

200 OK

0 B

URL GET HTTP/3
embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embedmax.site/tvl/cazetv1.php
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip HTTP/1.1
Host: embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
version: MS24061301
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-micro-cache: HIT
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fA1EpSHIoK5%2FT2r2Mz%2Fqdd1L0XHrotmMLUvrmeSojtgu88wqvOk2SBKz%2BTzSW1BDr613jIPf7mJIDgj1djKASXNGjiNYoinOBbZvUVtd4NzBBEOawmP0gIu1QJBWXD0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894812aa3dcf56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/panzoom.b144fd41d286a094cb29.js

104.21.93.251

200 OK

4.5 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/panzoom.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, ASCII text, with very long lines (11554), with no line terminators
Size
4.5 kB (4490 bytes)
Hash
73b24512ea8be15f8f3b274b5f44c641
6756cbcc7df9467efe97cf4222a94dd6964bfe44
d687fcc882314733bd40542394b147b937aef77beedb6f2c552c5d872f6b2542

HTTP Headers

GET /flu/player/panzoom.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 4490
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: 6756cbcc7df9467efe97cf4222a94dd6964bfe44
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fl4D%2FLDj88S%2FnXQUMim97WDbfJvpIMh4JjIiYUtROYVGyTfPa8TQo89%2FOlNF0oiSRg240Lgh4yp173dBWqq0u9CIbx7Jd%2BPZxQqPbxdh6ScyYU0LOoiSmOXHR%2FNdVJYdCtsdbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab4e3e56c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/core-js.b144fd41d286a094cb29.js

104.21.93.251

200 OK

25 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/core-js.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (50613), with NEL line terminators
Size
25 kB (24898 bytes)
Hash
6a942165c637eda02c18803744889ff4
052d54ed9ca43bfeff0d24ccfb91751d02835b55
a37e54f55226bcf76893c14d7945025674d5ec9d33ab7a4f37a6d4156715f08c

HTTP Headers

GET /flu/player/core-js.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 24898
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: 052d54ed9ca43bfeff0d24ccfb91751d02835b55
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjuieeA7HZ3yTpGIA5lLjx6gHqYHjtvu7iZyhgeboNvJIn85IssmuFaqnAw3fO5jR%2BmpEC7flfoLnXUzGKV0xm%2BswCo7xaDsvd8%2Faf1RDOefL59caj0xAcUWMbZ2yeeWamtp2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab3e3756c5-OSL
alt-svc: h3=":443"; ma=86400

loaptaijuw.com/tag.min.js

139.45.197.243

200 OK

29 kB

URL GET HTTP/2
loaptaijuw.com/tag.min.js
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectloaptaijuw.com
Fingerprint04:5E:C4:AD:B9:E2:9D:F2:5A:89:52:A0:07:03:C1:3F:F9:C8:B6:64
ValidityWed, 29 May 2024 09:01:15 GMT - Tue, 27 Aug 2024 09:01:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29432 bytes)
Hash
a995a1e3619ea0c15b4dc31f5e427427
ff4d714778849da83f457f34d517c73ccfb3d4c3
d519ddc867934c0321ae85f81ae44b1a7baa10712ace65c892e607621ca8249c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: loaptaijuw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 29432
content-encoding: br
x-trace-id: 14f15bbd1ec5ad972053e9eb0038c864
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sat, 15 Jun 2024 07:43:44 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

abc.embedmax.site/flu/player/sentry.b144fd41d286a094cb29.js

104.21.93.251

200 OK

23 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/sentry.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22639 bytes)
Hash
9524aa47620aa024c7cfbc9caaa4a2f4
ccdfbe9343495a58c20f039c65528ceaf17c1f86
4d3a62774ca0e4cb7e9eef12f4ea8a317dccf74cb3692f7049fdacdc98f80722

HTTP Headers

GET /flu/player/sentry.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 22639
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: ccdfbe9343495a58c20f039c65528ceaf17c1f86
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8U2gMFj7cWQMkOdHIU4CMETmDZs8EnVCt76qbFTWrFg8JfZwfE5aokLCfYrJjC7jH4zHbWtFoKUnnJ6GaVJrgI%2BFaimLmllZiQAvjrn2mkYQs86Q3OpwfyMZ2YHPw%2Bzl%2F5Z63g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab4e3c56c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/flussonic.b144fd41d286a094cb29.js

104.21.93.251

200 OK

30 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/flussonic.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30351 bytes)
Hash
fa62216a9d2fdd478bd3402cc38f2c26
be3ca2586dd5ef4d88bbeff9c21bb22cdeeed206
9c46f9bc8cd2be37bd1ce9d979d38bbae28a60bc57e995dc3c75fbe8f518c9ce

HTTP Headers

GET /flu/player/flussonic.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 30351
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: be3ca2586dd5ef4d88bbeff9c21bb22cdeeed206
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfIOggIAUaqZtxk3HMZLVao%2B%2FYtc%2Bonaz72Kwext54Z3l1H70gl6R2Xeh60hVuyQm4%2FKo2eJsLBiwLrtzSsTvVtIZNQSYoM28MXgafh8oygwwx%2FvThoa7n3Bf03lCpW%2BTqLvDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab5e4556c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/clappr.b144fd41d286a094cb29.js

104.21.93.251

200 OK

168 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/clappr.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
168 kB (167673 bytes)
Hash
936020c9d9ad58e9ecae0863682d51d2
9ee1f7cb6c6bd4bc06ce716172d2debfb9453756
8b02542be00b018d44f2847742cf746e010900a18bd20c21e56d59679237cef9

HTTP Headers

GET /flu/player/clappr.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 167673
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: 9ee1f7cb6c6bd4bc06ce716172d2debfb9453756
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7L5V9PyAIEUoYoeCnwr9mtMJ6eQQsWzVn2YUKWu759Lkg4E3T%2Fj3Dt%2BiVGiJyca3m9vvjyGtm2W%2BB2dxXQqWwrelZffvVPlq26MRIaJU3DFHDliVJlpB3xfqbnnSWIepmh8XlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab4e3f56c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/shaka-player.b144fd41d286a094cb29.js

104.21.93.251

200 OK

121 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/shaka-player.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33019)
Size
121 kB (120992 bytes)
Hash
aaa41fd0857bf6290346152f21e33f1e
f899167934f8f93112bdce6fc5ae0b43bb2e961d
689199e89cc7dd232066fda20771cc65ca9502775172f06687eff90496654d49

HTTP Headers

GET /flu/player/shaka-player.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 120992
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: f899167934f8f93112bdce6fc5ae0b43bb2e961d
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANPIEfm3smlM9QKwLIyweeRxBes4Kq2UVA4NAoCTRVGDF%2FRG9jf%2FnzoLMH0zYxx8jNNWParDIpfLgwTkfHQdVIhy7QCWoJgOvzf%2FUpfOIXzfEaAWj8Z9rEF%2Fv2JWwWPOW1DTFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab6e4856c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.js

104.21.93.251

200 OK

187 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
JavaScript source, ASCII text, with very long lines (62991)
Size
187 kB (187384 bytes)
Hash
02c54db2f9df415b102cb36f5f2da143
fa9912c6b55be8d2b3d9839e95fcb0b9d8f50468
114734435ff7fb8629092d6e2487e9e86c5ad00cdbb8e7497f2a5eef6ee3d7b8

HTTP Headers

GET /flu/player/main.b144fd41d286a094cb29.js HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/javascript
content-length: 187384
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
content-encoding: gzip
etag: fa9912c6b55be8d2b3d9839e95fcb0b9d8f50468
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yi1WyYVCJb1ci7%2FvVUHNOaTsJS4yKFxD7YxoAgfN2SG6xlROMgQYkgXnbdmiKekPxNtkOonqweDOxHK4p19rQaGeImfdZY3LPB6XZ6F%2FQ%2BaCPdtzLyotUtseKOGLTs0S%2F8dCtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab6e4956c5-OSL
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=00807dc5c1284140ea20a5b5efb896bb

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=00807dc5c1284140ea20a5b5efb896bb
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint90:47:5A:A5:5F:5F:FA:E6:7C:6F:AB:D2:06:D1:D9:BD:F3:54:9E:6E
ValiditySat, 11 May 2024 20:51:41 GMT - Fri, 09 Aug 2024 20:51:40 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
3f2a2acc57c396ae9e9eae15c3d35a95
744d13a7a6bff6848a44e3ddcf9eccd5861cbad0
0990207eb4828086a9cbb2d4378f7ea3d146aec76d4077f8bbedc6ab0d3e4624

HTTP Headers

GET /gid.js?userId=00807dc5c1284140ea20a5b5efb896bb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/
Origin: https://embedmax.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://embedmax.site
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00807dc5c1284140ea20a5b5efb896bb; expires=Mon, 16 Jun 2025 04:31:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

abc.embedmax.site/cazetv1/media_info.json?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005

104.21.93.251

400 Bad Request

18 B

URL GET HTTP/3
abc.embedmax.site/cazetv1/media_info.json?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
ASCII text
Size
18 B (18 bytes)
Hash
c2c98e9a24fdebc108a992fb40d3ae08
b6f701f244d4f4e674fcf7bf8f7db299b0993225
285261e2f9cd16ce9238f6c67f34791e51c22d20e4ceb8066fff68832975ef8f

HTTP Headers

GET /cazetv1/media_info.json?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005 HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Sun, 16 Jun 2024 04:31:54 GMT
content-length: 18
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
x-route-time: 90
x-run-time: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDbKbTVUymwGc464VVCEXirUU8lsvKZdWLyx9YOKWbBfZ01rh3pWhrJ%2FzXj%2Bi%2FFOzJ%2FRteiseVm%2FFWLAPkbt54Mf1zbhCYN4rOsj%2Beaa0PrZt0MaNEBsViW%2BqLvJF%2FZkH8qhFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894812af580456c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/cazetv1/preview.mp4?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005

104.21.93.251

206 Partial Content

83 kB

URL GET HTTP/3
abc.embedmax.site/cazetv1/preview.mp4?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
83 kB (83088 bytes)
Hash
4b25ec5828eb075e071858bcf5289d03
d4388ab2960745981bb7532a8b1366aea1069d56
eb2157c26f3f455825c0901836df3f8f7618bcf0ff7568fcae2ad561621a7167

HTTP Headers

GET /cazetv1/preview.mp4?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005 HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:55 GMT
content-type: video/mp4
content-length: 83088
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
last-modified: Sun, 16-Jun-2024 04:31:53 GMT
x-route-time: 908
x-run-time: 267
x-sid: 666e6aba-4d2d-4771-8382-090276272bda
x-thumbnail-utc: 1718512313
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ns9FEMBQ3e4YiftyejivL2WaED0lBw0AfcXHvMm9Vd2XsAqVQEXTdi1A398wsZJaxYCJiWKLkePkyns%2FEfW1WmUuLpvN80shDy3UHcydX%2BsnerBAjy1HhmMSAZbA%2FXg%2FTql%2F2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812b0287856c5-OSL
alt-svc: h3=":443"; ma=86400

abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip

104.21.93.251

200 OK

1.1 kB

URL GET HTTP/3
abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
HTML document, ASCII text, with very long lines (713)
Size
1.1 kB (1139 bytes)
Hash
ec57f8ec36818562e6e13b08c5b41b03
daa2dd1fcb1e2ee4672691f82159efa2c45bcb19
a5735475b988f8fb5e18d21de53173b6d940740657b61fb1582e79b2f841796c

HTTP Headers

GET /cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: text/html
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
x-route-time: 1084
x-run-time: 262
x-sid: 666e6aba-0c00-472d-9d8b-636113342145
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZCHAD18EVTbNDM4i7m0oKb2UqMV5%2FoR3I9fwdlEZxFTcbJoVQf1VTN2kPtc9MjY8XIGWFpmXxf8GRER9SzEs%2FJQ%2Bx6jPhpipn%2Banr%2BQRbQAFKkgYVr7XKJMd9B41WVHfMstxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894812aa7df056c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ede0b27def700f18bb6d4eb4c1d97352
c802c366cb2eee6b9339349aa21677fdb1bd5fa5
18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20947
Expires: Sun, 16 Jun 2024 10:21:02 GMT
Date: Sun, 16 Jun 2024 04:31:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ede0b27def700f18bb6d4eb4c1d97352
c802c366cb2eee6b9339349aa21677fdb1bd5fa5
18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20916
Expires: Sun, 16 Jun 2024 10:20:31 GMT
Date: Sun, 16 Jun 2024 04:31:55 GMT
Connection: keep-alive

embedmax.site/scriptBox.js

104.21.93.251

200 OK

85 kB

URL GET HTTP/3
embedmax.site/scriptBox.js
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embedmax.site/tvl/cazetv1.php
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
ASCII text
Size
85 kB (84606 bytes)
Hash
100734eeab406aa3ae9d27a98b9dc77b
9ea1e9b36b56f02e25721ea480d879e18d00feb0
03cbb659dc57577c6ebde22b0dd7e7cab7b71d73c139b43afce357defb3486f5

HTTP Headers

GET /scriptBox.js HTTP/1.1
Host: embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/tvl/cazetv1.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 03 Jun 2024 13:18:43 GMT
etag: W/"665dc2b3-112"
version: MS24061301
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 14 Jun 2025 01:25:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 184012
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziG%2BYjCUc8DQZIp8G8HzLGojqtZx0eDp77pBPdDWnn0AS7G9QkqHYPBg71SVxo8J%2B3%2FaXeIyUxzqGtDvdbbCDAiNP8g1KCfesXCoyg4c%2Bx2SO%2BtNldzHtcnh4xDj54Ly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812a89d2856c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embedmax.site/tvl/cazetv1.php

104.21.93.251

200 OK

108 kB

URL User Request GET HTTP/2
embedmax.site/tvl/cazetv1.php
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
HTML document, ASCII text, with very long lines (305), with no line terminators
Size
108 kB (107500 bytes)
Hash
f11669948735df939493eb206739c79b
3f8d71fefc0806a874b16b58549181afd0e55c88
4dfe7a348a137913f976cea04637ab5256c392fa135146b3817d10621bbc4c22

HTTP Headers

GET /tvl/cazetv1.php HTTP/1.1
Host: embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 04:31:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
version: MS24061301
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-micro-cache: HIT
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOB%2Fx4Zztg4%2FoSmNWskvqk8lDm9z21wPoMimgQqovRljoKjWsg0t7tf1o43tY%2BJQGGdqKIQmX9Zu3K5%2BTYiBPPwvTjskHgjmmNergZJCYGT2AxbeF9knJ39UOtZPjSTT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894812a64c320b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

loaptaijuw.com/?rb=gALPHKE_8eVwr1p7uCVvxmp4TXLxFzMjZh1Iowkpq_MuhAaUuJkIDh6W-9qjSaWUXC0iidVneYzp2xjEppvKZlSTk-qk--kl_l1--BUof6XPeLoGUBfjFRKvyvSwo_u7TP46bYiKQdg8B1Dkv8i2CfX2lEeNrug32hVlabtSNdU0l3CRPfe36E3gvXvHZLMqQNoklRj7SNrIiMusdMJ6C1pN-H3p0_Jo8eSkNEnu6jnuhWYT9qQ10Pk-I7l76NY97v4R3Lx1e_8%3D&request_ab2=0&zoneid=7569335&js_build=iclick-v1.820.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fembedmax.site%2FtvI%2Fcazetv1.php%3Ftoken%3D2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004%26remote%3Dno_check_ip&drf=https%3A%2F%2Fembedmax.site%2Ftvl%2Fcazetv1.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.820.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=37cfdfd9-2f26-445a-b642-097153efb5b4&wasm=1&userId=00807dc5c1284140ea20a5b5efb896bb&m=link

139.45.197.243

200 OK

3.0 kB

URL GET HTTP/2
loaptaijuw.com/?rb=gALPHKE_8eVwr1p7uCVvxmp4TXLxFzMjZh1Iowkpq_MuhAaUuJkIDh6W-9qjSaWUXC0iidVneYzp2xjEppvKZlSTk-qk--kl_l1--BUof6XPeLoGUBfjFRKvyvSwo_u7TP46bYiKQdg8B1Dkv8i2CfX2lEeNrug32hVlabtSNdU0l3CRPfe36E3gvXvHZLMqQNoklRj7SNrIiMusdMJ6C1pN-H3p0_Jo8eSkNEnu6jnuhWYT9qQ10Pk-I7l76NY97v4R3Lx1e_8%3D&request_ab2=0&zoneid=7569335&js_build=iclick-v1.820.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fembedmax.site%2FtvI%2Fcazetv1.php%3Ftoken%3D2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004%26remote%3Dno_check_ip&drf=https%3A%2F%2Fembedmax.site%2Ftvl%2Fcazetv1.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.820.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=37cfdfd9-2f26-445a-b642-097153efb5b4&wasm=1&userId=00807dc5c1284140ea20a5b5efb896bb&m=link
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectloaptaijuw.com
Fingerprint04:5E:C4:AD:B9:E2:9D:F2:5A:89:52:A0:07:03:C1:3F:F9:C8:B6:64
ValidityWed, 29 May 2024 09:01:15 GMT - Tue, 27 Aug 2024 09:01:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2993), with no line terminators
Size
3.0 kB (2963 bytes)
Hash
11e404b18135efa0f266587b937692a5
381bbed8d893e318ede9570015f337c58720727b
a4319c4549829d35c84a67543507f9e04068076a33d0db0672c3a4a0ca7ede3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=gALPHKE_8eVwr1p7uCVvxmp4TXLxFzMjZh1Iowkpq_MuhAaUuJkIDh6W-9qjSaWUXC0iidVneYzp2xjEppvKZlSTk-qk--kl_l1--BUof6XPeLoGUBfjFRKvyvSwo_u7TP46bYiKQdg8B1Dkv8i2CfX2lEeNrug32hVlabtSNdU0l3CRPfe36E3gvXvHZLMqQNoklRj7SNrIiMusdMJ6C1pN-H3p0_Jo8eSkNEnu6jnuhWYT9qQ10Pk-I7l76NY97v4R3Lx1e_8%3D&request_ab2=0&zoneid=7569335&js_build=iclick-v1.820.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1008&wiw=1264&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1264&wfc=1&pl=https%3A%2F%2Fembedmax.site%2FtvI%2Fcazetv1.php%3Ftoken%3D2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004%26remote%3Dno_check_ip&drf=https%3A%2F%2Fembedmax.site%2Ftvl%2Fcazetv1.php&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.820.2-auto&navlng=en-US&pnt=0&pnrc=0&bs=37cfdfd9-2f26-445a-b642-097153efb5b4&wasm=1&userId=00807dc5c1284140ea20a5b5efb896bb&m=link HTTP/1.1
Host: loaptaijuw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/
Origin: https://embedmax.site
DNT: 1
Connection: keep-alive
Cookie: OAID=00807dc5c1284140ea20a5b5efb896bb; oaidts=1718512314
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 16 Jun 2024 04:31:55 GMT
content-type: application/json
x-trace-id: e5e9034d4df26864ef30df4233dcf2e7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://embedmax.site
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00807dc5c1284140ea20a5b5efb896bb; expires=Mon, 16 Jun 2025 04:31:54 GMT; path=/; secure; SameSite=None
oaidts=1718512314; expires=Mon, 16 Jun 2025 04:31:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 23 Jun 2024 04:31:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

embedmax.site/favicon.ico

104.21.93.251

404 Not Found

3.3 kB

URL GET HTTP/3
embedmax.site/favicon.ico
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://embedmax.site/tvl/cazetv1.php
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
HTML document, ASCII text, with very long lines (3465), with no line terminators
Size
3.3 kB (3302 bytes)
Hash
5395462e947f274c69a7cdcaf8697616
da89972545b2901cb0b315c90b5f3eda0d831f9c
81bbd567d78d7bc2f8877f93c2198dd80ebe69c7f191fc89a14b1ed73497c248

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/tvl/cazetv1.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 16 Jun 2024 04:31:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
version: MS24061301
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000;
cache-control: max-age=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0nV7jjdlAzxn5%2BcUhLTW6ohoDBAqVLpWciLhNXcDhgnvPS0580ToNU2WW10TFPGOWGQxW1dmzCMrQCICSDTSGVcKyXAOVIIfW11KzREBGP50pOXtbxIGv%2FYnANG3fPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894812a8ed4756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

loaptaijuw.com/5/7569335/?oo=1&aab=1

139.45.197.243

200 OK

3.9 kB

URL GET HTTP/2
loaptaijuw.com/5/7569335/?oo=1&aab=1
IP
139.45.197.243:443
ASN
#9002 RETN Limited

Requested by
https://embedmax.site/tvI/cazetv1.php?token=2885046374c91263df3a893282792f43fed5bdf6-fb8fe4b40afcae11ee5f1b584ae21049-1718512184-1718512004&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectloaptaijuw.com
Fingerprint04:5E:C4:AD:B9:E2:9D:F2:5A:89:52:A0:07:03:C1:3F:F9:C8:B6:64
ValidityWed, 29 May 2024 09:01:15 GMT - Tue, 27 Aug 2024 09:01:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3885), with no line terminators
Size
3.9 kB (3881 bytes)
Hash
779f35489bc663fcc17cb212b8cda9d7
8f1d41377a77b3bc526a5e58d8bbef131028fffa
cf26af4ee02b02caf1be19899dcbc918e834cd8074f4979823a48b2310a4237e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/7569335/?oo=1&aab=1 HTTP/1.1
Host: loaptaijuw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://embedmax.site/
Origin: https://embedmax.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: application/json
x-trace-id: a4efed472aa8c1aa591149e28ae3bda4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://embedmax.site
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00807dc5c1284140ea20a5b5efb896bb; expires=Mon, 16 Jun 2025 04:31:54 GMT; path=/; secure; SameSite=None
oaidts=1718512314; expires=Mon, 16 Jun 2025 04:31:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.css

104.21.93.251

200 OK

5.6 kB

URL GET HTTP/3
abc.embedmax.site/flu/player/main.b144fd41d286a094cb29.css
IP
104.21.93.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Certificate
IssuerLet's Encrypt
Subjectembedmax.site
Fingerprint91:39:02:44:AC:9D:E9:09:29:D6:46:28:6F:98:B0:CA:FA:BB:5C:03
ValidityWed, 29 May 2024 12:52:06 GMT - Tue, 27 Aug 2024 12:52:05 GMT

File type
ASCII text, with very long lines (5975), with no line terminators
Size
5.6 kB (5648 bytes)
Hash
76fd37a2ce1cc14f5f24f01aafbea12d
31c944051021fbcc926b8cb92bdc9485fc17dd1d
a2016e1f36b1dec1b0051b77855b0b3fe3da22de2e702f60b19ac2050ed8304c

HTTP Headers

GET /flu/player/main.b144fd41d286a094cb29.css HTTP/1.1
Host: abc.embedmax.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://abc.embedmax.site/cazetv1/embed.html?token=db33f09bd191d422202feaddf6331d38cc9c7b14-3b7185865a62320f30896b9ab73978fb-1718512185-1718512005&remote=no_check_ip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 16 Jun 2024 04:31:54 GMT
content-type: text/css
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, X-Sid, Content-Length, Location
last-modified: Wed, 10 Jan 2024 15:37:02 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dx3kljSVwJuTrvVRMmv1J3x4OJp7iQz7Km2FjY9CEabcgynZL%2FaWSnByV3ZKWtEL6sg34uEcU1srhUE3RApf3O7PfcXobiOwSPSzOKklx5dsFhjHPxHUHOpbZp9E8Covi1x49A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894812ab2e2b56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by