Report - cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=

Report Overview

Visited public
2025-05-10 16:59:25
Tags
URL
cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Finishing URL
cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
IP / ASN
104.21.63.225
#13335 CLOUDFLARENET
Title
Flash - Benfica - Sporting

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.advxmedia.xyz	unknown	2025-01-09	2025-01-10	2025-02-08	1.7 kB	105 kB	172.67.175.169
acscdn.com	93608	2020-05-05	2020-05-06	2025-05-07	2.9 kB	783 kB	188.114.97.1
lucrinearraign.com	unknown	2023-06-12	2023-06-12	2025-02-08	427 B	1.5 kB	23.109.170.68
push-sdk.com	unknown	2022-10-25	2022-12-23	2025-05-04	889 B	56 kB	157.90.33.72
inklinkor.com	unknown	2022-04-01	2022-04-01	2025-05-08	414 B	104 kB	104.21.91.63
caq21harderv991gpluralplay.xyz	unknown	unknown	No data	No data	1.5 kB	126 kB	104.21.16.1
kohiseewhatm.com	unknown	2025-04-04	2025-05-10	2025-05-10	1.7 kB	1.6 kB	172.67.217.123
top2new.newkso.ru	unknown	2025-04-01	2025-05-02	2025-05-02	591 B	767 B	172.67.219.130
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-05-07	925 B	545 kB	104.16.174.226
accounts.google.com	81	1997-09-15	2012-05-23	2025-05-07	3.7 kB	13 kB	173.194.73.84
auto-deploy.pages.dev	unknown	2020-09-02	2023-07-05	2025-05-08	4.0 kB	1.8 MB	188.114.97.1
dyj8pbcnat4xv.cloudfront.net	unknown	2008-04-25	2022-05-27	2025-02-08	432 B	385 kB	3.167.7.171
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-07	1.1 kB	82 kB	142.250.178.99
skenaiaefaldy.com	unknown	2023-12-10	2023-12-17	2025-02-08	946 B	4.8 kB	165.232.114.226
waust.at	38137	unknown	2016-01-28	2025-05-08	416 B	13 kB	104.26.5.7
t.dtscout.com	11951	2013-11-01	2017-01-30	2025-05-08	539 B	3.2 kB	104.26.11.2
yb.hoodlumbragget.com	unknown	2025-04-24	2025-04-27	2025-04-27	431 B	1.4 kB	23.109.170.86
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-05-04	976 B	1.3 kB	172.67.188.110
kzt2afc1rp52.com	unknown	2020-04-27	2020-04-27	2025-05-08	448 B	603 B	172.240.108.68
code.jquery.com	634	2005-12-10	2012-05-21	2025-05-07	438 B	90 kB	151.101.130.137
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2025-05-08	484 B	1.6 kB	185.15.59.240
rffbxktvxmcje.space	unknown	unknown	No data	No data	436 B	82 kB	188.114.96.1
od.fordedcostaea.com	unknown	unknown	No data	No data	428 B	1.5 kB	23.109.170.255
youradexchange.com	273384	2012-11-09	2013-02-04	2025-05-07	6.4 kB	13 kB	104.21.91.188
prizingupfurl.com	unknown	2025-04-02	2025-04-15	2025-04-15	431 B	1.5 kB	23.109.170.113
toomanyrelation.com	unknown	2025-04-03	2025-05-10	2025-05-10	2.1 kB	8.2 kB	108.157.214.99
daddylive2.top	unknown	2025-04-23	2025-04-27	2025-04-27	975 B	222 kB	104.21.76.246
cdn.stream-24.xyz	unknown	unknown	No data	No data	2.1 kB	252 kB	104.21.63.225
undefined	142677	unknown	2020-01-28	2025-05-08	988 B	0 B	0.0.0.0
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2025-05-08	880 B	1.7 kB	104.21.80.1
paizeestawumee.net	unknown	2025-04-21	2025-04-26	2025-05-04	1.1 kB	1.6 kB	139.45.196.63
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-07	473 B	12 kB	142.250.178.106
madurird.com	unknown	2023-10-06	2023-10-07	2025-05-08	836 B	207 kB	139.45.197.106
mowcoordinateegypt.com	unknown	2024-04-15	2024-04-15	2025-05-09	914 B	1.2 kB	172.240.108.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-10 16:59:06	low	Client IP	188.114.97.1	ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-10	medium	paizeestawumee.net	Sinkholed
2025-05-10	medium	prizingupfurl.com	Sinkholed
2025-05-10	medium	madurird.com	Sinkholed
2025-05-10	medium	hoodlumbragget.com	Sinkholed
2025-05-10	medium	lucrinearraign.com	Sinkholed
2025-05-10	medium	undefined	Sinkholed
2025-05-10	medium	mowcoordinateegypt.com	Sinkholed
2025-05-10	medium	madurird.com	Sinkholed
2025-05-10	medium	paizeestawumee.net	Sinkholed
2025-05-10	medium	fordedcostaea.com	Sinkholed
2025-05-10	medium	mowcoordinateegypt.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (57)

	URL	From	Size	First Seen	Last Seen
	madurird.com/tag.min.js	ScriptElement	103 kB	2025-05-08	2025-05-13
Pretty URL madurird.com/tag.min.js IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 12:55 Last Seen2025-05-13 20:17 Times Seen29 Hash 689ebc368165f3106fab74319bb4dc57 35c9ca036795e68588891ce64f30c9d03c7de873 3530f62b02b73fc7ff50c07000245508bd96d3c5397b82bad2aef4f9d58aa3c7 Loading...

	lucrinearraign.com/gAKtB43kCvsf/73321	ScriptElement	6 B	2023-03-07	2025-05-15
Pretty URL lucrinearraign.com/gAKtB43kCvsf/73321 IP 23.109.170.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-15 02:14 Times Seen8143 Hash 4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	55 B	2025-05-06	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-06 10:07 Last Seen2025-05-11 00:35 Times Seen5 Hash 59aab6d80b463b46b57cfe803078aaa9 5c14bb255704a5826cd13cb15b854c372bb85bae b3c24b455a1eb402f4348f216c50d709ca5200dc40081de3f1373d45b313b7fd Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	713 B	2023-10-10	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-10 06:57 Last Seen2025-05-11 00:35 Times Seen78 Hash e3b28f67b7b840a1f38db6b44a672f72 e8b74d394876d541dab6e6ae92438c1fdb50cca8 fb280c8c2a32a76abf0de9e90e8dd48407b9b8e782540f088da331317622f14f Loading...

	acscdn.com/script/aclib.js	ScriptElement	136 kB	2025-04-30	2025-05-13
Pretty URL acscdn.com/script/aclib.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 20:31 Last Seen2025-05-13 16:08 Times Seen52 Hash 99396b8be1aa8280e0b3aa86075a4094 4b9bfac1a58c0364f0c55405873eec27c159a407 68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e Loading...

	acscdn.com/script/ut.js?cb=1746896343316	ScriptElement	81 kB	2025-04-30	2025-05-13
Pretty URL acscdn.com/script/ut.js?cb=1746896343316 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 16:49 Last Seen2025-05-13 16:08 Times Seen89 Hash eaa11c5f044a59ec54c82e06a8beba81 afb33a13f1b0b1163ae1d5f98703c9eacd35bee3 b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	ScriptElement	52 B	2024-07-11	2025-05-13
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-11 01:38 Last Seen2025-05-13 03:17 Times Seen135 Hash 78a6702d966a64ed29eca96bfefed3de cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c 00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095 Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	ScriptElement	45 B	2024-07-20	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-20 17:31 Last Seen2025-05-10 16:59 Times Seen127 Hash b50a7599a1cd871d2b379f9ef0b04aa4 66783a5680bbf18a422b0ebf586f787abb91f56f 94ba1e39aa22b534544bd907ddee33191396ded56a47cabf861e12ed65780385 Loading...

	daddylive2.top/live/stream-380.php	ScriptElement	467 B	2023-03-09	2025-05-13
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 01:35 Last Seen2025-05-13 03:17 Times Seen219 Hash f6ca01bb0ca3ebde821544f18ec83583 2e8cbf747f80c79ae8c12b8685556757e813b9db a1d2b03b3b1269adbdcbda20f64807bc730335783a9a90e9fbd743f898fb675c Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	EventHandler	9 B	2025-05-10	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 435cc66c448ed619bc437033aafc333e 86ce86dea567b37d79616a7bc71ce2be8a9cfba6 ff1f02cf00ca0f820fba1ed973aafb1cbe3707d4ff79fbbd94c0310ec5055a1f Loading...

	acscdn.com/script/aclib.js	ScriptElement	136 kB	2025-04-30	2025-05-13
Pretty URL acscdn.com/script/aclib.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 20:31 Last Seen2025-05-13 16:08 Times Seen52 Hash 99396b8be1aa8280e0b3aa86075a4094 4b9bfac1a58c0364f0c55405873eec27c159a407 68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e Loading...

	daddylive2.top/live/stream-380.php	EventHandler	8 B	2025-04-27	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-04-27 22:29 Last Seen2025-05-10 16:59 Times Seen2 Hash ad9bf07ee956dc36f91a65982c374eaa 771b6cdbdedfb300112cf74da7b555e385f014c1 129d741a242924a9e6acb5fa5d2e56814f9eec26896a0092f1f6001255577a30 Loading...

	daddylive2.top/live/stream-380.php	ScriptElement	182 kB	2025-05-10	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 1be0469d0b3a8057925540e7fd547f99 004f1262ff0b1a71ff6af081c3a5d3452f3b7f68 5fda3524348234976f23b1916b42fc6474eb3c9665fea3c9a55acf5d45b6665f Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	398 B	2023-03-09	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 00:24 Last Seen2025-05-11 00:35 Times Seen20 Hash 028661db1ce98b5ab6e25c70f7cafd4b d3c19bcc3c55ebca2d7c1535d50314c6396f893c 166942e6c1b8ce2fc9cf66a85d76eb02fbf5cd955fb8d1e9bbf205cd64e75426 Loading...

	toomanyrelation.com/RkszMUgnKVBcdyd2URc9NCcOFHoAbgF3LD8hC0EqJSVSRXw+PR1SJCk+V1c6KSVHHyYjPxYDDiwuWFUwFQ1mawMEc0ZQL3I+dWkeNRhdcwwlHGlSBjEGR3x4JSB1YhJxCGd8DAofYmkpLQULVD8PbgFzC3R/FgMOBRhUVwcBLH99CzUzfHQ7LhpKXhAKIlt2Ki8Ocnh4Pn9QSRErA0oIJx4IelcDdCN/aBoHOH0BLDwdSUYkABhLfAMVe358CjU4f2A/LA5eBS8BeFxSAj9zZ3owdjtQdC8EGXRrJB54ZXMRBQJnehoTJXpWJC8aAFZ/AiZ5dS0BGXhQHWsNR2siLiJiAi8vDkpdACADcXsKEBkFaxkMM2FmeSsEdHsMIwhQfBEtAnlrDSoxawIgfhMAZwoKMXJrBAR+R2syPnpiaSQqGF1rCiMTcXgsPihbezB+I3tbCjEYcncJI3l1ZCx3KApQDTVtWUInKDsOQCMcMl4ALnQpcWUncQ	ScriptElement	3.0 kB	2025-05-10	2025-05-10
Pretty URL toomanyrelation.com/RkszMUgnKVBcdyd2URc9NCcOFHoAbgF3LD8hC0EqJSVSRXw+PR1SJCk+V1c6KSVHHyYjPxYDDiwuWFUwFQ1mawMEc0ZQL3I+dWkeNRhdcwwlHGlSBjEGR3x4JSB1YhJxCGd8DAofYmkpLQULVD8PbgFzC3R/FgMOBRhUVwcBLH99CzUzfHQ7LhpKXhAKIlt2Ki8Ocnh4Pn9QSRErA0oIJx4IelcDdCN/aBoHOH0BLDwdSUYkABhLfAMVe358CjU4f2A/LA5eBS8BeFxSAj9zZ3owdjtQdC8EGXRrJB54ZXMRBQJnehoTJXpWJC8aAFZ/AiZ5dS0BGXhQHWsNR2siLiJiAi8vDkpdACADcXsKEBkFaxkMM2FmeSsEdHsMIwhQfBEtAnlrDSoxawIgfhMAZwoKMXJrBAR+R2syPnpiaSQqGF1rCiMTcXgsPihbezB+I3tbCjEYcncJI3l1ZCx3KApQDTVtWUInKDsOQCMcMl4ALnQpcWUncQ IP 108.157.214.99 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 71b26e68bff343831b72dd49c3dc08ef 8882a61e5f7957fe331cb2da0fcc48023d07bf20 91c243f327a2d8cc6c6e81b566dad5f7b0e7860bced21e01545a2b4ae41f7cff Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	ScriptElement	4.2 kB	2025-05-10	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 00a47801ae228c786da25d33031f2e55 f0a52c15fc1de18a2ff3d2ef39d2d39a5b4a9149 ec4beb9bbcdf6e55b28c300b0b411f7057800db1289ccd1f12458a18eb50ef58 Loading...

	acscdn.com/script/aclib.js	ScriptElement	136 kB	2025-04-30	2025-05-13
Pretty URL acscdn.com/script/aclib.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 20:31 Last Seen2025-05-13 16:08 Times Seen52 Hash 99396b8be1aa8280e0b3aa86075a4094 4b9bfac1a58c0364f0c55405873eec27c159a407 68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e Loading...

	cdn.stream-24.xyz/live/js/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-14
Pretty URL cdn.stream-24.xyz/live/js/jquery-3.2.1.min.js IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 23:59 Times Seen36441 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	cdn.stream-24.xyz/live/sandbox%20eval%20code		147 B	2023-04-11	2025-05-15
Pretty URL cdn.stream-24.xyz/live/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-15 02:11 Times Seen342915 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	daddylive2.top/live/stream-380.php	ScriptElement	157 B	2023-03-11	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 19:15 Last Seen2025-05-10 16:59 Times Seen183 Hash 60f1798bac26472658ff588720760829 9929b26eeb812be15261ac5aee076e468bf4764f acf1662d0ddc764da1a0a9ca8c14ce6d6a937aecef80b4b0e0426698a24b765d Loading...

	prizingupfurl.com/geQoRZNpo1LLL4OSL/73321	ScriptElement	6 B	2023-03-07	2025-05-15
Pretty URL prizingupfurl.com/geQoRZNpo1LLL4OSL/73321 IP 23.109.170.113 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-15 02:14 Times Seen8143 Hash 4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Loading...

	od.fordedcostaea.com/tD69CV29YeG/65573	ScriptElement	5 B	2023-03-07	2025-05-14
Pretty URL od.fordedcostaea.com/tD69CV29YeG/65573 IP 23.109.170.255 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-14 21:54 Times Seen6029 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	Function	79 B	2023-04-11	2025-05-15
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-15 02:25 Times Seen112704 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	514 B	2023-03-14	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 18:08 Last Seen2025-05-11 00:35 Times Seen25 Hash 4815a4ffe826fb82529e6d5927392dd4 75167326ffd77d06762efa745dfcb508f3d0a309 8250c8da9a6af8d9ad4a498a78480b729b89e9ef5e7a36e9817cf952c441d757 Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-05-15
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-15 02:10 Times Seen25682 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	daddylive2.top/live/stream-380.php	ScriptElement	8.5 kB	2023-07-23	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-23 19:35 Last Seen2025-05-10 16:59 Times Seen133 Hash ff656e6bdffbea98da4df97ff7ae3d21 f742e8d729409184fdaf152c2d2b670d6db7e9ec 9e6e95d6fa2ce522e900a6eb22ef91ae4fa930a9e39e2ca913742d48d0484b68 Loading...

	cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js	ScriptElement	1.0 kB	2025-04-08	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP 104.16.174.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-08 02:16 Last Seen2025-05-10 16:59 Times Seen12 Hash 4692d44b1860b33e430a87c56b6cdc22 ab49192fc1912cab78a1b6cfe12e00afafca8100 c7c3cddd2d4c88819bed5b3ce8964a258534be4a2ad17cba9587424a7a10cc42 Loading...

	inklinkor.com/tag.min.js	ScriptElement	103 kB	2025-05-08	2025-05-13
Pretty URL inklinkor.com/tag.min.js IP 104.21.91.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 12:55 Last Seen2025-05-13 20:17 Times Seen29 Hash 689ebc368165f3106fab74319bb4dc57 35c9ca036795e68588891ce64f30c9d03c7de873 3530f62b02b73fc7ff50c07000245508bd96d3c5397b82bad2aef4f9d58aa3c7 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	1.0 kB	2023-05-26	2025-05-14
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 08:35 Last Seen2025-05-14 11:56 Times Seen604 Hash 87c725e214683adf9b74663ff14946ab ccbe1b6c564d65ad51f1488627d8ea8d1e97e131 93e773869f7f7e03ab47466b60c2b9113b1da6b969d5963c03678e5a4c0e0807 Loading...

	rffbxktvxmcje.space/script/ut.js?cb=1746896344994	ScriptElement	81 kB	2025-04-30	2025-05-13
Pretty URL rffbxktvxmcje.space/script/ut.js?cb=1746896344994 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 16:49 Last Seen2025-05-13 16:08 Times Seen89 Hash eaa11c5f044a59ec54c82e06a8beba81 afb33a13f1b0b1163ae1d5f98703c9eacd35bee3 b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c Loading...

	dyj8pbcnat4xv.cloudfront.net/jekdxSFUZKB8uag4uFXVsSnBDcWZcNwMtM0ckFSZ7CTMDLTQXakN8ewI+C24/CSgfOGgLLCsxOEshQyoXLihGbiEAI0x4cxYmHy9oXCIfK2hLYRAsN0dzVzwlFSxMKS0MMBssLQwjEm4gG3ocJy8TKx0pcEgBRGZlX3VBYCITKRUnIgliQ3g7DmJDeGRKaU-FtZjhiQ3giEylHfHBJBVR6ZQJxRW1mOGJDeCcMYkIJZElzX3h8X3VBLzAZLB5tZzx1QXllSnZBeXBIdxchJx8hHjBwSAFAe2FUd1c9aEs	ScriptElement	833 B	2025-05-10	2025-05-10
Pretty URL dyj8pbcnat4xv.cloudfront.net/jekdxSFUZKB8uag4uFXVsSnBDcWZcNwMtM0ckFSZ7CTMDLTQXakN8ewI+C24/CSgfOGgLLCsxOEshQyoXLihGbiEAI0x4cxYmHy9oXCIfK2hLYRAsN0dzVzwlFSxMKS0MMBssLQwjEm4gG3ocJy8TKx0pcEgBRGZlX3VBYCITKRUnIgliQ3g7DmJDeGRKaU-FtZjhiQ3giEylHfHBJBVR6ZQJxRW1mOGJDeCcMYkIJZElzX3h8X3VBLzAZLB5tZzx1QXllSnZBeXBIdxchJx8hHjBwSAFAe2FUd1c9aEs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash bfeed521b10c2a6778b8051cceedec07 4f2e4189292bea5ce26fd7b571e88ac24f636721 e505960916377ff9c1577e741252b89127f49490ff0b221d99f97a8d2d0eb0f7 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	368 B	2023-06-02	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 23:13 Last Seen2025-05-11 00:35 Times Seen20 Hash 6d8fb1a300b93b805d738a50ea5e2059 a4c258c9f7ead4eb9e9a5ab0cd0c9bfb560e7bd8 f26c3d066d5980ed58f4084b8978c4f196c2364741daa49dccecb8a0896c11c0 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-15 02:11 Times Seen342101 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	skenaiaefaldy.com/rxdFvMm3olRJ5B/73447	ScriptElement	4.2 kB	2025-05-10	2025-05-10
Pretty URL skenaiaefaldy.com/rxdFvMm3olRJ5B/73447 IP 165.232.114.226 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 162fcab2daa5e3f29fed3a4ec4f0539d b981b69d1e0033735e0ee1e96aa1401023ba6721 a3ed178dec6c4db9dc740e1aebe387c842a4fba732b81bd119f6678598fd8b68 Loading...

	acscdn.com/script/atagv2.js	ScriptElement	105 kB	2025-04-30	2025-05-11
Pretty URL acscdn.com/script/atagv2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 22:43 Last Seen2025-05-11 20:16 Times Seen9 Hash e9665e024942ea8eab3f55346f7589ff 9feed0923fbcc8d26b0a05ab961d529742488f27 229f433b11059ca784b5d479d5eac12003544bfb758f1045269f4fe541d0ed10 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	2.7 kB	2025-01-12	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-12 13:49 Last Seen2025-05-11 00:35 Times Seen7 Hash c884d22aaee810a87c3368d73c7dc677 9a9206dcf4252bc6e05093b9d9805ae8eea5065e 4ef3325cbebf6c5e46be144d8af64305b4bf11e2cc65e1e271694bc83acdc45d Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	EventHandler	11 B	2025-05-10	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash af5bb5f5d83d9633f33394826ad4d9bf 218f163d807607bf4784b7090e0fa55e7f49f2c0 5fe5b17027adbf2a3401204b64c3d61dbf0d3c144e84e4dc6b9ea62ae63113d6 Loading...

	acscdn.com/script/inpagepush.js	ScriptElement	87 kB	2025-04-30	2025-05-11
Pretty URL acscdn.com/script/inpagepush.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-30 22:43 Last Seen2025-05-11 20:16 Times Seen11 Hash e5bf6d77c6955d7e3f74f9a2b1ba62a2 27b33e9887ea93c566857cd7f3f935c6033a749f 4a1ce121dfee34de0ce3170e3783e6e1d5e52256047531e8160c2382d724841c Loading...

	daddylive2.top/live/stream-380.php	ScriptElement	28 kB	2025-04-27	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-27 22:29 Last Seen2025-05-10 16:59 Times Seen2 Hash eaa98258de39eaf2d166b013fa194c60 1743ce1ca9c04af77c96b6a2a309c93e610df635 2dd8055eaf1c6f2d26098c0956f6041777786f47d4aac7ea3a7ac254c377da49 Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	Function	37 B	2023-04-11	2025-05-15
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-15 02:59 Times Seen264519 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	madurird.com/tag.min.js	ScriptElement	1.0 kB	2025-04-12	2025-05-12
Pretty URL madurird.com/tag.min.js IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-12 18:24 Last Seen2025-05-12 08:50 Times Seen21 Hash 349087cb477ed8ff65f7a179d387e18c adc159df54545486cdd462aa7e8bf6af2d084703 b5356018dfd5236256f23d31c8d156d38ab8d4dacdb3ec82b716f93ce903ce73 Loading...

	yb.hoodlumbragget.com/r8fJ6HItybGMKWEh/69521	ScriptElement	5 B	2025-04-24	2025-05-15
Pretty URL yb.hoodlumbragget.com/r8fJ6HItybGMKWEh/69521 IP 23.109.170.86 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-05-15 02:10 Times Seen133 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	push-sdk.com/f/sdk.js?z=996427	ScriptElement	55 kB	2025-04-01	2025-05-12
Pretty URL push-sdk.com/f/sdk.js?z=996427 IP 157.90.33.72 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 19:54 Last Seen2025-05-12 02:55 Times Seen57 Hash f4d87b22393ed5eef57d01d86c6a88f6 5e1aaee78cd735c23cc423fc863decca30aee219 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	Eval	38 B	2023-03-09	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-09 00:24 Last Seen2025-05-11 00:35 Times Seen25 Hash 5cbb62e8cf6bf0744ec549b881a03bdf 65cb0c31988ce51d6f30ab4828cbf35e69d13104 498d3756932d4ceb15f7cbe8a0c1950c6476aaa832b9fc187e9d44b4790fdfa6 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	55 B	2025-05-06	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-06 10:07 Last Seen2025-05-11 00:35 Times Seen5 Hash 59aab6d80b463b46b57cfe803078aaa9 5c14bb255704a5826cd13cb15b854c372bb85bae b3c24b455a1eb402f4348f216c50d709ca5200dc40081de3f1373d45b313b7fd Loading...

	toomanyrelation.com/RHJyWUUlEBE0eiVPEH8wNh5PfHcCV0AfIT0YSiknJxwTLXE8BFw6KSsHFj83KxwGdyshBldrAyARKikcHiQ3CgMQKzY7IhEmIh8tKyMnaDYSQCgBBi0dMxd1MygiGDFhQDQYInADMx0EJyRAKRciBRkdDC8/RRgtEUA0DjJ2JgopEhQLGT4AAEolCBEFQTsILgUqMS4jCicKEiMjGQURPXUeIyMUIjUlDxAgCjM8CigaHg8ycB0xMzUJNQsYEQ4aATwMBj9DHCkzBjAeMic0IRAIFCBCOyMSESoLAxYdIx4LBicbYQgUCicPCTwoQgh1K0A3ARcAIR90KRIUQh8jJQsWaRR0HQQdAX06Jjd0EzdDCwwlMEM3FxJLABN2FjYhMCoQFjcQciUkKDUddAIKCAIKMDoNdQM9GmwjJRs8MxQRBh0PEgYwIWp0HCsgOhEPFTNqDSM4Sw89IDMhDj0IKyQ6FR4kI38vNx0cKXgDRzBqKxwoOgMCdDgdHR01	ScriptElement	3.0 kB	2025-05-10	2025-05-10
Pretty URL toomanyrelation.com/RHJyWUUlEBE0eiVPEH8wNh5PfHcCV0AfIT0YSiknJxwTLXE8BFw6KSsHFj83KxwGdyshBldrAyARKikcHiQ3CgMQKzY7IhEmIh8tKyMnaDYSQCgBBi0dMxd1MygiGDFhQDQYInADMx0EJyRAKRciBRkdDC8/RRgtEUA0DjJ2JgopEhQLGT4AAEolCBEFQTsILgUqMS4jCicKEiMjGQURPXUeIyMUIjUlDxAgCjM8CigaHg8ycB0xMzUJNQsYEQ4aATwMBj9DHCkzBjAeMic0IRAIFCBCOyMSESoLAxYdIx4LBicbYQgUCicPCTwoQgh1K0A3ARcAIR90KRIUQh8jJQsWaRR0HQQdAX06Jjd0EzdDCwwlMEM3FxJLABN2FjYhMCoQFjcQciUkKDUddAIKCAIKMDoNdQM9GmwjJRs8MxQRBh0PEgYwIWp0HCsgOhEPFTNqDSM4Sw89IDMhDj0IKyQ6FR4kI38vNx0cKXgDRzBqKxwoOgMCdDgdHR01 IP 108.157.214.99 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 8fbfa7b37bcbbc3d19cb2cb91970496c fbffe392ae1b93996253d7dc4dd10c22cf6ab4e4 cf684ccf1ce4b72b9eadcfa3ec238df5674450c2f8f06152788880561a9abaa6 Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	ScriptElement	28 kB	2025-05-10	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 4579fcb5d212fc8bdec9bc5256c34bc4 ae597c08a3c4fd8f1c93bc25f457499f770a0b29 93d998f547671d272b2aab174a3821536290f2368e01bad3f22d7428d28b5152 Loading...

	dyj8pbcnat4xv.cloudfront.net/dcXpYZVESFTYDbgUTPFhoQU1sV2ZXCioAN0wZPAt/Ag4qADAcV2pRfwkDIkM7AhU2FWw2TxpWPykgED8WQTA3IQkAXCwfNUxKfgkwHx1lQzQfGWVUdxAeOlhlVw4oCjpMGyATJhseIBM1ElwtBGwcFSIMPR0bfVcXRFRoQGNBUi8MPxUVLxZ0Q0o2EXRDSm-lVf0Ffayd0Q0ovDD9HTn1WE1RIaB1nRV9rJ3RDSioTdEI7aVZlX0pxQGNBHT0GOh5faiNjQUtoVWBBS31XYRcTKgA3HgJ9VxdASWxLYVcPZVQ	ScriptElement	888 B	2025-05-10	2025-05-10
Pretty URL dyj8pbcnat4xv.cloudfront.net/dcXpYZVESFTYDbgUTPFhoQU1sV2ZXCioAN0wZPAt/Ag4qADAcV2pRfwkDIkM7AhU2FWw2TxpWPykgED8WQTA3IQkAXCwfNUxKfgkwHx1lQzQfGWVUdxAeOlhlVw4oCjpMGyATJhseIBM1ElwtBGwcFSIMPR0bfVcXRFRoQGNBUi8MPxUVLxZ0Q0o2EXRDSm-lVf0Ffayd0Q0ovDD9HTn1WE1RIaB1nRV9rJ3RDSioTdEI7aVZlX0pxQGNBHT0GOh5faiNjQUtoVWBBS31XYRcTKgA3HgJ9VxdASWxLYVcPZVQ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash c0af0b5e028904ed9641dc555356d751 efcdee56cfb4da8972164ec879fa55fd15fd3cfe 534e05490cb3377431a9ca5121280927d4e41b4d8ce2ab28db4882d19bbeef42 Loading...

	caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380	ScriptElement	332 B	2025-04-16	2025-05-10
Pretty URL caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380 IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-16 10:55 Last Seen2025-05-10 16:59 Times Seen8 Hash 5a774e3f3f50d990ee426b47a7a5e033 9aa8984d60feb823b28791881bf02f3a0e9caf1c b869dcaa9146835641bfdf2eb8f89a7333dfb5b3e3acb61cf77f5bdc1488c281 Loading...

	auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D	ScriptElement	1.2 kB	2025-04-27	2025-05-12
Pretty URL auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-27 23:58 Last Seen2025-05-12 23:03 Times Seen17 Hash 11a4f7fea656c397c29ec4b2c644fdd5 72fb9f635dc3bbeecb109b9bfa75c9c91f094351 6f44f431658b4630b607a9370f197900140cdfdf51ac2704030fddf89e6495aa Loading...

	cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js	ScriptElement	1.0 kB	2024-08-20	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js IP 104.16.174.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:58 Last Seen2025-05-10 18:03 Times Seen21 Hash e12fedc7e315e996fa3cbee1c5ade178 ef1e6d083fc24f4fabf59b63d86a703b5af4b7aa 6ec537d8fa199eb276afac7ea46845f4192c7707958617fb0cced4503e730216 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	193 B	2023-06-26	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-26 07:57 Last Seen2025-05-11 00:35 Times Seen82 Hash cd504a5731d54d94d492f66f41920678 854e7c37dd1299c6931ac41d44baf5975bbffb50 5925bbf18d57ee7adce3b127c8ce429fd22b9f5ab2e114d0bc5890cbed1626da Loading...

	daddylive2.top/live/stream-380.php	EventHandler	9 B	2025-04-27	2025-05-10
Pretty URL daddylive2.top/live/stream-380.php IP 104.21.76.246 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2025-04-27 22:29 Last Seen2025-05-10 16:59 Times Seen2 Hash b86d0265f1a623093a8498140d742836 b3333b9148691382a6dced87d148b1b50f2ad6eb 7a54a1c7bf86ff098674d52530fe5513aab7d6a80ac36b7a22b51243a0ecce7b Loading...

	acscdn.com/script/suv5.js	ScriptElement	96 kB	2025-05-03	2025-05-13
Pretty URL acscdn.com/script/suv5.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-03 13:47 Last Seen2025-05-13 03:17 Times Seen26 Hash 04a55c73183946781e3f94c7aacd7f0a 6eef16c4962c0d7efc022eab9f1f467aed614a30 386510fe690c94489bc6ea9cab18866afcc43cfa4b3899752cfef0314b3f4fe0 Loading...

	cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=	ScriptElement	61 B	2025-05-06	2025-05-11
Pretty URL cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= IP 104.21.63.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-06 10:07 Last Seen2025-05-11 00:35 Times Seen5 Hash 53c3a3927fff10f6a2c5a9be8cb273ad b3d13174b4d8d9dc206b9b8f8af4612f2d70c2ff 81ed8ebb47fb9eb50ac8db43c0604425ca5493fd10728bdb4010d5294515fce2 Loading...

	auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/template.js?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=[ADD_FORMAT_STRING]&offer=[ADD_OFFER_STRING]	ScriptElement	6.5 kB	2024-07-19	2025-05-11
Pretty URL auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/template.js?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=[ADD_FORMAT_STRING]&offer=[ADD_OFFER_STRING] IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-19 22:43 Last Seen2025-05-11 20:16 Times Seen18 Hash cb4703f707435be285f479c1c86872ef f378fc04af4394c1a3878dd0ee1155799a4aa55b 5d1b6335b517f89249d44d5ab3fe9880e01a18f236bc8e22fc756050ca66ad02 Loading...

	dyj8pbcnat4xv.cloudfront.net/?bpjyd=907293	ScriptElement	384 kB	2025-05-10	2025-05-11
Pretty URL dyj8pbcnat4xv.cloudfront.net/?bpjyd=907293 IP 3.167.7.171 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-11 00:35 Times Seen2 Hash 2d26db16650f58531c6eaa730c813d86 9f00a77d89c790d046c4afe8a806668638a8f6d6 9b533ddd66c42c55aa73a7214e4afdc5b8fe4d68800d870b18272dd136945068 Loading...

HTTP Transactions (76)

URL IP Response Size

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhzgrJqkhKspcqO52IjfuRhYw3by2OwW9Hm-SjZLyT_m5r8SvxXdikJ4aruTY3dbHhhAd8Miw

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhzgrJqkhKspcqO52IjfuRhYw3by2OwW9Hm-SjZLyT_m5r8SvxXdikJ4aruTY3dbHhhAd8Miw
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9E:10:08:9D:11:84:1F:9C:2D:04:7B:3F:CB:2F:96:53:7F:73:BC:51
ValidityMon, 21 Apr 2025 08:40:46 GMT - Mon, 14 Jul 2025 08:40:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhzgrJqkhKspcqO52IjfuRhYw3by2OwW9Hm-SjZLyT_m5r8SvxXdikJ4aruTY3dbHhhAd8Miw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:G5GpVdo9cxaXvJs48SCB-osxF_w8Gg:NYG30osyQ4MlVtaa;Path=/;Expires=Mon, 10-May-2027 16:59:04 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:04 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mg3Ozqr9zsnyaSpQwioRThu6hcmWs7gkOPpah_6EbFZ84n2gN8Qpm8G3dqMdcUE_J6-NO__8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811320373%3A1746896344779976
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-KxG2hxaOwOKhbr07GwJxRw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 421
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

acscdn.com/script/atagv2.js

188.114.97.1

200 OK

105 kB

URL GET
acscdn.com/script/atagv2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
105 kB (104663 bytes)
Hash
e9665e024942ea8eab3f55346f7589ff
9feed0923fbcc8d26b0a05ab961d529742488f27
229f433b11059ca784b5d479d5eac12003544bfb758f1045269f4fe541d0ed10

HTTP Headers

GET /script/atagv2.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2Vwqb6xdx-Q8S2JjFZfHnU4_ccjPeT25cb6szWzCpm7tsvA5PpXmUVh5dCEQtyG8D8yIZ
x-goog-generation: 1746013788662802
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 104663
x-goog-hash: crc32c=GdQbww==, md5=6WZeAklC6o6rP1U0b3WJ/w==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 17:21:14 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:49:48 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 924
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Sr4nTSBOuPhQ6inG9BhTrgL%2B2IpNMgB5j5E09W7ZeH9C67lLjh%2BB0El0Z1wssBudNLAGUtoSQP3m4EHKmwlidF5Q%2FUdFPkGb%2F5m1%2F8IAeR79sTH8ZPjBqamQQjNh"}]}
etag: W/"e9665e024942ea8eab3f55346f7589ff"
content-encoding: br
cf-ray: 93dafc31284ff992-PRG
server-timing: cfExtPri

acscdn.com/script/inpagepush.js

188.114.97.1

200 OK

87 kB

URL GET
acscdn.com/script/inpagepush.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33238), with NEL line terminators
Size
87 kB (86793 bytes)
Hash
e5bf6d77c6955d7e3f74f9a2b1ba62a2
27b33e9887ea93c566857cd7f3f935c6033a749f
4a1ce121dfee34de0ce3170e3783e6e1d5e52256047531e8160c2382d724841c

HTTP Headers

GET /script/inpagepush.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2Vwr8Q_JwOKAsMwlCZUNYlKxAUyEYlZHiclVZYU9ZizukJVlvHqZm35jeJutPu2039lYi
expires: Sat, 10 May 2025 16:52:18 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:51:46 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-goog-generation: 1746013906272041
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 86793
x-goog-hash: crc32c=k06O4w==, md5=5b9td8aVXX4/dPmisbpiog==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
age: 1101
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CiC0f4GG%2BTse%2B1Tiv5J9Ahg8bmOzRYbGJ%2BChTkZ8EDnxdvx5e2%2FRXnO9QQ3cbjWpkwD4h4p%2BNRSSS1PzGz8uvcGzC3ahhg%2FQz%2FktzysI0TcPXestXpys3vcWqClI"}]}
etag: W/"e5bf6d77c6955d7e3f74f9a2b1ba62a2"
content-encoding: br
cf-ray: 93dafc31da05f992-PRG
server-timing: cfExtPri

paizeestawumee.net/5/6712285/?oo=1&js_build=iclick-v1.1134.0&dmn=madurird.com&tt=2&ix=1

139.45.196.63

204 No Content

0 B

URL POST
paizeestawumee.net/5/6712285/?oo=1&js_build=iclick-v1.1134.0&dmn=madurird.com&tt=2&ix=1
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerLet's Encrypt
Subjectpaizeestawumee.net
Fingerprint5B:E2:9B:BA:0C:80:7D:47:45:E7:D6:7E:7E:CA:A0:29:0D:1F:53:0A
ValidityMon, 21 Apr 2025 12:08:54 GMT - Sun, 20 Jul 2025 12:08:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /5/6712285/?oo=1&js_build=iclick-v1.1134.0&dmn=madurird.com&tt=2&ix=1 HTTP/1.1
Host: paizeestawumee.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2622
Origin: https://daddylive2.top
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 10 May 2025 16:59:06 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://daddylive2.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

acscdn.com/script/aclib.js

188.114.97.1

200 OK

136 kB

URL GET
acscdn.com/script/aclib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
136 kB (135598 bytes)
Hash
99396b8be1aa8280e0b3aa86075a4094
4b9bfac1a58c0364f0c55405873eec27c159a407
68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:02 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwrD9m9_Hm4IpafYi_P3KKYAu32pkek2xkyHb76G38RQMXfTiBaqC9BPiBtZ1Rq7npa-f9ZGTo4
x-goog-generation: 1746013745736030
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 135598
x-goog-hash: crc32c=cuDBGg==, md5=mTlri+GqgoDgs6qGB1pAlA==
x-goog-storage-class: MULTI_REGIONAL
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sBFA8HhCOKuGkSCIY6743BpPsU9j2ndnjj5iFzOXHH1Iwa4Cfc24%2FvC%2FkanL1VOpZMovgOuxZLkAm%2Bc4hTV2521rDThY2OuV53PPNVO6JVbnCiOWZKXEGhYFRISl"}]}
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 17:02:05 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:49:05 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 2478
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
etag: W/"99396b8be1aa8280e0b3aa86075a4094"
content-encoding: br
cf-ray: 93dafc1d09e0750c-HAM
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,500&subset=latin,latin-ext

142.250.178.106

200 OK

11 kB

URL GET
fonts.googleapis.com/css?family=Roboto:400,500&subset=latin,latin-ext
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text, with very long lines (1572)
Size
11 kB (10774 bytes)
Hash
270f93e4145db921a7817b112479a183
51ce00c6f7f24abfb5b27acf8bf74ecfa469932f
d02586475cbce6bb5f009d3734484a930c604bcc89f18c5422f63a143f159e61

HTTP Headers

GET /css?family=Roboto:400,500&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.advxmedia.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:04 GMT
date: Sat, 10 May 2025 16:59:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint59:74:47:4D:79:55:0E:D6:C9:C5:58:53:27:7B:B5:9B:F6:02:63:84
ValidityMon, 21 Apr 2025 08:42:44 GMT - Mon, 14 Jul 2025 08:42:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:D292FeHd4In37kQwKRxM0xPNMiclzQ:qy-nIs9BANo2-Vid; Expires=Mon, 10-May-2027 16:59:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:04 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MiFB-HrawBU0tW-_-2q0AKTfxAmCK_MTiZHVOblSKWXMwhlOA8bnuUgMSrNSX6CvMWEdfLCZw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-hIN2h0HYf2CYKVahM23MVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youradexchange.com/script/interstitial.php?r=9830542&srs=e6d8f26372fe4c400a5aeebead00f11d&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&atv=60.0&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js

104.21.91.188

200 OK

1.4 kB

URL GET
youradexchange.com/script/interstitial.php?r=9830542&srs=e6d8f26372fe4c400a5aeebead00f11d&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&atv=60.0&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
1.4 kB (1372 bytes)
Hash
e391e6eb6d8800fee4287856cd330565
c7766b19b589a017e05a3dd340d9d3227d9e2ab4
b76b1870236c913fa8047bfdfd9a092fdfc42e8b0984d8439912060ee1633b83

HTTP Headers

GET /script/interstitial.php?r=9830542&srs=e6d8f26372fe4c400a5aeebead00f11d&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&atv=60.0&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddylive2.top/
Origin: https://daddylive2.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYAXSS0lPGBJIRrUZvrvzJKYwGnIsOHROIWABA77ejpV9NOtshH1Swqs5cQHD6adMNjLb7%2FQYhLgb%2B3Q9Je3H46sdQ57H1XkY%2F6p2oXCAkPHJeN24727DuNAUl50lhALy%2BRbcZ0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 93dafc2c9c20f98a-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29044&min_rtt=26342&rtt_var=9551&sent=11&recv=8&lost=0&retrans=0&sent_bytes=3709&recv_bytes=1355&delivery_rate=1103&cwnd=12000&unsent_bytes=0&cid=e72132b5d3c3f8a9&ts=422&x=16"

t.dtscout.com/i/?l=https%3A%2F%2Fcaq21harderv991gpluralplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D380&j=https%3A%2F%2Fdaddylive2.top%2F

104.26.11.2

200 OK

2.1 kB

URL GET
t.dtscout.com/i/?l=https%3A%2F%2Fcaq21harderv991gpluralplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D380&j=https%3A%2F%2Fdaddylive2.top%2F
IP
104.26.11.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerGoogle Trust Services
Subjectdtscout.com
Fingerprint11:3C:3D:5C:B0:6F:26:8A:49:75:78:AB:D4:5F:97:20:13:A2:96:DC
ValidityMon, 05 May 2025 03:38:34 GMT - Sun, 03 Aug 2025 04:38:30 GMT

File type
ASCII text, with very long lines (2077)
Size
2.1 kB (2079 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fcaq21harderv991gpluralplay.xyz%2Fpremiumtv%2Fdaddylive.php%3Fid%3D380&j=https%3A%2F%2Fdaddylive2.top%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: application/javascript
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 93dafc32881556a5-OSL
x-s: mtl2
content-encoding: br
x-t: 0.26
expires: Sat, 10 May 2025 16:59:05 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7o7d4YMDA7L2cG1xdLM25X4sNjayNOJHjytoOANV2uh0B%2F89wYkDhMBoXBH2jnktEgdFE9b4KNFcIfOuU8OBaoEKk9%2B1tGSCqLxCEl0oH4CX%2FGzbztoP6M2W1y%2BgVqg%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: m=1; SameSite=None; Secure; Path=/; Domain=dtscout.com; Max-Age=5000; Expires=Sat, 10 May 2025 18:22:26 GMT
df=1746896346; SameSite=None; Secure; Path=/; Domain=dtscout.com; Max-Age=8640000; Expires=Mon, 18 Aug 2025 16:59:06 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=6439&min_rtt=624&rtt_var=11426&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1158&delivery_rate=6776911&cwnd=254&unsent_bytes=0&cid=1ea159a98e226cbd&ts=295&x=0"
X-Firefox-Spdy: h2

youradexchange.com/script/push.php?r=7797370&ipp=1&mads=2&position=top&czid=tx31i5ida&atag=1&aggr=3&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&srs=244b1f38ad70c746b6386b2acabea1ae&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&atv=60.0&cbref=

104.21.91.188

200 OK

2.3 kB

URL GET
youradexchange.com/script/push.php?r=7797370&ipp=1&mads=2&position=top&czid=tx31i5ida&atag=1&aggr=3&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&srs=244b1f38ad70c746b6386b2acabea1ae&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&atv=60.0&cbref=
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
2.3 kB (2270 bytes)
Hash
9fb5a7303802b8e5da138dd9c67f0f9e
2b125c9a0ee106d9fd6f0550fc6de0148e85102c
5c9b20f176ef2ae9532c8d8c08b92a4b34ab84c7e72b1b50aabc910d51b236a1

HTTP Headers

GET /script/push.php?r=7797370&ipp=1&mads=2&position=top&czid=tx31i5ida&atag=1&aggr=3&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&srs=244b1f38ad70c746b6386b2acabea1ae&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&atv=60.0&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJ9jO7xNLXGwGANDLd868e9xZ9qLRkhG76HZ7Fx3v2OXnUf6aHt2Yaunq1b5pplYyjzWCGjgp4IsiuNrG%2Bb7W1rPVAz9kTAtySS31k5sLt6TAveS3e6aST%2FhLSoMVjkFzQg9x2g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 93dafc329d09f98a-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28421&min_rtt=25062&rtt_var=6369&sent=17&recv=12&lost=0&retrans=0&sent_bytes=7027&recv_bytes=2723&delivery_rate=8261&cwnd=12000&unsent_bytes=0&cid=e72132b5d3c3f8a9&ts=1381&x=16"

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/template.js?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=[ADD_FORMAT_STRING]&offer=[ADD_OFFER_STRING]

188.114.97.1

200 OK

6.5 kB

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/template.js?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=[ADD_FORMAT_STRING]&offer=[ADD_OFFER_STRING]
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
6.5 kB (6543 bytes)
Hash
cb4703f707435be285f479c1c86872ef
f378fc04af4394c1a3878dd0ee1155799a4aa55b
5d1b6335b517f89249d44d5ab3fe9880e01a18f236bc8e22fc756050ca66ad02

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/template.js?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=[ADD_FORMAT_STRING]&offer=[ADD_OFFER_STRING] HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: application/javascript
cf-ray: 93dafc36dfa4b385-PRG
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9dc0aac6a95b17fb1acc28094c21b2d0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHeICjcU4Hy6L9XEoSlkgwlZQOD%2FXGcRfvKwStMFzTunzxb2kRKy%2BMnAwjVA%2FyDAjpI4qqbugkEoZzHZEJBbRDdcqxc1S2pgdmv%2B56ldMH3ORAgv73jNYFmQrt%2Fp6f2d%2FekVpd23jps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23945&min_rtt=23882&rtt_var=5133&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3227&recv_bytes=1202&delivery_rate=180413&cwnd=48&unsent_bytes=0&cid=51548f798f135d1a&ts=72&x=0"
X-Firefox-Spdy: h2

cdn.stream-24.xyz/live/css/bootstrap.css

104.21.63.225

200 OK

146 kB

URL GET
cdn.stream-24.xyz/live/css/bootstrap.css
IP
104.21.63.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectstream-24.xyz
Fingerprint5C:59:18:EC:00:38:C8:4F:55:FD:77:02:FC:88:C7:3C:20:8A:45:03
ValidityFri, 02 May 2025 15:49:04 GMT - Thu, 31 Jul 2025 16:45:54 GMT

File type
ASCII text, with very long lines (540)
Size
146 kB (146010 bytes)
Hash
2a31dca112f26923b51676cb764c58d5
f597f59f955cda06e5d7a79342d9e0c22b5ec6d2
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

HTTP Headers

GET /live/css/bootstrap.css HTTP/1.1
Host: cdn.stream-24.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:02 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Wed, 19 Sep 2018 15:31:02 GMT
etag: W/"5ba26bb6-23a5a"
expires: Sat, 09 May 2026 23:32:55 GMT
cache-control: public, max-age=31536000, immutable
pragma: public
content-encoding: gzip
cf-cache-status: HIT
age: 62753
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uqW8Mz46FqcYSzFHlC6s2RkFfcyXIHhd0ddykRUhLoqBLKZeCYoBkh0njGVrBr19vv9FUQxqwKxw%2BIyMzz1fF4eiooZTxYZcjPyFJW5EX2K2jrdNzJuoSCO2yd5zuH7WQMpW%2Fg%3D%3D"}]}
cf-ray: 93dafc1bccadb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dyj8pbcnat4xv.cloudfront.net/?bpjyd=907293

3.167.7.171

200 OK

384 kB

URL GET
dyj8pbcnat4xv.cloudfront.net/?bpjyd=907293
IP
3.167.7.171:443
ASN
#0

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
384 kB (384344 bytes)
Hash
2d26db16650f58531c6eaa730c813d86
9f00a77d89c790d046c4afe8a806668638a8f6d6
9b533ddd66c42c55aa73a7214e4afdc5b8fe4d68800d870b18272dd136945068

HTTP Headers

GET /?bpjyd=907293 HTTP/1.1
Host: dyj8pbcnat4xv.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 126864
date: Sat, 10 May 2025 16:59:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 7a83657ba338d5960d8d5abdbe0a3136.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: zXw2c21gZ8WVV5TXWKTZJW-lStB8N_cy7w24xuZoV6ifnfg9I_L4Nw==
X-Firefox-Spdy: h2

acscdn.com/script/suv5.js

188.114.97.1

200 OK

96 kB

URL GET
acscdn.com/script/suv5.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
96 kB (96328 bytes)
Hash
04a55c73183946781e3f94c7aacd7f0a
6eef16c4962c0d7efc022eab9f1f467aed614a30
386510fe690c94489bc6ea9cab18866afcc43cfa4b3899752cfef0314b3f4fe0

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2Vwqx3Y01d0Ivrl1ApAM29ziS-0JN8XnoaR-3NqywP1mx5x2kPNDYKUUdDdJbujozXqHC
expires: Sat, 10 May 2025 17:03:07 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:54:57 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-goog-generation: 1746014097832176
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 96328
x-goog-hash: crc32c=Y3ENXQ==, md5=BKVccxg5RngeP5THqs1/Cg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
age: 2267
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=v%2FwBBZWvbFRSfal8O8vQKZoLstSEd3RAtKfzo%2BCKCQ8xvd0t2DWrj1b8sofWWFExKcETZv%2FwBmPJxrtvyfdV7KmeHMOTu4uiGSliz6P%2Bs1t5zaUxxgCaI%2BINQ3z%2B"}]}
etag: W/"04a55c73183946781e3f94c7aacd7f0a"
content-encoding: br
cf-ray: 93dafc20b92af992-PRG
server-timing: cfExtPri

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.advxmedia.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 18:15:43 GMT
expires: Fri, 08 May 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 168201
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

prizingupfurl.com/geQoRZNpo1LLL4OSL/73321

23.109.170.113

200 OK

6 B

URL GET
prizingupfurl.com/geQoRZNpo1LLL4OSL/73321
IP
23.109.170.113:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectprizingupfurl.com
Fingerprint58:2F:2E:D5:E6:2A:AD:84:82:8E:DE:93:DD:D1:1A:4C:E6:EA:88:7A
ValidityWed, 02 Apr 2025 14:04:31 GMT - Tue, 01 Jul 2025 14:04:30 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /geQoRZNpo1LLL4OSL/73321 HTTP/1.1
Host: prizingupfurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 May 2025 16:59:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.stream-24.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

madurird.com/tag.min.js

139.45.197.106

200 OK

103 kB

URL GET
madurird.com/tag.min.js
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102581 bytes)
Hash
689ebc368165f3106fab74319bb4dc57
35c9ca036795e68588891ce64f30c9d03c7de873
3530f62b02b73fc7ff50c07000245508bd96d3c5397b82bad2aef4f9d58aa3c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/javascript
x-trace-id: 5d4a04c114af32543db4baa98cc26655
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint59:74:47:4D:79:55:0E:D6:C9:C5:58:53:27:7B:B5:9B:F6:02:63:84
ValidityMon, 21 Apr 2025 08:42:44 GMT - Mon, 14 Jul 2025 08:42:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:v8EgaS91H7m89s1mxE_V7rZYoQ-saA:lQmorsuIJWlVYQEi; Expires=Mon, 10-May-2027 16:59:04 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:04 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5MhzgrJqkhKspcqO52IjfuRhYw3by2OwW9Hm-SjZLyT_m5r8SvxXdikJ4aruTY3dbHhhAd8Miw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-EWvJYZqhEgWX9sV36e18HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

yb.hoodlumbragget.com/r8fJ6HItybGMKWEh/69521

23.109.170.86

200 OK

5 B

URL GET
yb.hoodlumbragget.com/r8fJ6HItybGMKWEh/69521
IP
23.109.170.86:443
ASN
#7979 SERVERS-COM

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerLet's Encrypt
Subjectyb.hoodlumbragget.com
Fingerprint1C:BD:88:84:2F:87:A0:D5:6A:7F:C0:E4:F4:77:78:3D:5A:AC:28:C9
ValidityThu, 24 Apr 2025 08:00:21 GMT - Wed, 23 Jul 2025 08:00:20 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r8fJ6HItybGMKWEh/69521 HTTP/1.1
Host: yb.hoodlumbragget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 May 2025 16:59:04 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://daddylive2.top
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 11-May-2025 16:59:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 11-May-2025 16:59:04 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380

104.21.16.1

200 OK

0 B

URL HEAD
caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerGoogle Trust Services
Subjectcaq21harderv991gpluralplay.xyz
FingerprintAF:F8:EB:07:F9:1B:4D:9B:8E:09:F2:50:9D:57:2B:15:62:DD:D5:37
ValidityTue, 15 Apr 2025 12:24:28 GMT - Mon, 14 Jul 2025 13:23:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /premiumtv/daddylive.php?id=380 HTTP/1.1
Host: caq21harderv991gpluralplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJuhyuWqskzo1HLtavIr7gjKJdfDDq9JteuJWedAtg6LprUdAMYQmIxykiCWK%2FUmb%2BGsUyaCU4J3qYxJPo4AedOEBDWgUsSl1h0GpcAzeUWxqHDPuff01BKEdkIpWAMPrBvgDwxSvlE8cDqkYiqXJw0%3D"}],"group":"cf-nel","max_age":604800}
x-cache: BYPASS
videocdnx: NO
node: PHP
cache-control: public, max-age=30, immutable, no-transform
cf-cache-status: DYNAMIC
cf-ray: 93dafc30ea10eb4d-CPH
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27430&min_rtt=25290&rtt_var=8968&sent=11&recv=8&lost=0&retrans=0&sent_bytes=3750&recv_bytes=1206&delivery_rate=1023&cwnd=12000&unsent_bytes=0&cid=ec5e9dfbae538b8d&ts=823&x=16"

pubtrky.com/ut/hb.php?cb=0.8035934463447275&v=1

172.67.188.110

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.8035934463447275&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.8035934463447275&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 849
Origin: https://daddylive2.top
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/3 204 No Content
date: Sat, 10 May 2025 16:59:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23HT3GuxSbDmADpT5aHkD33KDUFdxGp2Jf9w3%2FmC2d%2FfkUfoPPrkTrU%2BZPrs%2FjTJ8hHxLvyCY8jJlUj3BVYcVUM9n0qZbYjkrRUPv89Z6xBwDQ9zmxREXLH%2F9vXQRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
cf-ray: 93dafc315926f97a-PRG
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32964&min_rtt=24833&rtt_var=19249&sent=11&recv=8&lost=0&retrans=0&sent_bytes=3694&recv_bytes=2065&delivery_rate=572&cwnd=12000&unsent_bytes=0&cid=8a1feccd81e18d53&ts=1617&x=16"

youradexchange.com/script/suurl5.php?r=7797374&atag=1&cbur=0.4221014810271382&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ts=1746896345872&atv=60.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&srs=244b1f38ad70c746b6386b2acabea1ae&aggr=3&czid=tx31i5ida&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0

104.21.91.188

200 OK

1.1 kB

URL GET
youradexchange.com/script/suurl5.php?r=7797374&atag=1&cbur=0.4221014810271382&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ts=1746896345872&atv=60.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&srs=244b1f38ad70c746b6386b2acabea1ae&aggr=3&czid=tx31i5ida&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
1.1 kB (1065 bytes)
Hash
4e5ca705867a4afc949146143f7c6853
2a7c4c473fccb8a861c7db839c3908ac09c4d6bb
8354472cb08b0ede630fcfdc7fe96e0a416b641150a9e4fc48dbb206c9d49873

HTTP Headers

GET /script/suurl5.php?r=7797374&atag=1&cbur=0.4221014810271382&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ts=1746896345872&atv=60.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&srs=244b1f38ad70c746b6386b2acabea1ae&aggr=3&czid=tx31i5ida&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vzdw6EdQBkWwm9rgWdbu%2BV40mtC%2BnEFguTKke6wM1nKPJrX9jTFzEQlBz8HMfcl9p4dGr458CFTUqcMGJC7QjcMHoN6wr9hcCb6u%2FpJyuMWOM4djStXCs8L2GF1uWuJb9TqXFKk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 93dafc31dceff98a-PRG
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28546&min_rtt=25062&rtt_var=8159&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5491&recv_bytes=2680&delivery_rate=9269&cwnd=12000&unsent_bytes=0&cid=e72132b5d3c3f8a9&ts=1254&x=16"

youradexchange.com/script/i.php?t=1&c=23833506&stamat=m%257C%252C%252CQjKi9jOitGU3B__GH0dEdHP3xP.e9e%252CMNVJDVbqZH2JyXfIDuiJK8ggcYaL_ankM7eFKb9LSP7-nRzrKaw-MFo8TeP6tth8NHZ4n1W6Rgh4O18KuSnZOWZX3VOPfW1SM0--eLXx9E-S4SRIqUuWEzmaAa7JFeirp2uTWlUHcxu_sU6FVV3YcK2XC6y_VNwpSFrj0PdQroJem28NF0a8nqxrCgRd_iORVLaIzbanHqDfRs8wJjV5IlvYcLyRl43r2a0KpVOObw8FlkeCLkatiDF9Bn5Cdm3ZGhf6pmhngwxMUbgAXLrIgr8f45iEHafNnMXoyTQw2atzkThbt9egLFzjgBRnMKYgMwGsXL9MomFJT86AJFIzGo4p_8SfMWD_PDabiLGLNjhi7fvbYmH2m12Oax3JZqbVbZ4OwhHEfPq7xGUHdJ8LtpqVdnmX6L9DuWtChN8ckibybtYtMKkMprqRI9wiB8fpaB_kvr_H9ijVs-u_nWBqQrssoHxRB3zKUQtyy8y7dLn3pq7587TDCr1gI30gKoWqUJza9QJDTukx7EPaBgjWyGDZKIE3o1hZFUJQSq_Go7CjRzm0J5gWCW4B0wP3b3HP9UoboDne-t0Ps2aX5NFm5g4myEpw2gpqYqGFR5N4lofjHcNFRZn0OkysOX6hxq_M1yzgutJSbczU9LPd7SO51OuQzeuTk9XFn4pNsfGvGksA5socmSeQLvcCH4AwBpkr-88ZyPkIvPZyU-fHN8RdYVS9GDfEEqD5KvEiVavbEzgBL9-zaC2oBUMsskHeQEeMONcFrG-g-iafhPVQd7K20XUyvZOXVjvkXf8zjSyxG0TTsarQmJTnEnBwSsNkm08F&utsid=244b1f38ad70c746b6386b2acabea1ae&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=

104.21.91.188

204 No Content

0 B

URL GET
youradexchange.com/script/i.php?t=1&c=23833506&stamat=m%257C%252C%252CQjKi9jOitGU3B__GH0dEdHP3xP.e9e%252CMNVJDVbqZH2JyXfIDuiJK8ggcYaL_ankM7eFKb9LSP7-nRzrKaw-MFo8TeP6tth8NHZ4n1W6Rgh4O18KuSnZOWZX3VOPfW1SM0--eLXx9E-S4SRIqUuWEzmaAa7JFeirp2uTWlUHcxu_sU6FVV3YcK2XC6y_VNwpSFrj0PdQroJem28NF0a8nqxrCgRd_iORVLaIzbanHqDfRs8wJjV5IlvYcLyRl43r2a0KpVOObw8FlkeCLkatiDF9Bn5Cdm3ZGhf6pmhngwxMUbgAXLrIgr8f45iEHafNnMXoyTQw2atzkThbt9egLFzjgBRnMKYgMwGsXL9MomFJT86AJFIzGo4p_8SfMWD_PDabiLGLNjhi7fvbYmH2m12Oax3JZqbVbZ4OwhHEfPq7xGUHdJ8LtpqVdnmX6L9DuWtChN8ckibybtYtMKkMprqRI9wiB8fpaB_kvr_H9ijVs-u_nWBqQrssoHxRB3zKUQtyy8y7dLn3pq7587TDCr1gI30gKoWqUJza9QJDTukx7EPaBgjWyGDZKIE3o1hZFUJQSq_Go7CjRzm0J5gWCW4B0wP3b3HP9UoboDne-t0Ps2aX5NFm5g4myEpw2gpqYqGFR5N4lofjHcNFRZn0OkysOX6hxq_M1yzgutJSbczU9LPd7SO51OuQzeuTk9XFn4pNsfGvGksA5socmSeQLvcCH4AwBpkr-88ZyPkIvPZyU-fHN8RdYVS9GDfEEqD5KvEiVavbEzgBL9-zaC2oBUMsskHeQEeMONcFrG-g-iafhPVQd7K20XUyvZOXVjvkXf8zjSyxG0TTsarQmJTnEnBwSsNkm08F&utsid=244b1f38ad70c746b6386b2acabea1ae&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/i.php?t=1&c=23833506&stamat=m%257C%252C%252CQjKi9jOitGU3B__GH0dEdHP3xP.e9e%252CMNVJDVbqZH2JyXfIDuiJK8ggcYaL_ankM7eFKb9LSP7-nRzrKaw-MFo8TeP6tth8NHZ4n1W6Rgh4O18KuSnZOWZX3VOPfW1SM0--eLXx9E-S4SRIqUuWEzmaAa7JFeirp2uTWlUHcxu_sU6FVV3YcK2XC6y_VNwpSFrj0PdQroJem28NF0a8nqxrCgRd_iORVLaIzbanHqDfRs8wJjV5IlvYcLyRl43r2a0KpVOObw8FlkeCLkatiDF9Bn5Cdm3ZGhf6pmhngwxMUbgAXLrIgr8f45iEHafNnMXoyTQw2atzkThbt9egLFzjgBRnMKYgMwGsXL9MomFJT86AJFIzGo4p_8SfMWD_PDabiLGLNjhi7fvbYmH2m12Oax3JZqbVbZ4OwhHEfPq7xGUHdJ8LtpqVdnmX6L9DuWtChN8ckibybtYtMKkMprqRI9wiB8fpaB_kvr_H9ijVs-u_nWBqQrssoHxRB3zKUQtyy8y7dLn3pq7587TDCr1gI30gKoWqUJza9QJDTukx7EPaBgjWyGDZKIE3o1hZFUJQSq_Go7CjRzm0J5gWCW4B0wP3b3HP9UoboDne-t0Ps2aX5NFm5g4myEpw2gpqYqGFR5N4lofjHcNFRZn0OkysOX6hxq_M1yzgutJSbczU9LPd7SO51OuQzeuTk9XFn4pNsfGvGksA5socmSeQLvcCH4AwBpkr-88ZyPkIvPZyU-fHN8RdYVS9GDfEEqD5KvEiVavbEzgBL9-zaC2oBUMsskHeQEeMONcFrG-g-iafhPVQd7K20XUyvZOXVjvkXf8zjSyxG0TTsarQmJTnEnBwSsNkm08F&utsid=244b1f38ad70c746b6386b2acabea1ae&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 10 May 2025 16:59:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZAP2oQiSWcUcqm06%2FWyZ0rflyARKTsk3z8FQG4WvN0%2Bn%2BYGOO0vKz9Ee%2Fo%2BZ3WTjmvcs5EjiOJYDtp5Z%2FvuZeMOxm%2FC%2BwTDj2IFRCTdxc%2FfWzY6Zj8o2D6Wa20dFWgqfdklluA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
cf-ray: 93dafc361d86f98a-PRG
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28008&min_rtt=25062&rtt_var=5602&sent=20&recv=14&lost=0&retrans=0&sent_bytes=9452&recv_bytes=3917&delivery_rate=93940&cwnd=12000&unsent_bytes=0&cid=e72132b5d3c3f8a9&ts=1921&x=16"

lucrinearraign.com/gAKtB43kCvsf/73321

23.109.170.68

200 OK

6 B

URL GET
lucrinearraign.com/gAKtB43kCvsf/73321
IP
23.109.170.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectlucrinearraign.com
Fingerprint49:C3:E2:DC:3E:B4:3E:4B:23:83:1C:07:68:8A:40:54:12:45:0A:A0
ValiditySun, 20 Apr 2025 22:38:38 GMT - Sat, 19 Jul 2025 22:38:37 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gAKtB43kCvsf/73321 HTTP/1.1
Host: lucrinearraign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 May 2025 16:59:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.stream-24.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

toomanyrelation.com/RHJyWUUlEBE0eiVPEH8wNh5PfHcCV0AfIT0YSiknJxwTLXE8BFw6KSsHFj83KxwGdyshBldrAyARKikcHiQ3CgMQKzY7IhEmIh8tKyMnaDYSQCgBBi0dMxd1MygiGDFhQDQYInADMx0EJyRAKRciBRkdDC8/RRgtEUA0DjJ2JgopEhQLGT4AAEolCBEFQTsILgUqMS4jCicKEiMjGQURPXUeIyMUIjUlDxAgCjM8CigaHg8ycB0xMzUJNQsYEQ4aATwMBj9DHCkzBjAeMic0IRAIFCBCOyMSESoLAxYdIx4LBicbYQgUCicPCTwoQgh1K0A3ARcAIR90KRIUQh8jJQsWaRR0HQQdAX06Jjd0EzdDCwwlMEM3FxJLABN2FjYhMCoQFjcQciUkKDUddAIKCAIKMDoNdQM9GmwjJRs8MxQRBh0PEgYwIWp0HCsgOhEPFTNqDSM4Sw89IDMhDj0IKyQ6FR4kI38vNx0cKXgDRzBqKxwoOgMCdDgdHR01

108.157.214.99

200 OK

3.1 kB

URL GET
toomanyrelation.com/RHJyWUUlEBE0eiVPEH8wNh5PfHcCV0AfIT0YSiknJxwTLXE8BFw6KSsHFj83KxwGdyshBldrAyARKikcHiQ3CgMQKzY7IhEmIh8tKyMnaDYSQCgBBi0dMxd1MygiGDFhQDQYInADMx0EJyRAKRciBRkdDC8/RRgtEUA0DjJ2JgopEhQLGT4AAEolCBEFQTsILgUqMS4jCicKEiMjGQURPXUeIyMUIjUlDxAgCjM8CigaHg8ycB0xMzUJNQsYEQ4aATwMBj9DHCkzBjAeMic0IRAIFCBCOyMSESoLAxYdIx4LBicbYQgUCicPCTwoQgh1K0A3ARcAIR90KRIUQh8jJQsWaRR0HQQdAX06Jjd0EzdDCwwlMEM3FxJLABN2FjYhMCoQFjcQciUkKDUddAIKCAIKMDoNdQM9GmwjJRs8MxQRBh0PEgYwIWp0HCsgOhEPFTNqDSM4Sw89IDMhDj0IKyQ6FR4kI38vNx0cKXgDRzBqKxwoOgMCdDgdHR01
IP
108.157.214.99:443
ASN
#16509 AMAZON-02

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerAmazon
Subjecttoomanyrelation.com
FingerprintBF:E3:AF:D4:B0:F0:F5:2B:ED:A6:4B:31:C9:9B:53:A5:5A:3F:BD:D0
ValidityMon, 21 Apr 2025 00:00:00 GMT - Wed, 20 May 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3081), with no line terminators
Size
3.1 kB (3081 bytes)
Hash
d1f1ba316d6dea00b71d8723601a3aa0
e849ad63b736b041f78c6cd59a91e9d362c55f20
801a7e6bf0834f97f2a30504bb6de47fcaa01a8b29bbf5bf21f6bccf211beb06

HTTP Headers

GET /RHJyWUUlEBE0eiVPEH8wNh5PfHcCV0AfIT0YSiknJxwTLXE8BFw6KSsHFj83KxwGdyshBldrAyARKikcHiQ3CgMQKzY7IhEmIh8tKyMnaDYSQCgBBi0dMxd1MygiGDFhQDQYInADMx0EJyRAKRciBRkdDC8/RRgtEUA0DjJ2JgopEhQLGT4AAEolCBEFQTsILgUqMS4jCicKEiMjGQURPXUeIyMUIjUlDxAgCjM8CigaHg8ycB0xMzUJNQsYEQ4aATwMBj9DHCkzBjAeMic0IRAIFCBCOyMSESoLAxYdIx4LBicbYQgUCicPCTwoQgh1K0A3ARcAIR90KRIUQh8jJQsWaRR0HQQdAX06Jjd0EzdDCwwlMEM3FxJLABN2FjYhMCoQFjcQciUkKDUddAIKCAIKMDoNdQM9GmwjJRs8MxQRBh0PEgYwIWp0HCsgOhEPFTNqDSM4Sw89IDMhDj0IKyQ6FR4kI38vNx0cKXgDRzBqKxwoOgMCdDgdHR01 HTTP/1.1
Host: toomanyrelation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1224
date: Sat, 10 May 2025 16:59:03 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=3o9s3PmvLaPa/lNiGCjOEBQaRadGPTMhbydGG3SXRnAoPtc5qTpdNm2qaQAiAzJqSzy4wNKPxUkVtHeuUqdnuwrpDf1rHReRQ7YsIf2aznliKxEHSp4Z1lV/2TgE; Expires=Sat, 17 May 2025 16:59:03 GMT; Path=/
AWSALBCORS=3o9s3PmvLaPa/lNiGCjOEBQaRadGPTMhbydGG3SXRnAoPtc5qTpdNm2qaQAiAzJqSzy4wNKPxUkVtHeuUqdnuwrpDf1rHReRQ7YsIf2aznliKxEHSp4Z1lV/2TgE; Expires=Sat, 17 May 2025 16:59:03 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 797e08d987207122bff536abc6502d6c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: UFuHHolueib2_7EPnpJ4QVfT6ajpJWh20URb50UMZaze8-oBcJSk1A==
X-Firefox-Spdy: h2

push-sdk.com/event?z=996427

157.90.33.72

200 OK

0 B

URL POST
push-sdk.com/event?z=996427
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
Fingerprint43:6C:A5:4F:73:7D:B7:09:5D:88:3F:9F:29:2F:F4:C3:F2:29:12:E3
ValiditySun, 06 Apr 2025 03:46:49 GMT - Sat, 05 Jul 2025 03:46:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=996427 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Angie
date: Sat, 10 May 2025 16:59:03 GMT
content-length: 0
access-control-allow-origin: https://cdn.stream-24.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

104.21.91.63

200 OK

103 kB

URL GET
inklinkor.com/tag.min.js
IP
104.21.91.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectinklinkor.com
FingerprintD4:75:7E:B1:67:C7:C7:0C:A3:EB:5C:A4:EB:72:73:E4:D1:8C:78:30
ValidityMon, 07 Apr 2025 03:52:11 GMT - Sun, 06 Jul 2025 04:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102581 bytes)
Hash
689ebc368165f3106fab74319bb4dc57
35c9ca036795e68588891ce64f30c9d03c7de873
3530f62b02b73fc7ff50c07000245508bd96d3c5397b82bad2aef4f9d58aa3c7

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: dbb09c5350da5e1beeb54826be2d0649
cache-control: max-age=86400
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
expires: Sun, 11 May 2025 15:16:07 GMT
timing-allow-origin: *
content-encoding: gzip
age: 6176
cf-cache-status: HIT
last-modified: Sat, 10 May 2025 15:16:07 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8%2BoZaGgl4Lu%2BLPwOIMlZ0XrLqwsLj2J0tsJ3H7VhpRRqFFRZBXLYBapUD15rYtpZ%2B9VjANa5ehkYzocukTEwgfWsxzeqEoCea%2BfkoMphFOTBNMsZTnjip%2FyB0ylEtCVH"}]}
cf-ray: 93dafc23e99110c5-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/style.css

188.114.97.1

200 OK

681 B

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
ASCII text, with CRLF line terminators
Size
681 B (681 bytes)
Hash
4b3679508ec5704df03efe959d914a44
3a658353793ee3bc59dc4e04b097e0b2bef6f7d4
ed0393986b89dc3d274c6617581495f1f5c96f50d6f610ca25fb72e87e286fa9

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/src/style.css HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:07 GMT
content-type: text/css; charset=utf-8
cf-ray: 93dafc39ee0dca8d-HAM
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f6f4fbd00f108f98961c850177170c75"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3HzqqYoaz04xjxnhEnYSoIrhBpyoAnVlh6d5AoBJYcPSAJ32TNjvyXE07YOXd0oLFI13nAOB1z1Ap9VkPK%2BGQg5JnCxJAs5ADLcMEd6RdskkcWwAaqHd3bnZI0Nn8wUBlns3v0NZ2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21437&min_rtt=16022&rtt_var=6954&sent=131&recv=15&lost=0&retrans=0&sent_bytes=140237&recv_bytes=3315&delivery_rate=101168&cwnd=96000&unsent_bytes=0&cid=fc0ff994ec8d22c0&ts=458&x=1", cfExtPri, cfHdrFlush;dur=0

undefined/c3ozN2ISGFBaXRJHUREXARYOElA1XwFxBgoQC0cAEBRSQ1YLDB1UDhwPV1EQHBRHGQwWDhYFJBYsa1MzIDxyBSU3TkZVGzYffX80AyNYbQwVF3lNIAozR3kPFC99dDhWSHF9BT4Tf2MnRy1efVoVEwN4KR5OBX0KFF8BdS00SkR4MAA2dXMVQyBLdhMQDX5GLjRLX2I2BApjXSg4HloHR0E4fVwSGxhZcho1LQIPBho7ZFUxJl8BcS4LTgt9JjUNYWU4ShxeYTEqFFsDKxtOFgUgPz4LXiA7LAVuJgA+V28SFCB2U0dBOFZ/NB40a2FUKjl6UjIdT1hUJyIpUWAoHz4BGjhLHmRuUxciQ1AoBDwCUho1EWFwMB4je08xKhRUBC8xKwR9USUUfmAoRyNkYSoqIltfATYsVHsIGBR2XTsdMXt1JDUUX107JRZUVQslFWFQRBkJXFkSTh99fCE3E3AAOgk

0.0.0.0

0 B

URL GET
undefined/c3ozN2ISGFBaXRJHUREXARYOElA1XwFxBgoQC0cAEBRSQ1YLDB1UDhwPV1EQHBRHGQwWDhYFJBYsa1MzIDxyBSU3TkZVGzYffX80AyNYbQwVF3lNIAozR3kPFC99dDhWSHF9BT4Tf2MnRy1efVoVEwN4KR5OBX0KFF8BdS00SkR4MAA2dXMVQyBLdhMQDX5GLjRLX2I2BApjXSg4HloHR0E4fVwSGxhZcho1LQIPBho7ZFUxJl8BcS4LTgt9JjUNYWU4ShxeYTEqFFsDKxtOFgUgPz4LXiA7LAVuJgA+V28SFCB2U0dBOFZ/NB40a2FUKjl6UjIdT1hUJyIpUWAoHz4BGjhLHmRuUxciQ1AoBDwCUho1EWFwMB4je08xKhRUBC8xKwR9USUUfmAoRyNkYSoqIltfATYsVHsIGBR2XTsdMXt1JDUUX107JRZUVQslFWFQRBkJXFkSTh99fCE3E3AAOgk
IP
0.0.0.0:0
ASN
#0

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c3ozN2ISGFBaXRJHUREXARYOElA1XwFxBgoQC0cAEBRSQ1YLDB1UDhwPV1EQHBRHGQwWDhYFJBYsa1MzIDxyBSU3TkZVGzYffX80AyNYbQwVF3lNIAozR3kPFC99dDhWSHF9BT4Tf2MnRy1efVoVEwN4KR5OBX0KFF8BdS00SkR4MAA2dXMVQyBLdhMQDX5GLjRLX2I2BApjXSg4HloHR0E4fVwSGxhZcho1LQIPBho7ZFUxJl8BcS4LTgt9JjUNYWU4ShxeYTEqFFsDKxtOFgUgPz4LXiA7LAVuJgA+V28SFCB2U0dBOFZ/NB40a2FUKjl6UjIdT1hUJyIpUWAoHz4BGjhLHmRuUxciQ1AoBDwCUho1EWFwMB4je08xKhRUBC8xKwR9USUUfmAoRyNkYSoqIltfATYsVHsIGBR2XTsdMXt1JDUUX107JRZUVQslFWFQRBkJXFkSTh99fCE3E3AAOgk HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

mowcoordinateegypt.com/41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js

172.240.108.68

403 Forbidden

0 B

URL GET
mowcoordinateegypt.com/41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectmowcoordinateegypt.com
Fingerprint77:CC:D6:BE:D8:34:45:9D:3C:0B:D7:1E:10:1A:86:39:DC:2D:BD:4F
ValidityMon, 14 Apr 2025 21:14:24 GMT - Sun, 13 Jul 2025 21:14:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js HTTP/1.1
Host: mowcoordinateegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 10 May 2025 16:59:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 7
Host: mowcoordinateegypt.com

cdn.advxmedia.xyz/sports/images/banners/primeira-liga2.jpg

172.67.175.169

200 OK

89 kB

URL GET
cdn.advxmedia.xyz/sports/images/banners/primeira-liga2.jpg
IP
172.67.175.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Certificate
IssuerGoogle Trust Services
Subjectadvxmedia.xyz
Fingerprint7A:09:41:BD:C7:B7:98:62:5A:63:F0:57:16:2E:63:98:D0:F1:02:C7
ValidityWed, 07 May 2025 14:42:31 GMT - Tue, 05 Aug 2025 15:40:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1366x768, components 3
Size
89 kB (89211 bytes)
Hash
7b261d1389f56c90e702d7e0dc2e1083
9004e85be411bcc7c583503edef36431550aeed4
a5e4815ec6bf3a088efc53f2386e4301fe7c3487eafd25c41b50642f541b8e4c

HTTP Headers

GET /sports/images/banners/primeira-liga2.jpg HTTP/1.1
Host: cdn.advxmedia.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: image/jpeg
content-length: 89211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRiNAv55sozaZgrbhsuohaAAqRARIT5mLkupp1Jha7CgiP4n5XohFhaeYDvRnU359mqcR2FFwhmeqEYUvAR0kGPQcHvM0DD%2BSfis%2BmmZvOkr7bcy8DbCp7Xd7Z6j0HCk8WQ4eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 14 Apr 2019 20:49:55 GMT
etag: "5cb39cf3-15c7b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 93dafc284c9df99c-PRG
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32979&min_rtt=29204&rtt_var=12135&sent=19&recv=14&lost=0&retrans=0&sent_bytes=8536&recv_bytes=1893&delivery_rate=105720&cwnd=12000&unsent_bytes=0&cid=05c132f73c3b493f&ts=615&x=16"

caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380

104.21.16.1

200 OK

46 kB

URL GET
caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectcaq21harderv991gpluralplay.xyz
FingerprintAF:F8:EB:07:F9:1B:4D:9B:8E:09:F2:50:9D:57:2B:15:62:DD:D5:37
ValidityTue, 15 Apr 2025 12:24:28 GMT - Mon, 14 Jul 2025 13:23:13 GMT

File type
HTML document, ASCII text, with very long lines (28189), with CRLF line terminators
Size
46 kB (45865 bytes)
Hash
e66ef210377b0541c465fefa849d284d
89910a2a3d35f435bf03bd74817bd9ad53bb1b96
1e1a8334ba4c7e08ded868bf4f9e731b33d7e0cb0c9254a932c0d0bd2a91e2fc

HTTP Headers

GET /premiumtv/daddylive.php?id=380 HTTP/1.1
Host: caq21harderv991gpluralplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-cache: BYPASS
videocdnx: NO
node: PHP
cache-control: public, max-age=30, immutable, no-transform
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9XiiByxeykJB3Xa1wcQRk5BX0Z9IsnpwE3x6EtFeNXCBGNnorUZtqSZhkZbpoGa%2BF%2B4HhB9ZIe7bVI%2F%2Bcntt59bPSw9KSjhTp2MigVv%2Fxezln1ueOiH1XzSzkzuv9E50wT3e1l32LmZhfaOPFnSPUjw%3D"}]}
cf-ray: 93dafc2b6f6656be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

daddylive2.top/live/stream-380.php

104.21.76.246

200 OK

220 kB

URL GET
daddylive2.top/live/stream-380.php
IP
104.21.76.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectdaddylive2.top
Fingerprint29:2B:2C:1E:AB:40:27:C6:60:C1:C4:8B:6C:07:04:E5:92:3C:E9:38
ValidityTue, 22 Apr 2025 23:18:00 GMT - Tue, 22 Jul 2025 00:16:11 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (46406), with LF, NEL line terminators
Size
220 kB (220274 bytes)
Hash
7c8cb0492e5bf2fc5079d8a16628e92c
6910b6bd0c8faf5dd30e9e0cbece034b2ace2e9c
412529196dff96944e2edeb21e9255d1c08590ec1dffaeba7e56ef45ea7e402e

HTTP Headers

GET /live/stream-380.php HTTP/1.1
Host: daddylive2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YdBjJfpiyUKtme4M2b10bvM2VWrVXjgmx9Wc%2F8Wh%2FZWFrzrhEs03oH6b5VlrV5zHcN6KEnO4gGdmVC3DBSmtHK%2BfEJNGaYEaEaBW2GINqwY3OrQDgZtu4oF9HJa9GRiX0g%3D%3D"}]}
content-encoding: br
cf-ray: 93dafc21bfcb2875-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=9895074&cbur=0.21303258559859006&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896343272&srs=244b1f38ad70c746b6386b2acabea1ae&atv=60.0

104.21.91.188

200 OK

921 B

URL GET
youradexchange.com/script/suurl5.php?r=9895074&cbur=0.21303258559859006&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896343272&srs=244b1f38ad70c746b6386b2acabea1ae&atv=60.0
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
921 B (921 bytes)
Hash
149e4afb5d26ff133ec96159a94b05c2
8cdcacfd2c30be34900f9a4fdcaeea7a44cdc42e
2db7a377ef938a7d53b8c3c4a82811cf93b61c17db626395704d05749f57d962

HTTP Headers

GET /script/suurl5.php?r=9895074&cbur=0.21303258559859006&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=Flash%20-%20Benfica%20-%20Sporting&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2Flive%2Fstream.php%3Fid%3D358540%26link%3Dhttps%3A%2F%2Fdaddylive2.top%2Flive%2Fstream-380.php%26t%3DFlash%26w%3D&cbref=&cbdescription=cdn.stream-24.xyz&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896343272&srs=244b1f38ad70c746b6386b2acabea1ae&atv=60.0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vyUsetoSk5nelBZ7dhXNkYbxWd%2Fgn8B7EcbspgdBntZPqVjrLCy3FA7TEmQJsmeAboxks03cY7eJdK2SMMK%2FsC0nsAtpNgPr9ydL%2FGpb0bC%2Fi%2F3MQsUP8127o9MTJ4%2FqvxJkuQg%3D"}]}
cf-ray: 93dafc223abdb34d-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

acscdn.com/script/ut.js?cb=1746896343316

188.114.97.1

200 OK

81 kB

URL GET
acscdn.com/script/ut.js?cb=1746896343316
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
81 kB (81040 bytes)
Hash
eaa11c5f044a59ec54c82e06a8beba81
afb33a13f1b0b1163ae1d5f98703c9eacd35bee3
b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c

HTTP Headers

GET /script/ut.js?cb=1746896343316 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwpngAs_AYDtWYzczBAdQJaSP8dUr_A_lydzkwbNzkf-K4gDmWhP2ZxiYiotXcqQxcx2y_BX1Sc
x-goog-generation: 1746014128527462
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 81040
x-goog-hash: crc32c=I1uWZQ==, md5=6qEcXwRKWexUyC4GqL66gQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 16:43:06 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:55:28 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 1547
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xeGcHS0EIQY1zSM9ZOV21tj795ScAqhNdSSzgqaVAuaChLf9565nr5K%2BRRq864%2FPndkURTJS0xEMYyIAHxmiS4YBPtWhYFHuNOScbtJAWvLxTMDaRaymwxCTOMyu"}]}
etag: W/"eaa11c5f044a59ec54c82e06a8beba81"
content-encoding: br
cf-ray: 93dafc21dba6f992-PRG
server-timing: cfExtPri

kohiseewhatm.com/bTd0NFBCCBdHbT9xNkEzO21EbjxUdBYHYQRhRFw+CXA2UAFfdlJAOQkKTQRnWQVDEiAEU0kFdh5DFUAlHgpFEjkDURsJdhsKRRpjWRlHAn5ZEQEJYUtDBFU3UAZSRCQZW0kFZ1kBTA1mXgNHB2ha

172.67.217.123

204 No Content

0 B

URL GET
kohiseewhatm.com/bTd0NFBCCBdHbT9xNkEzO21EbjxUdBYHYQRhRFw+CXA2UAFfdlJAOQkKTQRnWQVDEiAEU0kFdh5DFUAlHgpFEjkDURsJdhsKRRpjWRlHAn5ZEQEJYUtDBFU3UAZSRCQZW0kFZ1kBTA1mXgNHB2ha
IP
172.67.217.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectkohiseewhatm.com
FingerprintEB:50:63:76:15:64:B9:5C:DD:14:0A:EA:A4:AF:C2:08:71:F9:EF:BD
ValidityFri, 04 Apr 2025 10:45:21 GMT - Thu, 03 Jul 2025 11:39:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bTd0NFBCCBdHbT9xNkEzO21EbjxUdBYHYQRhRFw+CXA2UAFfdlJAOQkKTQRnWQVDEiAEU0kFdh5DFUAlHgpFEjkDURsJdhsKRRpjWRlHAn5ZEQEJYUtDBFU3UAZSRCQZW0kFZ1kBTA1mXgNHB2ha HTTP/1.1
Host: kohiseewhatm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 10 May 2025 16:59:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Rp7HpYvy%2ByXdc1PiPjDitRkGoBthe6uZenyo650HhseB8sEPqd8JYXLb78zc15%2Bz82lTiKaFpYflLbEczi2A0rKdqZT9eRx26fJjR5ypZMHN13Liyu8NnebdXIaI%2BgmpmPXM"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 93dafc22dfe362d9-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=6707202&cbur=0.9635541614839543&cbiframe=1&cbWidth=1140&cbHeight=641&cbtitle=&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=rffbxktvxmcje.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896344779&srs=e6d8f26372fe4c400a5aeebead00f11d&atv=60.0&abtg=1&adbv=3-cdn-js

104.21.91.188

200 OK

949 B

URL GET
youradexchange.com/script/suurl5.php?r=6707202&cbur=0.9635541614839543&cbiframe=1&cbWidth=1140&cbHeight=641&cbtitle=&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=rffbxktvxmcje.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896344779&srs=e6d8f26372fe4c400a5aeebead00f11d&atv=60.0&abtg=1&adbv=3-cdn-js
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
949 B (949 bytes)
Hash
87038ca8d542fb78e6bdb08377d78bd0
b162f5d80b23bd415c79c17041e7c61c890d5834
014ca2ee9207e3b305311f82eaa8ab9eb65a7b7fa5587012eb733f4924e2ba87

HTTP Headers

GET /script/suurl5.php?r=6707202&cbur=0.9635541614839543&cbiframe=1&cbWidth=1140&cbHeight=641&cbtitle=&cbpage=https%3A%2F%2Fcdn.stream-24.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=rffbxktvxmcje.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1746896344779&srs=e6d8f26372fe4c400a5aeebead00f11d&atv=60.0&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddylive2.top/
Origin: https://daddylive2.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=etB7xgtLTQe1iMF9BaVDCI5jHP%2Fdh9%2BLF7AqtvJeQAud748EToxozjDtKKd3pjkVEAToZb%2BRmXG7C2%2FQao7Im6zp1l%2F7QrowiyILaC3IGMigpSdQfaq%2FsvdaEJdgJtoIwD32ag4%3D"}]}
cf-ray: 93dafc2afa73b34d-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mg3Ozqr9zsnyaSpQwioRThu6hcmWs7gkOPpah_6EbFZ84n2gN8Qpm8G3dqMdcUE_J6-NO__8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811320373%3A1746896344779976

173.194.73.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mg3Ozqr9zsnyaSpQwioRThu6hcmWs7gkOPpah_6EbFZ84n2gN8Qpm8G3dqMdcUE_J6-NO__8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811320373%3A1746896344779976
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9E:10:08:9D:11:84:1F:9C:2D:04:7B:3F:CB:2F:96:53:7F:73:BC:51
ValidityMon, 21 Apr 2025 08:40:46 GMT - Mon, 14 Jul 2025 08:40:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5Mg3Ozqr9zsnyaSpQwioRThu6hcmWs7gkOPpah_6EbFZ84n2gN8Qpm8G3dqMdcUE_J6-NO__8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811320373%3A1746896344779976 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-7ytwhxDjdB2f--hlJ4PShw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.8x8cbXFxqmQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 May 2025 16:59:05 GMT
age: 3297033
x-served-by: cache-lga21931-LGA, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 1436103
x-timer: S1746896345.163118,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg

185.15.59.240

200 OK

514 B

URL GET
upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint0B:3A:AB:D4:5E:55:A4:08:2B:F7:C1:DA:63:37:75:F1:EB:04:6E:A5
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
514 B (514 bytes)
Hash
1e965f9ca6bac55c4bfece8dabe6fa47
ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab
70e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9

HTTP Headers

GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 May 2025 22:23:47 GMT
server: ATS/9.2.9
etag: W/1e965f9ca6bac55c4bfece8dabe6fa47
content-type: image/svg+xml
x-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j
last-modified: Wed, 28 Aug 2019 18:11:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 66918
accept-ranges: bytes
x-cache: cp3078 hit, cp3078 hit/27485
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
content-length: 328
X-Firefox-Spdy: h2

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/WOS%20LOGO-Photoroom%20(1).png

188.114.97.1

200 OK

130 kB

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/WOS%20LOGO-Photoroom%20(1).png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
PNG image data, 866 x 650, 8-bit/color RGBA, non-interlaced
Size
130 kB (129588 bytes)
Hash
6c4d116868472c0ea4afc6f024e2b0a6
97a8b38e5c699ba0ce241ae3f17299ae17d690e3
04b5f7a886645e31a10bd0b95997d6d47a5db7fc77aa431e274d29749c5a2b78

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/src/WOS%20LOGO-Photoroom%20(1).png HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: image/png
content-length: 129588
server: cloudflare
vary: Accept-Encoding
cf-ray: 93dafc382c49ca8d-HAM
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "03d5ec8fb753206dadd3bed7a8b4ef36"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abnDC%2BwdhZEZO3ujyNvBen%2Fs%2FHqi%2F6Ucoe5TspSWFUuoChWQWEhN%2FWWf40hs4YjnCpjXhkgVAUL2AHmzi2Q%2BHDetFn4T7YkHu8ogaIfYsO6UQat5ZBrauFRFdlq3nlqWiseN6xHUVv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21689&min_rtt=17037&rtt_var=9712&sent=13&recv=7&lost=0&retrans=0&sent_bytes=4968&recv_bytes=1639&delivery_rate=34864&cwnd=12000&unsent_bytes=0&cid=fc0ff994ec8d22c0&ts=182&x=1", cfExtPri, cfHdrFlush;dur=0

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/gif-ezgif.com-resize%20(1).gif

188.114.97.1

200 OK

1.6 MB

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/src/gif-ezgif.com-resize%20(1).gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
GIF image data, version 89a, 220 x 220
Size
1.6 MB (1631655 bytes)
Hash
715d67a78f7f14249ce56fb533082195
afed1f96b9527d3222f54987c53c4d072ecd82a2
01cb96d18f5caf99ca8d02b0ca7a62e7ff91bcc626a75d6d2700e5b7b1c4563b

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/src/gif-ezgif.com-resize%20(1).gif HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:07 GMT
content-type: image/gif
content-length: 1631655
server: cloudflare
vary: Accept-Encoding
cf-ray: 93dafc39ee14ca8d-HAM
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4eb43343ceecba80d732d2673a202cbb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzH0HapFXJHBRQgEMShSj6vF5MTnqBTXsiE62NWErt2cJmrknryrY%2FoBfduUDyIBf434ZOWElF2pwUAWNc3uJ70MytvFRu6o8kMGKev0nyRP5sd1nu13SngtuJX3paLr%2BSlZmJWEsb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21437&min_rtt=16022&rtt_var=6954&sent=133&recv=15&lost=0&retrans=0&sent_bytes=141318&recv_bytes=3315&delivery_rate=101168&cwnd=96000&unsent_bytes=0&cid=fc0ff994ec8d22c0&ts=469&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00

172.67.175.169

200 OK

9.4 kB

URL GET
cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
IP
172.67.175.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectadvxmedia.xyz
Fingerprint7A:09:41:BD:C7:B7:98:62:5A:63:F0:57:16:2E:63:98:D0:F1:02:C7
ValidityWed, 07 May 2025 14:42:31 GMT - Tue, 05 Aug 2025 15:40:09 GMT

File type
HTML document, ASCII text, with very long lines (312)
Size
9.4 kB (9371 bytes)
Hash
4acec882aded0d42208e090bddb678f5
d13db90e9b90b7e4f7ddf105e1877595ba08e665
03d6044c81368d62329db0f62a54baccc816d5e8d64acadc7c44c46c949a56e4

HTTP Headers

GET /sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00 HTTP/1.1
Host: cdn.advxmedia.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=phUr%2BcmFxpunam427tYiFWmdCLXBxOL7SHlLl1Aq5P7DlyAvndiRRWH6IxlKINqR2pvX4E%2FPuNuWiOB6BbAK0XNqH6R%2BZgZ5ul2Gzj%2F8b1A%2Frrob%2FFF3zb7WXL91s9Y%2F5mi9jw%3D%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 93dafc235ebf246f-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rffbxktvxmcje.space/script/ut.js?cb=1746896344994

188.114.96.1

200 OK

81 kB

URL GET
rffbxktvxmcje.space/script/ut.js?cb=1746896344994
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectrffbxktvxmcje.space
Fingerprint33:EA:13:96:DF:88:05:0A:36:C0:98:92:8A:2B:D6:EB:70:69:AA:D5
ValiditySat, 10 May 2025 00:02:20 GMT - Fri, 08 Aug 2025 01:00:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
81 kB (81040 bytes)
Hash
eaa11c5f044a59ec54c82e06a8beba81
afb33a13f1b0b1163ae1d5f98703c9eacd35bee3
b05b9df2027483a401c352424c15d0adff42dbe771c52b71333e5b4e68f1260c

HTTP Headers

GET /script/ut.js?cb=1746896344994 HTTP/1.1
Host: rffbxktvxmcje.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwrWeb4dt0QIW8T0E8eMr-AbYoFRA_E6VHuvHeIF4E00fRftr9YZeYaLErLDkkAKOL9Ko8IrFGw
x-goog-generation: 1746014128527462
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 81040
x-goog-hash: crc32c=I1uWZQ==, md5=6qEcXwRKWexUyC4GqL66gQ==
x-goog-storage-class: MULTI_REGIONAL
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4DWrkgraE19XJCg12fcGN53YgijHn0OS66uNBZvONyqpZcgIIN6UpxgwOPc5VsVqqhKbmE6StpcQhMfK4Uv2Qmxw3VJuix9HnJo8T3xKDZUiewONDUGF%2Bf0LDh70iMLzxGoMFQA8"}]}
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 17:49:24 GMT
cache-control: public, max-age=14400
age: 494
last-modified: Wed, 30 Apr 2025 11:55:28 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: HIT
etag: W/"eaa11c5f044a59ec54c82e06a8beba81"
content-encoding: br
cf-ray: 93dafc2d5f28b377-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

top2new.newkso.ru/auth.php?channel_id=premium380&ts=1746896344&rnd=76341e1f&sig=99d9cb25776aae4399cf78c97d5f9ef0f6939e93c77b815a562ce6270b54a268

172.67.219.130

200 OK

15 B

URL GET
top2new.newkso.ru/auth.php?channel_id=premium380&ts=1746896344&rnd=76341e1f&sig=99d9cb25776aae4399cf78c97d5f9ef0f6939e93c77b815a562ce6270b54a268
IP
172.67.219.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerGoogle Trust Services
Subjectnewkso.ru
Fingerprint08:13:D2:1A:CB:18:DA:53:DC:66:BC:23:3F:B5:9B:3F:48:76:8A:CF
ValidityTue, 01 Apr 2025 16:24:45 GMT - Mon, 30 Jun 2025 17:21:24 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

HTTP Headers

GET /auth.php?channel_id=premium380&ts=1746896344&rnd=76341e1f&sig=99d9cb25776aae4399cf78c97d5f9ef0f6939e93c77b815a562ce6270b54a268 HTTP/1.1
Host: top2new.newkso.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caq21harderv991gpluralplay.xyz/
Origin: https://caq21harderv991gpluralplay.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:06 GMT
content-type: application/json
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, no-store, must-revalidate
a-php-lb-cache: MISS
x-lb-cache: MISS
cf-cache-status: MISS
last-modified: Sat, 10 May 2025 16:59:06 GMT
access-control-allow-origin: *
no-cache: no-cache
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UHgY%2FkdYY6YiV1LnnuJpnG394Dn0JREK0p%2B%2FgZcgQ2rsFbDqIY5Mk1voa3e7mh5H6Nt36bLlrtaGy0snWtapzLsGQEqRSi5ovlrJvmlPhIiPv6ouUMWSNqZmuGP%2B8h7qhZGsQg%3D%3D"}]}
content-encoding: br
cf-ray: 93dafc324df3569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.stream-24.xyz/favicon.ico

104.21.63.225

404 Not Found

146 B

URL GET
cdn.stream-24.xyz/favicon.ico
IP
104.21.63.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectstream-24.xyz
Fingerprint5C:59:18:EC:00:38:C8:4F:55:FD:77:02:FC:88:C7:3C:20:8A:45:03
ValidityFri, 02 May 2025 15:49:04 GMT - Thu, 31 Jul 2025 16:45:54 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cdn.stream-24.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 10 May 2025 16:59:04 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHxu4ma2SWaV87EWB9ZKiNOvFhjNuTFw3Gh0%2B9RJ%2BGc3a5wHXmfdk7yuOka22okOqnvy6N6HMNjBouUCugEe4ejZvLKVWwJ%2BD4SpsCYbHqvDycshUd8IJXoWmEEsirOms0IrrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 93dafc26e9c662d4-HAM
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56747&min_rtt=49771&rtt_var=32616&sent=49&recv=57&lost=4&retrans=6&sent_bytes=8684&recv_bytes=3847&delivery_rate=4810&cwnd=8400&unsent_bytes=0&cid=15b7a9a399547cf9&ts=2276&x=16"

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MiFB-HrawBU0tW-_-2q0AKTfxAmCK_MTiZHVOblSKWXMwhlOA8bnuUgMSrNSX6CvMWEdfLCZw

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MiFB-HrawBU0tW-_-2q0AKTfxAmCK_MTiZHVOblSKWXMwhlOA8bnuUgMSrNSX6CvMWEdfLCZw
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9E:10:08:9D:11:84:1F:9C:2D:04:7B:3F:CB:2F:96:53:7F:73:BC:51
ValidityMon, 21 Apr 2025 08:40:46 GMT - Mon, 14 Jul 2025 08:40:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKV5MiFB-HrawBU0tW-_-2q0AKTfxAmCK_MTiZHVOblSKWXMwhlOA8bnuUgMSrNSX6CvMWEdfLCZw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:5F9anVjct_FwAE6-ddkXskBG1P2Eqg:Ux-VtD5qi1Fb4kCE;Path=/;Expires=Mon, 10-May-2027 16:59:04 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:04 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MjAD2APznNHXz9iv874JLAb3Fpmv4SrzvG3OwSypz0oy6BqigIBQu_X_dZ-Q6--rMPLa-hp7A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S523999515%3A1746896344777796
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-tVy12bfCyFUF2exLOVCgcg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 416
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D

188.114.97.1

200 OK

2.1 kB

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
HTML document, ASCII text
Size
2.1 kB (2130 bytes)
Hash
bafc4c2a21ea2db2f26c45463cc4d823
86d47c8629508443a00e7a170c6e000e5db5dbab
c44a63c8b7c0b16d9688166449f15de741938ad732c93308ac36759260f22741

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 93dafc38aca4ca8d-HAM
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NusJxr7tUOea6TXAZecAgakd0KA53CD3XI%2BoSHWBDclJagYYGHxK0DgQQt6VobB5QqJ8ICMsSNs%2FV8xobhj8aME05b1ad8LIdXYBYEq7tvIAC466P97EHcq6rI%2B3RKA4woHsxU3fUoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22211&min_rtt=17037&rtt_var=7209&sent=127&recv=12&lost=0&retrans=0&sent_bytes=138562&recv_bytes=2312&delivery_rate=1606518&cwnd=96000&unsent_bytes=0&cid=fc0ff994ec8d22c0&ts=275&x=1", cfExtPri, cfHdrFlush;dur=0

toomanyrelation.com/RkszMUgnKVBcdyd2URc9NCcOFHoAbgF3LD8hC0EqJSVSRXw+PR1SJCk+V1c6KSVHHyYjPxYDDiwuWFUwFQ1mawMEc0ZQL3I+dWkeNRhdcwwlHGlSBjEGR3x4JSB1YhJxCGd8DAofYmkpLQULVD8PbgFzC3R/FgMOBRhUVwcBLH99CzUzfHQ7LhpKXhAKIlt2Ki8Ocnh4Pn9QSRErA0oIJx4IelcDdCN/aBoHOH0BLDwdSUYkABhLfAMVe358CjU4f2A/LA5eBS8BeFxSAj9zZ3owdjtQdC8EGXRrJB54ZXMRBQJnehoTJXpWJC8aAFZ/AiZ5dS0BGXhQHWsNR2siLiJiAi8vDkpdACADcXsKEBkFaxkMM2FmeSsEdHsMIwhQfBEtAnlrDSoxawIgfhMAZwoKMXJrBAR+R2syPnpiaSQqGF1rCiMTcXgsPihbezB+I3tbCjEYcncJI3l1ZCx3KApQDTVtWUInKDsOQCMcMl4ALnQpcWUncQ

108.157.214.99

200 OK

3.1 kB

URL GET
toomanyrelation.com/RkszMUgnKVBcdyd2URc9NCcOFHoAbgF3LD8hC0EqJSVSRXw+PR1SJCk+V1c6KSVHHyYjPxYDDiwuWFUwFQ1mawMEc0ZQL3I+dWkeNRhdcwwlHGlSBjEGR3x4JSB1YhJxCGd8DAofYmkpLQULVD8PbgFzC3R/FgMOBRhUVwcBLH99CzUzfHQ7LhpKXhAKIlt2Ki8Ocnh4Pn9QSRErA0oIJx4IelcDdCN/aBoHOH0BLDwdSUYkABhLfAMVe358CjU4f2A/LA5eBS8BeFxSAj9zZ3owdjtQdC8EGXRrJB54ZXMRBQJnehoTJXpWJC8aAFZ/AiZ5dS0BGXhQHWsNR2siLiJiAi8vDkpdACADcXsKEBkFaxkMM2FmeSsEdHsMIwhQfBEtAnlrDSoxawIgfhMAZwoKMXJrBAR+R2syPnpiaSQqGF1rCiMTcXgsPihbezB+I3tbCjEYcncJI3l1ZCx3KApQDTVtWUInKDsOQCMcMl4ALnQpcWUncQ
IP
108.157.214.99:443
ASN
#16509 AMAZON-02

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerAmazon
Subjecttoomanyrelation.com
FingerprintBF:E3:AF:D4:B0:F0:F5:2B:ED:A6:4B:31:C9:9B:53:A5:5A:3F:BD:D0
ValidityMon, 21 Apr 2025 00:00:00 GMT - Wed, 20 May 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3074), with no line terminators
Size
3.1 kB (3074 bytes)
Hash
a89adf0fc9abf5b86bd3f697dcbed7f5
4a90cd92b5f8f7dcfebbe35f5e3e1420b7055c2b
ea30ba1c3d061d94bc4f0ac95c30ec2e5cd2e4b6b4a7b64a8b5a0ee68172f9f8

HTTP Headers

GET /RkszMUgnKVBcdyd2URc9NCcOFHoAbgF3LD8hC0EqJSVSRXw+PR1SJCk+V1c6KSVHHyYjPxYDDiwuWFUwFQ1mawMEc0ZQL3I+dWkeNRhdcwwlHGlSBjEGR3x4JSB1YhJxCGd8DAofYmkpLQULVD8PbgFzC3R/FgMOBRhUVwcBLH99CzUzfHQ7LhpKXhAKIlt2Ki8Ocnh4Pn9QSRErA0oIJx4IelcDdCN/aBoHOH0BLDwdSUYkABhLfAMVe358CjU4f2A/LA5eBS8BeFxSAj9zZ3owdjtQdC8EGXRrJB54ZXMRBQJnehoTJXpWJC8aAFZ/AiZ5dS0BGXhQHWsNR2siLiJiAi8vDkpdACADcXsKEBkFaxkMM2FmeSsEdHsMIwhQfBEtAnlrDSoxawIgfhMAZwoKMXJrBAR+R2syPnpiaSQqGF1rCiMTcXgsPihbezB+I3tbCjEYcncJI3l1ZCx3KApQDTVtWUInKDsOQCMcMl4ALnQpcWUncQ HTTP/1.1
Host: toomanyrelation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1220
date: Sat, 10 May 2025 16:59:03 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=21aMwMBN+9lsLC8I/iPnTrdGJY0SlqbeN2UJ5lWeTpGeXZztxGNfn8CU8Fx4/pqtnzEMl2S5CIecAgKW4oECPhMOPpzxGBSNKb6CnRROKG6mtfB/WTiwqA0twhvr; Expires=Sat, 17 May 2025 16:59:03 GMT; Path=/
AWSALBCORS=21aMwMBN+9lsLC8I/iPnTrdGJY0SlqbeN2UJ5lWeTpGeXZztxGNfn8CU8Fx4/pqtnzEMl2S5CIecAgKW4oECPhMOPpzxGBSNKb6CnRROKG6mtfB/WTiwqA0twhvr; Expires=Sat, 17 May 2025 16:59:03 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 797e08d987207122bff536abc6502d6c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 1llJofvnSbjqLY0Dc6sjjMfFLkCqkgP9wNr4F9MT54TV2bHSiiCPmg==
X-Firefox-Spdy: h2

cdn.advxmedia.xyz/sports/vplayer/sf1/hd.png

172.67.175.169

200 OK

3.9 kB

URL GET
cdn.advxmedia.xyz/sports/vplayer/sf1/hd.png
IP
172.67.175.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Certificate
IssuerGoogle Trust Services
Subjectadvxmedia.xyz
Fingerprint7A:09:41:BD:C7:B7:98:62:5A:63:F0:57:16:2E:63:98:D0:F1:02:C7
ValidityWed, 07 May 2025 14:42:31 GMT - Tue, 05 Aug 2025 15:40:09 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
3.9 kB (3888 bytes)
Hash
e931c33424e9e565356736af5c9e0670
76550e9252bf8e473d8051ba48077225789b1ef5
9a253b31e3091a2070673bc0b51285c013d49593afd8eb7e3cecef50f4320ef1

HTTP Headers

GET /sports/vplayer/sf1/hd.png HTTP/1.1
Host: cdn.advxmedia.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: image/png
content-length: 3888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvhY0D1gjHutnLLDrva%2B4dlqN7DLs5m5f0zLyk0SrgIyGC8mRkVHUbskvp%2BbpTNaXhXJFWjdxnWfmB1Dr2dbkw%2FPefQ0jGlkC%2B%2FAR79c%2FvwrZWU0KWa0YmnRth9IwTenB0z81A%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 09 Mar 2020 22:08:06 GMT
etag: "5e66be46-f30"
accept-ranges: bytes
age: 5522
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 93dafc267c5ff99c-PRG
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29976&min_rtt=29204&rtt_var=12496&sent=14&recv=11&lost=0&retrans=0&sent_bytes=3854&recv_bytes=1432&delivery_rate=14993&cwnd=12000&unsent_bytes=0&cid=05c132f73c3b493f&ts=251&x=16"

ukankingwithea.com/

104.21.80.1

200 OK

27 B

URL GET
ukankingwithea.com/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
9ef3a7b76a1f6eb23a2bfda2f9f3c6f5
8c4e0ccb27411557686c71de6d3ff66a8b0e4e3d
d8375e5a696c52ef99b430ddc783a7212dc192270394c718835dd872e1c7f354

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://cdn.stream-24.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Cl8p6TG%2Fnbh4l3HepqDWFi%2BFucePifP5zKpSNU8RcGN%2B980%2FU237B5ZPqJmrn7b3lJAuud3FjHfSKexxpubAPAjHmYVR3X6lWTdXYok0I5rS9CYZYo0R253SrQP6JigwxuF%2Bnik%3D"}]}
content-encoding: br
set-cookie: csu=1186571898050412@1@1746896344; SameSite=None; Secure; Max-Age=31104000
cf-ray: 93dafc27f9b6b37f-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

daddylive2.top/live/stream-380.php

104.21.76.246

200 OK

0 B

URL HEAD
daddylive2.top/live/stream-380.php
IP
104.21.76.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerGoogle Trust Services
Subjectdaddylive2.top
Fingerprint29:2B:2C:1E:AB:40:27:C6:60:C1:C4:8B:6C:07:04:E5:92:3C:E9:38
ValidityTue, 22 Apr 2025 23:18:00 GMT - Tue, 22 Jul 2025 00:16:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /live/stream-380.php HTTP/1.1
Host: daddylive2.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/live/stream-380.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1FhDuOhRFH4NNPMsbykvU6ViEMKfrokF%2BYBwYTb6J4gJwngGk%2BLSpKCumm%2Bqu2OO7aeZkmnFTiTwMsHX9XtU%2FisDhpZyWLWqp0KLxoAZ87HP9vI4%2B%2FT8i69FLJqNRvUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93dafc2bcd3762c7-HAM
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19399&min_rtt=15493&rtt_var=7449&sent=14&recv=11&lost=0&retrans=0&sent_bytes=3855&recv_bytes=1322&delivery_rate=1461&cwnd=12000&unsent_bytes=0&cid=1f24b92d5b5567b2&ts=1425&x=16"

cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js

104.16.174.226

200 OK

17 kB

URL GET
cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17245)
Size
17 kB (17266 bytes)
Hash
226c2fa3f39c0bb35bb5f1d9d120f9ec
7134ea62cdb655c2a423b1662365c99ba645c2bd
8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04

HTTP Headers

GET /npm/disable-devtool@latest/disable-devtool.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6161
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.8
x-jsd-version-type: version
etag: W/"4372-cTTqYs22VcKkI7FmI2XJm6ZFwr0"
content-encoding: br
x-served-by: cache-fra-etou8220123-FRA, cache-lga21961-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 41335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDwSw7i6sNSVfjCJO18CKQDnzEzwXV9BjBUNaEnlHJu2TScIQjyv7ybWfX1cboqw0xa%2F5%2BHpVAnHz%2BKN8OQ%2FbK1XgU2k%2BdsleXJm8DvfJokXhi83BMVO3DobdGVWSTW4EKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93dafc2ce94a0b41-OSL
X-Firefox-Spdy: h2

kohiseewhatm.com/QWRzbzVuWxAcCCUzIRxiFlUyOWN4FiQqdxcyJBdjFTI5C1QXD1UbXCVZSlgEdlJBSUUoAE5eDWcXBw5BNBdOXhMoChUACGcSTl4bcUpBQQBnEU5eEzUUEggIcEIDG0EtWUJYAXdcSlkGdVdHXwc

172.67.217.123

204 No Content

0 B

URL GET
kohiseewhatm.com/QWRzbzVuWxAcCCUzIRxiFlUyOWN4FiQqdxcyJBdjFTI5C1QXD1UbXCVZSlgEdlJBSUUoAE5eDWcXBw5BNBdOXhMoChUACGcSTl4bcUpBQQBnEU5eEzUUEggIcEIDG0EtWUJYAXdcSlkGdVdHXwc
IP
172.67.217.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectkohiseewhatm.com
FingerprintEB:50:63:76:15:64:B9:5C:DD:14:0A:EA:A4:AF:C2:08:71:F9:EF:BD
ValidityFri, 04 Apr 2025 10:45:21 GMT - Thu, 03 Jul 2025 11:39:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QWRzbzVuWxAcCCUzIRxiFlUyOWN4FiQqdxcyJBdjFTI5C1QXD1UbXCVZSlgEdlJBSUUoAE5eDWcXBw5BNBdOXhMoChUACGcSTl4bcUpBQQBnEU5eEzUUEggIcEIDG0EtWUJYAXdcSlkGdVdHXwc HTTP/1.1
Host: kohiseewhatm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 10 May 2025 16:59:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rVvwBnUId1Wm78mSHx2Hckvs3vEYElovN5tM%2FKjCp07QjYKhji0Wdnp2634%2F49hhwSaNTfUv%2BAY647ENlMrZ1sxUlT4uzxqae5HRA1eFfMFlPUPgm8122LA7Js7NIlo5dDeG"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 93dafc22bfbf62d9-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pubtrky.com/ut/hb.php?cb=0.5027676964011923&v=1

172.67.188.110

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.5027676964011923&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.5027676964011923&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 967
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 10 May 2025 16:59:04 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=O%2F%2FNPmTkcAxoYb0KjBaiW81927trx%2FBEoCwUw8bszh8bL4bjitlyzKpUJS467lpWTOoZwSEI8uxUy7ebe%2FyP1xjWLg%2B%2FFYrAcUcj8jQK0uLIO0qedMj3Mc0564XmyA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 93dafc270c96f97a-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js

172.240.108.68

403 Forbidden

0 B

URL GET
kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerLet's Encrypt
Subjectkzt2afc1rp52.com
Fingerprint43:A9:69:5F:7E:3C:46:D8:11:CD:6B:FC:BD:3F:B0:32:E4:37:C0:4E
ValiditySun, 06 Apr 2025 21:22:47 GMT - Sat, 05 Jul 2025 21:22:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js HTTP/1.1
Host: kzt2afc1rp52.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 10 May 2025 16:59:04 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: kzt2afc1rp52.com

madurird.com/tag.min.js

139.45.197.106

200 OK

103 kB

URL GET
madurird.com/tag.min.js
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://daddylive2.top/live/stream-380.php
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
FingerprintE6:F5:25:47:3F:87:05:23:96:F8:35:FA:1C:BC:79:F8:B3:85:26:2D
ValiditySat, 19 Apr 2025 05:46:37 GMT - Fri, 18 Jul 2025 05:46:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102581 bytes)
Hash
689ebc368165f3106fab74319bb4dc57
35c9ca036795e68588891ce64f30c9d03c7de873
3530f62b02b73fc7ff50c07000245508bd96d3c5397b82bad2aef4f9d58aa3c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive2.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:04 GMT
content-type: application/javascript
x-trace-id: 181e4fc1ebf0aaef97e7d224a639a322
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

paizeestawumee.net/5/3512690/?oo=1&js_build=iclick-v1.1134.0&dmn=inklinkor.com&tt=2&ix=0

139.45.196.63

204 No Content

0 B

URL POST
paizeestawumee.net/5/3512690/?oo=1&js_build=iclick-v1.1134.0&dmn=inklinkor.com&tt=2&ix=0
IP
139.45.196.63:443
ASN
#9002 RETN Limited

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectpaizeestawumee.net
Fingerprint5B:E2:9B:BA:0C:80:7D:47:45:E7:D6:7E:7E:CA:A0:29:0D:1F:53:0A
ValidityMon, 21 Apr 2025 12:08:54 GMT - Sun, 20 Jul 2025 12:08:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /5/3512690/?oo=1&js_build=iclick-v1.1134.0&dmn=inklinkor.com&tt=2&ix=0 HTTP/1.1
Host: paizeestawumee.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2726
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 10 May 2025 16:59:04 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://cdn.stream-24.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

skenaiaefaldy.com/rxdFvMm3olRJ5B/73447

165.232.114.226

200 OK

4.2 kB

URL GET
skenaiaefaldy.com/rxdFvMm3olRJ5B/73447
IP
165.232.114.226:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectskenaiaefaldy.com
FingerprintFD:73:5E:51:DD:98:77:56:A0:A3:4D:C6:52:90:48:49:38:74:D7:E4
ValidityThu, 20 Mar 2025 15:04:47 GMT - Wed, 18 Jun 2025 15:04:46 GMT

File type
JavaScript source, ASCII text
Size
4.2 kB (4240 bytes)
Hash
162fcab2daa5e3f29fed3a4ec4f0539d
b981b69d1e0033735e0ee1e96aa1401023ba6721
a3ed178dec6c4db9dc740e1aebe387c842a4fba732b81bd119f6678598fd8b68

HTTP Headers

GET /rxdFvMm3olRJ5B/73447 HTTP/1.1
Host: skenaiaefaldy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 4240
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1090-uYG2nR4AM3NeDuHpaqFAECO6ZyE"
cache-control: no-store, no-cache
X-Firefox-Spdy: h2

kohiseewhatm.com/bUNTQ0VCfDAweD8bMDonXQVgEgQrGjYbCyoAPyt2DigCAh01JHU3LAl+anNyX3pgZTUEJ25yYx43MjcwHn5iZSwDJTx+Yxt+Ym12WW1gdWtZZSZ+dEs3IyIiUHJ1MzEZL25ycll1a3pzXndgcHNd

172.67.217.123

204 No Content

0 B

URL GET
kohiseewhatm.com/bUNTQ0VCfDAweD8bMDonXQVgEgQrGjYbCyoAPyt2DigCAh01JHU3LAl+anNyX3pgZTUEJ25yYx43MjcwHn5iZSwDJTx+Yxt+Ym12WW1gdWtZZSZ+dEs3IyIiUHJ1MzEZL25ycll1a3pzXndgcHNd
IP
172.67.217.123:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectkohiseewhatm.com
FingerprintEB:50:63:76:15:64:B9:5C:DD:14:0A:EA:A4:AF:C2:08:71:F9:EF:BD
ValidityFri, 04 Apr 2025 10:45:21 GMT - Thu, 03 Jul 2025 11:39:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bUNTQ0VCfDAweD8bMDonXQVgEgQrGjYbCyoAPyt2DigCAh01JHU3LAl+anNyX3pgZTUEJ25yYx43MjcwHn5iZSwDJTx+Yxt+Ym12WW1gdWtZZSZ+dEs3IyIiUHJ1MzEZL25ycll1a3pzXndgcHNd HTTP/1.1
Host: kohiseewhatm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 10 May 2025 16:59:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hjZ0TAXzqGLIlmdXThvlNLJQkSl0iy9dofuOJKA7%2FiTCUGLYnZOl925j%2B6NmKTCDiOlnqBWFfoIF95mrGcrqjjrrTPHY7bjbWU6kWxBYAfBrY3HoTDtJruSh2lvX5dH70akX"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 93dafc22afb362d9-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.80.1

200 OK

26 B

URL GET
ukankingwithea.com/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
ad451033078b26eb92b65735cd304e6d
9e2ff2ade8d8d5825920260db6174eb308ac4af1
00f26122af3e3119f344e00b5b006e983ae949f3a6f7915134be947f2e9c7934

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://cdn.stream-24.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oXboMd0KAZMU45rJaepnaS3COy1cngbV2dHVKGCy1N5EVoNuXfED1lpDB8wF9rTneyxTQEtQimRJMMfEnQP7tCNn%2FY4SI%2BobkvKp3nwUw6m1w6Mpl1rqYYfk3uTZdUQA8sEUEqg%3D"}]}
content-encoding: br
set-cookie: csu=758379943528508@1@1746896344; SameSite=None; Secure; Max-Age=31104000
cf-ray: 93dafc27b99ab37f-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

od.fordedcostaea.com/tD69CV29YeG/65573

23.109.170.255

200 OK

5 B

URL GET
od.fordedcostaea.com/tD69CV29YeG/65573
IP
23.109.170.255:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectod.fordedcostaea.com
Fingerprint9F:B5:CA:16:38:13:B4:5B:A6:15:CE:B3:E0:76:AA:58:54:C9:65:25
ValidityMon, 21 Apr 2025 09:36:16 GMT - Sun, 20 Jul 2025 09:36:15 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tD69CV29YeG/65573 HTTP/1.1
Host: od.fordedcostaea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 May 2025 16:59:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.stream-24.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 11-May-2025 16:59:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

mowcoordinateegypt.com/41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js

172.240.108.68

403 Forbidden

0 B

URL GET
mowcoordinateegypt.com/41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectmowcoordinateegypt.com
Fingerprint77:CC:D6:BE:D8:34:45:9D:3C:0B:D7:1E:10:1A:86:39:DC:2D:BD:4F
ValidityMon, 14 Apr 2025 21:14:24 GMT - Sun, 13 Jul 2025 21:14:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /41/6d/ed/416dedebc6acd1e97fa94e8e3d9612dc.js HTTP/1.1
Host: mowcoordinateegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sat, 10 May 2025 16:59:02 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: mowcoordinateegypt.com

acscdn.com/script/aclib.js

188.114.97.1

200 OK

136 kB

URL GET
acscdn.com/script/aclib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
136 kB (135598 bytes)
Hash
99396b8be1aa8280e0b3aa86075a4094
4b9bfac1a58c0364f0c55405873eec27c159a407
68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwrkxMhK0zE1pVYw_BlBUmNZN0Drckep-EogQaKr_sTrqviZ8o1XdDrcq1PUBixE1-Xi
x-goog-generation: 1746013745736030
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 135598
x-goog-hash: crc32c=cuDBGg==, md5=mTlri+GqgoDgs6qGB1pAlA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 16:18:43 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:49:05 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 2643
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EirD1y651LB4B8us2uP3D3h5ZawSzGUUB7aIIugrph4b97N%2Fzh2KSLABuHcr5K5YX1afXlGQ4qOpX51IltpKJJClx6gKEifQx2d1rcxSjt%2FxpLXj08LAk6Igr7xc"}]}
etag: W/"99396b8be1aa8280e0b3aa86075a4094"
content-encoding: br
cf-ray: 93dafc235f98f992-PRG
server-timing: cfExtPri

acscdn.com/script/aclib.js

188.114.97.1

200 OK

136 kB

URL GET
acscdn.com/script/aclib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint8F:A7:B8:69:9D:95:64:41:D3:00:72:86:8A:93:96:A4:28:FC:BB:C6
ValidityWed, 16 Apr 2025 20:29:49 GMT - Tue, 15 Jul 2025 21:24:42 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
136 kB (135598 bytes)
Hash
99396b8be1aa8280e0b3aa86075a4094
4b9bfac1a58c0364f0c55405873eec27c159a407
68332c022d13f9d1e22c76a638225a949cea39cbd14d5d84fdbc1003e0c6076e

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:03 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2VwrkxMhK0zE1pVYw_BlBUmNZN0Drckep-EogQaKr_sTrqviZ8o1XdDrcq1PUBixE1-Xi
x-goog-generation: 1746013745736030
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 135598
x-goog-hash: crc32c=cuDBGg==, md5=mTlri+GqgoDgs6qGB1pAlA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: cloudflare
expires: Sat, 10 May 2025 16:18:43 GMT
cache-control: public, max-age=3600
last-modified: Wed, 30 Apr 2025 11:49:05 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 2642
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kuPLgkglPIVQsvonbZsAqnCA8LVcLCOqvnvRDuzQZfdoLRdr7j7PqxaflbKMXetImsyBfivQbbEQNPfmmt0HSvmAd6SknGUnuUNrRq2mLAUV2nGuXnUZitzDxKKR"}]}
etag: W/"99396b8be1aa8280e0b3aa86075a4094"
content-encoding: br
cf-ray: 93dafc2119e9f992-PRG
server-timing: cfExtPri

youradexchange.com/ad/czcf.php?cz=tx31i5ida&atv=60.0

104.21.91.188

200 OK

871 B

URL GET
youradexchange.com/ad/czcf.php?cz=tx31i5ida&atv=60.0
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
871 B (871 bytes)
Hash
b59a1bc8e659ad513bae308f9cb1bc7a
53db34d1522d54b18511d3287a18d230b3baed01
c51d7cd107804f08cdd292dfb57189065dbd4bfbd55429663b2f0d8232fd55fe

HTTP Headers

GET /ad/czcf.php?cz=tx31i5ida&atv=60.0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:04 GMT
content-type: text/html; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=53nF0aSo25T%2B9epixPbtPCAoY%2BsByhKjrizcTuBbRu6nZpFwEQlnaoI0MMKXrMW0MwkAbIOVzE3qu8J1VUMsIYov8DLk8aP569ouqIybGGT1iS1zm5iZQKYqlU8pCjzHeQH2%2F%2B8%3D"}]}
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 93dafc262dbcb34d-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/index.html?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D

188.114.97.1

308 Permanent Redirect

2.1 kB

URL GET
auto-deploy.pages.dev/IPP/Artjom/GAME/ENG/427/index.html?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectauto-deploy.pages.dev
FingerprintB6:70:20:01:ED:7F:9D:3B:F8:B9:B7:9C:39:B6:37:C6:F5:C9:4C:B0
ValidityThu, 24 Apr 2025 01:32:13 GMT - Wed, 23 Jul 2025 02:30:33 GMT

File type
HTML document, ASCII text
Size
2.1 kB (2130 bytes)
Hash
bafc4c2a21ea2db2f26c45463cc4d823
86d47c8629508443a00e7a170c6e000e5db5dbab
c44a63c8b7c0b16d9688166449f15de741938ad732c93308ac36759260f22741

HTTP Headers

GET /IPP/Artjom/GAME/ENG/427/index.html?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D HTTP/1.1
Host: auto-deploy.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 308 Permanent Redirect
date: Sat, 10 May 2025 16:59:06 GMT
content-length: 0
server: cloudflare
vary: Accept-Encoding
cf-ray: 93dafc382c45ca8d-HAM
location: /IPP/Artjom/GAME/ENG/427/?cid=174689634617120TNOTV415326358024V94657&network=adcash&utm_source=7797370-3775522587-3930541253&camp=401936220&creative=23833506&format=%5BADD_FORMAT_STRING%5D&offer=%5BADD_OFFER_STRING%5D
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cX6VuD8UAJnbjCnr9nbeKy5kJwOgBmfSjTunXKZj7MTnxeJ7ug8YbLbzTub1719WMrH3TvkndQC90jZxdyIPpNkzyDhDbh3dWIXFFsLRqrQjiLb4lQ2%2FluHXZx2CR%2F6f4ESi4Hv%2F%2FgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21689&min_rtt=17037&rtt_var=9712&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4095&recv_bytes=1639&delivery_rate=34864&cwnd=12000&unsent_bytes=0&cid=fc0ff994ec8d22c0&ts=174&x=1", cfExtPri, cfHdrFlush;dur=0

caq21harderv991gpluralplay.xyz/blast.js

104.21.16.1

200 OK

78 kB

URL GET
caq21harderv991gpluralplay.xyz/blast.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerGoogle Trust Services
Subjectcaq21harderv991gpluralplay.xyz
FingerprintAF:F8:EB:07:F9:1B:4D:9B:8E:09:F2:50:9D:57:2B:15:62:DD:D5:37
ValidityTue, 15 Apr 2025 12:24:28 GMT - Mon, 14 Jul 2025 13:23:13 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77888 bytes)
Hash
091faec928970e76d37a3601c19fcf8a
6441e8eebe90eb8d4a40e7c25440ff99caba3520
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12

HTTP Headers

GET /blast.js HTTP/1.1
Host: caq21harderv991gpluralplay.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adf9iC00roF157S2B1M1BbbARnX7mSmbzBIwXI9nLw1beXTMvNQModNE5jDExCTOkLS7FQTXhQAcm4gvbkz530GJz4sgebRX8rGkpcsUAnz7e2PfO6k94sW2RXrw6IWBnrzRRl8TioqTikx3splvxi4%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 17 Oct 2024 06:47:40 GMT
etag: W/"6710b30c-13040"
access-control-allow-origin: *
age: 3992
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 93dafc315a36eb4d-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27430&min_rtt=25290&rtt_var=8968&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4479&recv_bytes=1497&delivery_rate=1023&cwnd=12000&unsent_bytes=0&cid=ec5e9dfbae538b8d&ts=848&x=16"

cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=

104.21.63.225

200 OK

16 kB

URL User Request GET
cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
IP
104.21.63.225:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectstream-24.xyz
Fingerprint5C:59:18:EC:00:38:C8:4F:55:FD:77:02:FC:88:C7:3C:20:8A:45:03
ValidityFri, 02 May 2025 15:49:04 GMT - Thu, 31 Jul 2025 16:45:54 GMT

File type
JavaScript source, ASCII text, with very long lines (384)
Size
16 kB (15986 bytes)
Hash
5216806b161cd60070740afde0faa048
ec04e63d228dc89fd2f6f6c96a1f308fee8a8fca
b182ea5473a2557814ab43bbb0c3dd6ec11dbf4ed6f14fb2b56fc111d62a14cd

HTTP Headers

GET /live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w= HTTP/1.1
Host: cdn.stream-24.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:01 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NQsW6gjO59%2BrMqTeAqJw%2FxGJQ%2B8GJixLrx4%2Fvw5uv%2F6u9L08%2FuI6%2F5%2FQnTNvrNRI7gVL9R4CJ5qp1hAzV9clPuj3YGHtq7Wv3fXGP1r8DgR6FemRxvP5quTiw2qlAMuW2j%2FMvA%3D%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 93dafc178dfbb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

waust.at/c.js

104.26.5.7

200 OK

12 kB

URL GET
waust.at/c.js
IP
104.26.5.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerGoogle Trust Services
Subjectwaust.at
Fingerprint28:34:9D:B0:BC:21:BB:62:84:CA:E8:DB:72:58:B1:08:CA:F0:42:A2
ValidityWed, 23 Apr 2025 12:21:57 GMT - Tue, 22 Jul 2025 13:21:56 GMT

File type
JavaScript source, ASCII text, with very long lines (12117), with no line terminators
Size
12 kB (12117 bytes)
Hash
7f167017c3edca98e152e2ad7e547032
cbcbd0f11bd2f552cdd87cf1947fadc2b7371681
52784de24aa1b312200cd6262ccecb5983c443290f1fe8d01790199be351b02d

HTTP Headers

GET /c.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Apr 2025 23:21:28 GMT
etag: W/"67fee9f8-2f55"
expires: Sun, 11 May 2025 16:13:59 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2705
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yk2t6vL9Xs5lrbcLu0gmgp%2BC7ms15CCL%2FhShnDNffF%2BMJ4%2Bwgp2v%2FSaZNBGdTwZ%2Be46xkn%2FVojeILls%2FOA3U4Tkb3QbTsw1Mw9NA%2BdQr0QAk938x49YsXIAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 93dafc2d4d6b5687-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=485&min_rtt=405&rtt_var=134&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3192&recv_bytes=1068&delivery_rate=7017770&cwnd=254&unsent_bytes=0&cid=817fb8eb9cbe4e69&ts=71&x=0"
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MjAD2APznNHXz9iv874JLAb3Fpmv4SrzvG3OwSypz0oy6BqigIBQu_X_dZ-Q6--rMPLa-hp7A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S523999515%3A1746896344777796

173.194.73.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MjAD2APznNHXz9iv874JLAb3Fpmv4SrzvG3OwSypz0oy6BqigIBQu_X_dZ-Q6--rMPLa-hp7A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S523999515%3A1746896344777796
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9E:10:08:9D:11:84:1F:9C:2D:04:7B:3F:CB:2F:96:53:7F:73:BC:51
ValidityMon, 21 Apr 2025 08:40:46 GMT - Mon, 14 Jul 2025 08:40:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MjAD2APznNHXz9iv874JLAb3Fpmv4SrzvG3OwSypz0oy6BqigIBQu_X_dZ-Q6--rMPLa-hp7A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S523999515%3A1746896344777796 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.stream-24.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-opYXbE6VtRVV_cVBqVwJQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.8x8cbXFxqmQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

104.16.174.226

200 OK

525 kB

URL GET
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://caq21harderv991gpluralplay.xyz/premiumtv/daddylive.php?id=380
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
525 kB (525081 bytes)
Hash
f55c6c796275a41ce7d97bd160e648ff
936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://caq21harderv991gpluralplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 145133
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
x-served-by: cache-fra-eddf8230067-FRA, cache-lga21958-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 12539
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToTdrgefIWhd4bk3jrEMT1fd3gydFCvghCU0ZPBvCUjIwOkUSHJyGh99dgcKTHIIlhXdWNZc792mfhZ5qsirLBlscOKhQvv74G%2FoJetFeT0NwPEMiYiLqn%2FKTqkyP%2FBxbqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93dafc2ce9510b41-OSL
X-Firefox-Spdy: h2

cdn.stream-24.xyz/live/js/jquery-3.2.1.min.js

104.21.63.225

200 OK

87 kB

URL GET
cdn.stream-24.xyz/live/js/jquery-3.2.1.min.js
IP
104.21.63.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerGoogle Trust Services
Subjectstream-24.xyz
Fingerprint5C:59:18:EC:00:38:C8:4F:55:FD:77:02:FC:88:C7:3C:20:8A:45:03
ValidityFri, 02 May 2025 15:49:04 GMT - Thu, 31 Jul 2025 16:45:54 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /live/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.stream-24.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:02 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sun, 02 Jul 2017 16:54:38 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=327w7LW5UnIMDuXE1Mc%2FFX7EqLAO7zLNNFu7JFkali9qxGi63QtIMscP3TUKRuyd3jy6uEgAThV5QkiPMUWYigM8b%2BRF64msXyE8I53CPk4pcusUGhPhYD%2BbD7F6A01CZaavjg%3D%3D"}]}
expires: Sat, 02 May 2026 21:14:00 GMT
cache-control: public, max-age=31536000, immutable
pragma: public
cf-cache-status: HIT
age: 675889
etag: W/"5959254e-15283"
content-encoding: br
cf-ray: 93dafc1bccb0b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

push-sdk.com/f/sdk.js?z=996427

157.90.33.72

200 OK

55 kB

URL GET
push-sdk.com/f/sdk.js?z=996427
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
Fingerprint43:6C:A5:4F:73:7D:B7:09:5D:88:3F:9F:29:2F:F4:C3:F2:29:12:E3
ValiditySun, 06 Apr 2025 03:46:49 GMT - Sat, 05 Jul 2025 03:46:48 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators
Size
55 kB (54787 bytes)
Hash
f4d87b22393ed5eef57d01d86c6a88f6
5e1aaee78cd735c23cc423fc863decca30aee219
91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee

HTTP Headers

GET /f/sdk.js?z=996427 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Angie
date: Sat, 10 May 2025 16:59:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 15242
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2

skenaiaefaldy.com/f/gstats

165.232.114.226

200 OK

2 B

URL POST
skenaiaefaldy.com/f/gstats
IP
165.232.114.226:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://cdn.stream-24.xyz/live/stream.php?id=358540&link=https://daddylive2.top/live/stream-380.php&t=Flash&w=
Certificate
IssuerLet's Encrypt
Subjectskenaiaefaldy.com
FingerprintFD:73:5E:51:DD:98:77:56:A0:A3:4D:C6:52:90:48:49:38:74:D7:E4
ValidityThu, 20 Mar 2025 15:04:47 GMT - Wed, 18 Jun 2025 15:04:46 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /f/gstats HTTP/1.1
Host: skenaiaefaldy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 278
Origin: https://cdn.stream-24.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdn.stream-24.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:03 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
cache-control: no-store, no-cache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://cdn.advxmedia.xyz/sports/vplayer/sf1/?t=Benfica%20-%20Sporting&s=Football&l=Primeira%20Liga&c=&d=2025-05-10T18:00:00
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.advxmedia.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 18:15:43 GMT
expires: Fri, 08 May 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 168201
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML