| daddylive.mp/favicon.ico |  188.114.97.1 | 404 Not Found | 548 B |
IP188.114.97.1:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectdaddylive.mp Fingerprint48:B3:37:27:0B:BB:DB:6B:BD:93:84:33:55:B0:74:61:9D:71:FE:3B ValidityMon, 31 Mar 2025 18:35:18 GMT - Sun, 29 Jun 2025 19:32:46 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash370e16c3b7dba286cff055f93b9a94d8 65f3537c3c798f7da146c55aef536f7b5d0cb943 d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /favicon.ico HTTP/1.1
Host: daddylive.mp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/embed/stream-455.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 22 Apr 2025 13:25:33 GMT
content-type: text/html
server: cloudflare
cache-control: max-age=14400
cf-cache-status: HIT
age: 144
priority: u=6,i=?0
content-encoding: br
cf-ray: 934572a4685e56c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| 4.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://daddylive.mp/embed/stream-455.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.xadsmart.com/mdatepicker.min.css |  95.173.205.15 | 200 OK | 37 kB |
URL GET www.xadsmart.com/mdatepicker.min.css IP95.173.205.15:443 ASN#60068 Datacamp Limited
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subject1376341044.rsc.cdn77.org Fingerprint0B:6C:90:13:86:63:9E:9A:77:0E:59:C0:5B:FC:BF:83:A0:EB:98:F3 ValidityWed, 16 Apr 2025 02:51:46 GMT - Tue, 15 Jul 2025 02:51:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hash3a579a5d302b61011034628a00ee72d1 d0b89757e41ef804c858d2f3927515223334b310 aa985a1e97a764d4a7217e959d596ade79a9cb5e551526b081fa1a158fcc8c0c
GET /mdatepicker.min.css HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:32 GMT
content-type: application/x-javascript
popads-node: wb8
expires: Sun, 27 Apr 2025 23:29:14 GMT
access-control-allow-origin: https://daddylive.mp
link: <https://xadsmart.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQH38BYBAAwBuUwKCQH3Kv0AAAwBJRPCVwG3aAEAAA
x-77-nzt-ray: 2a494a15b5b1ed94f19807684a07b10e
x-77-cache: HIT
x-77-age: 71408
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/interstitial.php?r=9830542&srs=bdb67d1ef8a3614a7f192c8124cd646c&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&atv=58.3&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js | 104.21.91.188 | 200 OK | 2.9 kB |
URL GET youradexchange.com/script/interstitial.php?r=9830542&srs=bdb67d1ef8a3614a7f192c8124cd646c&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&atv=58.3&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js IP104.21.91.188:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectyouradexchange.com Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT
Hash7fcff8c2fa8b1c1868bc07e3800a7f1f 60d5ccb96e0e34dcf2cfd958a9d690b1885bd545 a19472c447344cb1e54355dd395632e9658ae025046dbff4cfa0a50574507bbc
GET /script/interstitial.php?r=9830542&srs=bdb67d1ef8a3614a7f192c8124cd646c&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&atv=58.3&cbref=&pblcz=6707202&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddylive.mp/
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:33 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 934572a158f4b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xadsmart.com/ayaiejigqeni?SDXaOxPi=BQNyAAAAAAAACZUAAtBRS21iJxrLKeaQzfKRmCG5S_6Vntkz65qbCDK3fQQh8zAW-5JvYoZHbDWJ79oM5ULHhtxqsAaOCk7nJJzNaLP6X2Ucq87ZKLN51_GKtTG3f5-wHCRn3b69GW_OQpSmk0yBF49KDuOhX2HdeNrNcJUdwp23Qi8rKzWp0pdIjaoF9opcRTZPDOCrHubF9N4CbQlxrsWvdyhit7dTACfXrcLj6uGEIIuaKbTZKGGjPunKsimjOpjhNpQY-bLyff3uluGrU7mBuwQ8ph0Rvtk0vmJO_yLWJIxIZ4vkWZyEM8tK-fe-niqQNQWCXMM1nVGQ1uIxYDkAwyNkkTPcDmQJUn9JDC1SiOdJKE3iI1H5ZnBkvoG9CXzn9OZ6-JxT6z1iLeqMTsWV_li6KgIuwXfSTCx4XIx8IKIh22jVqp9lpHTmUslCGkPZReSCxMXECqxjyeg0DGLZ32ZCjDyaBWRYNiwu4k7v9H1FKBwaSVF1zf0lB0yZBOgZIVaVMkBFQhgJUWGjo9Z09QwVLEa4mXqJBh3tU5cg9oI1nCUBgm4WiGiYOC2tHHgNL0ORMZph9rpRAzOytBzUNe04i8lmnJ4rb01-91mAISJpz1BtdxaHYOzLCz41TvV_VhxKMs1klEyTVN9e8PhiYdQnU-We_h1d1mCv5s--D_5mrmsXDvgJNmFN8sOP42g4X90x4T9qr7xdH9Z_9olmbJ02coa9BhzxP5Jj3cBcq-XlY1HZMGyLzcPM5FKI3hiLy7nZ2O3hIrijRQy8V0_CrFjZb43FnoD57gBVsJGyANX6dNBrDmCsxZLlgQvT-3lA0iEfj3B_N5qgnfQ1ynY8KYooGInfi7QGV6lbF4u3Y8x1hvT9tKSz8X2wuwsAzotUxm7_nGS3EOFialVF_XJCD4xTLedHXA2bnkv8CSAzCGUiuf2nMIQfKuaLMzkJ2E57X4S7mePz80x5F7xuPuraNPOa24cXOaVWdSOfLTOSjG708QWZpm2ADLvO5OrYPPhoGLVFJKm9u-_OQCLPS6TVuukCsVOjv2qHvuF8IZRZEgKD18kj2QZCdjhuBZUdmkrvTHxlbnxHG79ZgGUTfKWp80qbkDFkM6J8CMMvmtIKC1b8E9vIWzMQ0mgislaSPG5leV6ketwGnyMx1p_fuPB4akugELvesI269L4&BZWhikuG=4&fdjFheuy=5172174&VdikSesP=&TacdbZoO=0,0&CsZiIjfW=&HbytAuZs=&s=1280,1024,1,1280,1024,0 |  104.153.197.251 | 200 OK | 44 B |
URL GET xadsmart.com/ayaiejigqeni?SDXaOxPi=BQNyAAAAAAAACZUAAtBRS21iJxrLKeaQzfKRmCG5S_6Vntkz65qbCDK3fQQh8zAW-5JvYoZHbDWJ79oM5ULHhtxqsAaOCk7nJJzNaLP6X2Ucq87ZKLN51_GKtTG3f5-wHCRn3b69GW_OQpSmk0yBF49KDuOhX2HdeNrNcJUdwp23Qi8rKzWp0pdIjaoF9opcRTZPDOCrHubF9N4CbQlxrsWvdyhit7dTACfXrcLj6uGEIIuaKbTZKGGjPunKsimjOpjhNpQY-bLyff3uluGrU7mBuwQ8ph0Rvtk0vmJO_yLWJIxIZ4vkWZyEM8tK-fe-niqQNQWCXMM1nVGQ1uIxYDkAwyNkkTPcDmQJUn9JDC1SiOdJKE3iI1H5ZnBkvoG9CXzn9OZ6-JxT6z1iLeqMTsWV_li6KgIuwXfSTCx4XIx8IKIh22jVqp9lpHTmUslCGkPZReSCxMXECqxjyeg0DGLZ32ZCjDyaBWRYNiwu4k7v9H1FKBwaSVF1zf0lB0yZBOgZIVaVMkBFQhgJUWGjo9Z09QwVLEa4mXqJBh3tU5cg9oI1nCUBgm4WiGiYOC2tHHgNL0ORMZph9rpRAzOytBzUNe04i8lmnJ4rb01-91mAISJpz1BtdxaHYOzLCz41TvV_VhxKMs1klEyTVN9e8PhiYdQnU-We_h1d1mCv5s--D_5mrmsXDvgJNmFN8sOP42g4X90x4T9qr7xdH9Z_9olmbJ02coa9BhzxP5Jj3cBcq-XlY1HZMGyLzcPM5FKI3hiLy7nZ2O3hIrijRQy8V0_CrFjZb43FnoD57gBVsJGyANX6dNBrDmCsxZLlgQvT-3lA0iEfj3B_N5qgnfQ1ynY8KYooGInfi7QGV6lbF4u3Y8x1hvT9tKSz8X2wuwsAzotUxm7_nGS3EOFialVF_XJCD4xTLedHXA2bnkv8CSAzCGUiuf2nMIQfKuaLMzkJ2E57X4S7mePz80x5F7xuPuraNPOa24cXOaVWdSOfLTOSjG708QWZpm2ADLvO5OrYPPhoGLVFJKm9u-_OQCLPS6TVuukCsVOjv2qHvuF8IZRZEgKD18kj2QZCdjhuBZUdmkrvTHxlbnxHG79ZgGUTfKWp80qbkDFkM6J8CMMvmtIKC1b8E9vIWzMQ0mgislaSPG5leV6ketwGnyMx1p_fuPB4akugELvesI269L4&BZWhikuG=4&fdjFheuy=5172174&VdikSesP=&TacdbZoO=0,0&CsZiIjfW=&HbytAuZs=&s=1280,1024,1,1280,1024,0 IP104.153.197.251:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerSectigo Limited Subjectxadsmart.com Fingerprint57:60:97:0C:DC:E6:0F:0D:1B:04:5B:46:03:77:64:46:88:C5:CF:87 ValidityFri, 04 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /ayaiejigqeni?SDXaOxPi=BQNyAAAAAAAACZUAAtBRS21iJxrLKeaQzfKRmCG5S_6Vntkz65qbCDK3fQQh8zAW-5JvYoZHbDWJ79oM5ULHhtxqsAaOCk7nJJzNaLP6X2Ucq87ZKLN51_GKtTG3f5-wHCRn3b69GW_OQpSmk0yBF49KDuOhX2HdeNrNcJUdwp23Qi8rKzWp0pdIjaoF9opcRTZPDOCrHubF9N4CbQlxrsWvdyhit7dTACfXrcLj6uGEIIuaKbTZKGGjPunKsimjOpjhNpQY-bLyff3uluGrU7mBuwQ8ph0Rvtk0vmJO_yLWJIxIZ4vkWZyEM8tK-fe-niqQNQWCXMM1nVGQ1uIxYDkAwyNkkTPcDmQJUn9JDC1SiOdJKE3iI1H5ZnBkvoG9CXzn9OZ6-JxT6z1iLeqMTsWV_li6KgIuwXfSTCx4XIx8IKIh22jVqp9lpHTmUslCGkPZReSCxMXECqxjyeg0DGLZ32ZCjDyaBWRYNiwu4k7v9H1FKBwaSVF1zf0lB0yZBOgZIVaVMkBFQhgJUWGjo9Z09QwVLEa4mXqJBh3tU5cg9oI1nCUBgm4WiGiYOC2tHHgNL0ORMZph9rpRAzOytBzUNe04i8lmnJ4rb01-91mAISJpz1BtdxaHYOzLCz41TvV_VhxKMs1klEyTVN9e8PhiYdQnU-We_h1d1mCv5s--D_5mrmsXDvgJNmFN8sOP42g4X90x4T9qr7xdH9Z_9olmbJ02coa9BhzxP5Jj3cBcq-XlY1HZMGyLzcPM5FKI3hiLy7nZ2O3hIrijRQy8V0_CrFjZb43FnoD57gBVsJGyANX6dNBrDmCsxZLlgQvT-3lA0iEfj3B_N5qgnfQ1ynY8KYooGInfi7QGV6lbF4u3Y8x1hvT9tKSz8X2wuwsAzotUxm7_nGS3EOFialVF_XJCD4xTLedHXA2bnkv8CSAzCGUiuf2nMIQfKuaLMzkJ2E57X4S7mePz80x5F7xuPuraNPOa24cXOaVWdSOfLTOSjG708QWZpm2ADLvO5OrYPPhoGLVFJKm9u-_OQCLPS6TVuukCsVOjv2qHvuF8IZRZEgKD18kj2QZCdjhuBZUdmkrvTHxlbnxHG79ZgGUTfKWp80qbkDFkM6J8CMMvmtIKC1b8E9vIWzMQ0mgislaSPG5leV6ketwGnyMx1p_fuPB4akugELvesI269L4&BZWhikuG=4&fdjFheuy=5172174&VdikSesP=&TacdbZoO=0,0&CsZiIjfW=&HbytAuZs=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Tue, 22 Apr 2025 13:25:38 GMT
X-Firefox-Spdy: h2
|
|
| daddylive.mp/embed/stream-455.php | 188.114.97.1 | 200 OK | 222 kB |
URL User Request GET daddylive.mp/embed/stream-455.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services Subjectdaddylive.mp Fingerprint48:B3:37:27:0B:BB:DB:6B:BD:93:84:33:55:B0:74:61:9D:71:FE:3B ValidityMon, 31 Mar 2025 18:35:18 GMT - Sun, 29 Jun 2025 19:32:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (46405), with LF, NEL line terminators Size222 kB (222301 bytes) Hash0d50a84a36a65464bbb1932f14d872af e55e0d58770ee80b3e7181f572d3dc1fe9a0280a ee806f1b0ebe1c7e35868787af5a9d2fef325b36c5bcc252f37033ac9a210a8e
GET /embed/stream-455.php HTTP/1.1
Host: daddylive.mp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:31 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 93457292593f7131-OSL
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNjYBo1kqlyFjaw176x2941QiP3FsDWOT6SlFf8QPdy7BDuaU14Tcj1Y72rAuXtEePU9UInZd7n3rwCR%2FVpckz640K3652AO981dsSrhIYsBj5pn0nYFOY536tw8Gf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=5850&min_rtt=493&rtt_var=10711&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1137&delivery_rate=7702127&cwnd=254&unsent_bytes=0&cid=5668c4b156e8a744&ts=467&x=0"
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 | 104.16.79.73 | 200 OK | 20 kB |
URL GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP104.16.79.73:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectcloudflareinsights.com FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18 ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT
File typeJavaScript source, ASCII text, with very long lines (19948), with no line terminators Hashec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:31 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 934572997ead0b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pn.kalpasbyron.com/rjJktoyUNGhQQAccq/69521 |  23.109.170.209 | 200 OK | 0 B |
URL GET pn.kalpasbyron.com/rjJktoyUNGhQQAccq/69521 IP23.109.170.209:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subjectpn.kalpasbyron.com Fingerprint13:AE:65:4E:69:C9:10:0B:3D:36:97:59:7E:2A:B0:39:DD:0A:3F:53 ValidityMon, 07 Apr 2025 06:37:55 GMT - Sun, 06 Jul 2025 06:37:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rjJktoyUNGhQQAccq/69521 HTTP/1.1
Host: pn.kalpasbyron.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Apr 2025 13:25:32 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://daddylive.mp
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Wed, 23-Apr-2025 13:25:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Wed, 23-Apr-2025 13:25:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| 7qqd3ugra41k.s4.adsco.re/ |  185.200.116.60 | 200 OK | 0 B |
URL POST 7qqd3ugra41k.s4.adsco.re/ IP185.200.116.60:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subject*.s4.adsco.re FingerprintAE:BB:65:20:B5:2F:2A:DA:30:73:84:C4:DC:5F:66:67:7C:1F:84:BB ValiditySat, 19 Apr 2025 09:14:19 GMT - Fri, 18 Jul 2025 09:14:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7qqd3ugra41k.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:38 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.49608811557667465&v=1 | 104.21.8.108 | 204 No Content | 0 B |
URL POST pubtrky.com/ut/hb.php?cb=0.49608811557667465&v=1 IP104.21.8.108:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectpubtrky.com FingerprintE5:4C:CF:74:BF:B8:D7:8B:39:F8:13:97:6C:AE:46:2B:E5:A8:E7:0B ValidityFri, 07 Mar 2025 10:09:06 GMT - Thu, 05 Jun 2025 11:07:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.49608811557667465&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 834
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 22 Apr 2025 13:25:33 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
cf-ray: 934572a4dc88b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 1.2 kB |
IP162.252.214.5:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeASCII text, with very long lines (1191), with no line terminators Hash23ef969b8a0878520c39ad9ae5eabcb8 c0e1ef5b2f827050863c04d99d183f25dabeab7b d447d57dfee2e8149daa73ca83d28d550bb24d6cf5917bec346d93f723318c1d
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1532
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 13:25:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK nyc123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://daddylive.mp
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| youradexchange.com/script/suurl5.php?r=6707202&cbur=0.7073371483119595&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&cbref=&cbdescription=&cbkeywords=&cbcdn=ucgfvdrdbqajh.club&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1745328331713&srs=bdb67d1ef8a3614a7f192c8124cd646c&atv=58.3&abtg=1&adbv=3-cdn-js | 104.21.91.188 | 200 OK | 987 B |
URL GET youradexchange.com/script/suurl5.php?r=6707202&cbur=0.7073371483119595&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&cbref=&cbdescription=&cbkeywords=&cbcdn=ucgfvdrdbqajh.club&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1745328331713&srs=bdb67d1ef8a3614a7f192c8124cd646c&atv=58.3&abtg=1&adbv=3-cdn-js IP104.21.91.188:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectyouradexchange.com Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT
Hasha2afd1dca792210d901293bf4f8e4fe0 ec5ab6dcb51a27c2ca96d8d25f1193beddb6ddd4 28439203b05f880de61eb6c5777bf2f2d76b711bf48448f6bce62ecfcf09f124
GET /script/suurl5.php?r=6707202&cbur=0.7073371483119595&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdaddylive.mp%2Fembed%2Fstream-455.php&cbref=&cbdescription=&cbkeywords=&cbcdn=ucgfvdrdbqajh.club&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1745328331713&srs=bdb67d1ef8a3614a7f192c8124cd646c&atv=58.3&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddylive.mp/
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:32 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 9345729aae0ab523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| funzoneplay.cfd/premiumtv/daddyhd.php?id=455 | 0.0.0.0 | | 0 B |
URL GET funzoneplay.cfd/premiumtv/daddyhd.php?id=455 IP0.0.0.0:0
Requested byhttps://daddylive.mp/embed/stream-455.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /premiumtv/daddyhd.php?id=455 HTTP/1.1
Host: funzoneplay.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| ucgfvdrdbqajh.club/script/ut.js?cb=1745328332233 | 172.67.185.153 | 200 OK | 66 kB |
URL GET ucgfvdrdbqajh.club/script/ut.js?cb=1745328332233 IP172.67.185.153:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectucgfvdrdbqajh.club Fingerprint74:D4:25:DA:69:F1:70:8E:65:4D:54:EA:88:DF:23:5B:44:37:E1:6A ValidityMon, 21 Apr 2025 03:51:01 GMT - Sun, 20 Jul 2025 04:49:18 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators Hash4afa2ac99f97331dc98263d49022a958 60bb7c7c45ff14e8df86ef9e0b9a7a55a7d2baca a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32
GET /script/ut.js?cb=1745328332233 HTTP/1.1
Host: ucgfvdrdbqajh.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:32 GMT
content-type: text/javascript
server: cloudflare
x-guploader-uploadid: AAO2Vwqyl8Emh6XrcQ4uEegQ69uM0s4VTD16liI7278wJj1nxPJa9Fycj3WAzaGjMUmMZfcK738euqE
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 22 Apr 2025 13:37:12 GMT
cache-control: public, max-age=14400
age: 1453
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
cf-cache-status: HIT
etag: W/"4afa2ac99f97331dc98263d49022a958"
content-encoding: br
cf-ray: 934572a00b5f0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| wempoargaukobe.net/tag.min.js |  139.45.197.118 | 200 OK | 103 kB |
URL GET wempoargaukobe.net/tag.min.js IP139.45.197.118:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subjectwempoargaukobe.net Fingerprint13:23:A1:DA:A0:AB:05:1E:EA:21:EB:F6:D9:E2:E5:7A:6B:89:5C:C2 ValidityThu, 10 Apr 2025 05:21:00 GMT - Wed, 09 Jul 2025 05:20:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size103 kB (102573 bytes) Hash3abcd24d3a2a5f5e8225fb5d16023679 8eb422de3e83ea411e173eba70c26891435d1ee1 40b630c5f29a8a2c28e84ae9b71f7ddb2c6c843fbb7dd79b9614581c341e8d9c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: wempoargaukobe.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 13:25:32 GMT
content-type: application/javascript
x-trace-id: bb457b62dcac1cf6932045067f867ec7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://daddylive.mp/embed/stream-455.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| daddylive.mp/cdn-cgi/rum? | 188.114.97.1 | 404 Not Found | 151 B |
URL POST daddylive.mp/cdn-cgi/rum? IP188.114.97.1:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectdaddylive.mp Fingerprint48:B3:37:27:0B:BB:DB:6B:BD:93:84:33:55:B0:74:61:9D:71:FE:3B ValidityMon, 31 Mar 2025 18:35:18 GMT - Sun, 29 Jun 2025 19:32:46 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash45efc4779b2e6b43ed200755328af518 badb6097a3c8fad00517f38352ba72b9f7b6637b d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc
POST /cdn-cgi/rum? HTTP/1.1
Host: daddylive.mp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1357
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/embed/stream-455.php
Cookie: a=TJTk6zP2pExL9OSp34szZ0eZ8xIVSWDL
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 22 Apr 2025 13:25:37 GMT
priority: u=3,i=?0
server: cloudflare
cf-ray: 934572bbdf3156c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| 4.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://daddylive.mp/embed/stream-455.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 6.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://daddylive.mp/embed/stream-455.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 7qqd3ugra41k.l4.adsco.re/ | 185.200.118.62 | 200 OK | 0 B |
URL POST 7qqd3ugra41k.l4.adsco.re/ IP185.200.118.62:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subject*.l4.adsco.re Fingerprint76:AD:98:EA:A8:8F:6F:6D:58:92:36:07:6D:91:B6:67:41:97:C1:4E ValiditySat, 19 Apr 2025 09:14:33 GMT - Fri, 18 Jul 2025 09:14:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7qqd3ugra41k.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:37 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 7qqd3ugra41k.n4.adsco.re/ | 38.132.109.126 | 200 OK | 0 B |
URL POST 7qqd3ugra41k.n4.adsco.re/ IP38.132.109.126:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subject*.n4.adsco.re FingerprintEB:C6:B8:97:D3:9D:38:6F:22:4B:ED:17:B4:B6:9C:E0:30:A8:06:1E ValiditySat, 19 Apr 2025 09:14:20 GMT - Fri, 18 Jul 2025 09:14:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7qqd3ugra41k.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Apr 2025 13:25:37 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c.adsco.re/#0.12761118608545907 | 104.17.166.186 | 200 OK | 79 kB |
URL GET c.adsco.re/#0.12761118608545907 IP104.17.166.186:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hashf0e71ebb1e2c90b307c171052ca517d0 1a1950b1868c0bfb8629f6f81b81439160727a79 adbce95b9ac0da66ea3a1d707494d9c74876e1c9186c446b4b5a22d15adc1ee5
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 13:25:37 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 23 May 2025 13:25:37 GMT
etag: W/"8Oceux4skLMHwXEFLKUX0A=="
content-encoding: gzip
cf-cache-status: HIT
age: 989895
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 934572bbaff856bd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| daddylive.mp/embed/stream-455.php | 188.114.97.1 | 200 OK | 0 B |
URL HEAD daddylive.mp/embed/stream-455.php IP188.114.97.1:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerGoogle Trust Services Subjectdaddylive.mp Fingerprint48:B3:37:27:0B:BB:DB:6B:BD:93:84:33:55:B0:74:61:9D:71:FE:3B ValidityMon, 31 Mar 2025 18:35:18 GMT - Sun, 29 Jun 2025 19:32:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /embed/stream-455.php HTTP/1.1
Host: daddylive.mp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/embed/stream-455.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 13:25:32 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
priority: u=3,i=?0
content-encoding: br
cf-ray: 9345729cbe6256c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| ojapsaiwha.net/5/6712285/?oo=1&js_build=iclick-v1.1127.0&dmn=wempoargaukobe.net&tt=2&ix=0 | 139.45.196.62 | 204 No Content | 0 B |
URL POST ojapsaiwha.net/5/6712285/?oo=1&js_build=iclick-v1.1127.0&dmn=wempoargaukobe.net&tt=2&ix=0 IP139.45.196.62:443
Requested byhttps://daddylive.mp/embed/stream-455.php CertificateIssuerLet's Encrypt Subjectojapsaiwha.net Fingerprint9A:6F:D2:71:17:75:04:14:73:72:EC:ED:11:F2:9D:07:B0:4B:8F:72 ValiditySat, 19 Apr 2025 13:38:15 GMT - Fri, 18 Jul 2025 13:38:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /5/6712285/?oo=1&js_build=iclick-v1.1127.0&dmn=wempoargaukobe.net&tt=2&ix=0 HTTP/1.1
Host: ojapsaiwha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2565
Origin: https://daddylive.mp
DNT: 1
Connection: keep-alive
Referer: https://daddylive.mp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Tue, 22 Apr 2025 13:25:37 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://daddylive.mp
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
0.0.0.0