Report - daddylivehd1.top/live/stream-327.php

Report Overview

Visitedpublic

2024-12-02 13:05:00

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aisorussooxacm.net	unknown	unknown	No data	No data	1.7 kB	6.4 kB	139.45.197.245
adsco.re	8541	2017-02-14	2017-04-03	2024-11-25	428 B	1.7 kB	162.252.214.5
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-11-27	429 B	146 kB	104.18.186.31
xadsmart.com	85874	2020-04-18	2020-04-19	2024-11-30	1.6 kB	255 B	104.153.197.251
6.adsco.re	17812	2017-02-14	2018-01-15	2024-11-29	1.2 kB	1.5 kB	104.17.167.186
tortoisesun.com	unknown	2024-08-13	2024-12-01	2024-12-01	483 B	490 B	172.240.127.234
4.adsco.re	19179	2017-02-14	2021-01-04	2024-11-29	813 B	886 B	162.252.214.5
eqaztmxcha6p.s4.adsco.re	unknown	unknown	No data	No data	438 B	461 B	185.200.116.60
cookiewebplay.xyz	unknown	2024-06-07	2024-07-27	2024-11-30	901 B	80 kB	104.21.75.57
kizohilsoa.net	unknown	2024-10-23	2024-10-26	2024-10-26	401 B	28 kB	139.45.197.243
wedruftod.net	unknown	unknown	No data	No data	396 B	28 kB	139.45.197.245
code.jquery.com	634	2005-12-10	2012-05-21	2024-11-27	411 B	32 kB	151.101.2.137
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2024-11-27	471 B	1.4 kB	185.15.59.240
miztv.shop	unknown	2024-04-16	2024-04-16	2024-10-22	430 B	827 B	188.114.96.1
c.adsco.re	16577	2017-02-14	2017-11-29	2024-11-29	1.0 kB	110 kB	104.17.166.186
eqaztmxcha6p.n4.adsco.re	unknown	unknown	No data	No data	438 B	461 B	38.132.109.126
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-01	799 B	172 kB	185.196.197.71
footyroom.top	unknown	unknown	No data	No data	2.8 kB	79 kB	188.114.96.1
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-11-27	453 B	1.4 kB	104.21.27.183
www.xadsmart.com	151441	2020-04-18	2020-04-18	2024-11-30	445 B	38 kB	185.76.9.11
treatedscale.com	unknown	2024-08-13	2024-12-01	2024-12-01	479 B	491 B	172.240.108.84
waust.at	38137	unknown	2016-01-28	2024-11-29	391 B	14 kB	172.67.71.57
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-01	415 B	375 B	185.196.197.72
youradexchange.com	273384	2012-11-09	2013-02-04	2024-11-29	1.5 kB	3.9 kB	104.21.91.188
daddylivehd1.top	unknown	unknown	No data	No data	4.3 kB	35 kB	172.67.205.201
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-01	433 B	423 B	18.199.43.28
eqaztmxcha6p.l4.adsco.re	unknown	unknown	No data	No data	438 B	461 B	185.200.118.62
graigloapikraft.net	unknown	unknown	No data	No data	401 B	72 kB	139.45.197.243
pp-lfekpkr.buzz	unknown	2024-11-30	2024-11-30	2024-11-30	414 B	26 kB	172.67.143.195
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-11-27	498 B	20 kB	104.16.79.73
relentlessexpensive.com	unknown	2022-10-14	2022-10-14	2024-10-18	883 B	72 kB	172.240.108.84
acscdn.com	93608	2020-05-05	2020-05-06	2024-11-28	1.2 kB	225 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-02 13:04:38	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2024-12-02 13:04:38	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2024-12-02 13:04:38	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2024-12-02 13:04:38	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2024-12-02 13:04:38	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2024-12-02 13:04:38	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-02	medium	wedruftod.net	Sinkholed
2024-12-02	medium	kizohilsoa.net	Sinkholed
2024-12-02	medium	aisorussooxacm.net	Sinkholed
2024-12-02	medium	graigloapikraft.net	Sinkholed
2024-12-02	medium	aisorussooxacm.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (196)

	URL	From	Size	First Seen	Last Seen
	unknown	EventHandler	11 B	2024-12-01	2024-12-21
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-12-01 Last Seen 2024-12-21 Times Seen 6 Size 11 B (11 bytes) MD5 1d6eb53c5fb29af103aedbd16a15ee0e SHA1 8dcb1958ad56cfe2645fa40bcf14d33f1b0e9b45 SHA256 6f3f3e925464b626cc019ee9f5b1c0eebc9d1e54d6f43962db6ec13e14273c4e Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	55 B	2024-12-02	2024-12-21
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-21 Times Seen 3 Size 55 B (55 bytes) MD5 35b7b70e3e4391415eb60bc77df91823 SHA1 dcca3f7172e9926ab634d6f8aa96f81a688c2552 SHA256 18469ee593c825d42d4a58b5996ca18ec4fdc7f2bfabf62a9dbafae9929abc72 Format Code Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-08-06
URL code.jquery.com/jquery-3.6.0.min.js IP / ASN 151.101.2.137 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 266700 Size 90 kB (89501 bytes) MD5 8fb8fee4fcc3cc86ff6c724154c49c42 SHA1 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 SHA256 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	28 kB	2024-12-02	2024-12-02
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 28 kB (28031 bytes) MD5 393bed8a802c4fbf0d7e6e7dd58366f9 SHA1 f82a8bb59c7017df0be92339a9b5e108aac134b5 SHA256 09b13d1be285da12e200d090c119aaa800a5d7f3e081b689d6b4ba1fd6e3bd8f Format Code Loading...

	footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js	ScriptElement	17 kB	2024-05-24	2025-08-06
URL footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-24 Last Seen 2025-08-06 Times Seen 30 Size 17 kB (17120 bytes) MD5 4edd87322f246f6c5c0b3d2fb0d204ae SHA1 12e92acb11f80b8b409c8a24893a0907dbcbed78 SHA256 587cee8a94747a6aae8d17ac1b5bb2823588ba299564aa894b5c1f3b28c1d573 Format Code Loading...

	unknown	ScriptElement	49 B	2024-05-15	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-15 Last Seen 2025-08-06 Times Seen 9430 Size 49 B (49 bytes) MD5 265fbd04531d9cf5fd767b4e3149a5d1 SHA1 9df7368252b2b411d8472e2a6cc46fd5557ac415 SHA256 1b5a1da3648fc66667a67e766f23683675655e69a2f5186d65e750c7af80fa01 Format Code Loading...

	daddylivehd1.top/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.9 kB	2024-12-02	2024-12-02
URL daddylivehd1.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP / ASN 172.67.205.201 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 8.9 kB (8868 bytes) MD5 8af4685b0b71ba4db82b63fd3bb2ab79 SHA1 a48faeb25700acaf6a7a9d1a53132ebde76769f2 SHA256 969348d042f0384df1a57698ed7b63d8653d00eaeabd2eeb5ae0172a893b64bf Format Code Loading...

	relentlessexpensive.com/3b/47/63/3b4763046974f9160ef113707c7ca5f7.js	ScriptElement	100 kB	2024-12-02	2024-12-02
URL relentlessexpensive.com/3b/47/63/3b4763046974f9160ef113707c7ca5f7.js IP / ASN 172.240.108.84 #7979 SERVERS-COM Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 100 kB (99875 bytes) MD5 a94b0a5315a34736d9845db37e9ce331 SHA1 6eca248162f83317885429d89744aced53f99e76 SHA256 3d41b0abd7f1ba337ee2115ad27110c048998c9a7828efc8af0b9e42885bd540 Format Code Loading...

	daddylivehd1.top/live/stream-327.php	ScriptElement	921 B	2024-12-02	2024-12-02
URL daddylivehd1.top/live/stream-327.php IP / ASN 172.67.205.201 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 921 B (921 bytes) MD5 2aa7d5c70f58b6382aef72a3bef2556b SHA1 bde01564439f22958438b3e533c6d09e77c76247 SHA256 d3065fc56777c7d2e0a18c1f4fbfd2c338a68d309b85d26a99882f7938564bff Format Code Loading...

	unknown	EventHandler	10 B	2024-12-01	2024-12-21
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-12-01 Last Seen 2024-12-21 Times Seen 6 Size 10 B (10 bytes) MD5 6998a7af2cd0faa22efe7a518a553754 SHA1 e2ef7a1c0e6ba36bf12fb71fa06d0a66608c29b6 SHA256 f0cd06bac3b4f632c086590de4297e9e6595ab088ebfa4e1228e0f9946686ae8 Format Code Loading...

	unknown	JavascriptURL	5 B	2023-03-07	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by JavascriptURL Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 33328 Size 5 B (5 bytes) MD5 68934a3e9455fa72420237eb05902327 SHA1 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 SHA256 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Format Code Loading...

	graigloapikraft.net/tag.min.js	ScriptElement	71 kB	2024-12-02	2024-12-02
URL graigloapikraft.net/tag.min.js IP / ASN 139.45.197.243 #9002 RETN Limited Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 3 Size 71 kB (71416 bytes) MD5 0fbb791355ac62f078d8d8f1fb39e6df SHA1 098a1e7f69a1c9bbb8ba94b9bbc0c8cb36957f6b SHA256 0eb77b95c8b04b39a236a427a8049f712444092476e3a6e8d0defd898d1b8d2d Format Code Loading...

	www.xadsmart.com/kbootstrap-year-calendar.min.css	ScriptElement	37 kB	2024-12-02	2024-12-04
URL www.xadsmart.com/kbootstrap-year-calendar.min.css IP / ASN 185.76.9.11 #60068 Datacamp Limited Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-04 Times Seen 2 Size 37 kB (37168 bytes) MD5 af87b4352b1cbe3adc3a53cc3f6b447e SHA1 45387c012cfda9daa62e2e55243724f961de37a5 SHA256 b76c9c3dbab0257921d03b4b27204cd0a93c6ccc25271b79de923f5f1c43338b Format Code Loading...

	unknown	ScriptElement	49 B	2024-05-15	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-15 Last Seen 2025-08-06 Times Seen 9375 Size 49 B (49 bytes) MD5 93128c282499b9ac18b63d0170ef3d44 SHA1 20a9c22e9546d49fc54c41ecbfa82880934f45f3 SHA256 f58ab76f9bc7003d1eaa68b8ca01bc723da2137cac1536511da193bd3062f86c Format Code Loading...

	unknown	ScriptElement	49 B	2024-05-15	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-15 Last Seen 2025-08-06 Times Seen 9488 Size 49 B (49 bytes) MD5 6dc0afc5aee21e3a2c7ba20fcbbc5502 SHA1 b0b548e52b180b7ac2fbac80962700dcd226b31f SHA256 97e8f3fb205c8b155c8c6370121edddfad4baf9da50783c9b7efc9ed120bf41b Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	467 B	2023-03-09	2025-08-03
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-09 Last Seen 2025-08-03 Times Seen 294 Size 467 B (467 bytes) MD5 f6ca01bb0ca3ebde821544f18ec83583 SHA1 2e8cbf747f80c79ae8c12b8685556757e813b9db SHA256 a1d2b03b3b1269adbdcbda20f64807bc730335783a9a90e9fbd743f898fb675c Format Code Loading...

	acscdn.com/script/aclib.js	ScriptElement	134 kB	2024-12-02	2024-12-03
URL acscdn.com/script/aclib.js IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-03 Times Seen 5 Size 134 kB (134490 bytes) MD5 14662eb67bb3aed4331904e559c15328 SHA1 13abc93cf1ccff4ed582f07bf0d00f076f77c8f9 SHA256 55018e943ba41fe9364dd22668344455706c38bf75149bb60c2eed26e329830e Format Code Loading...

	cookiewebplay.xyz/premiumtv/daddylive.php?id=327	ScriptElement	52 B	2024-07-11	2025-08-03
URL cookiewebplay.xyz/premiumtv/daddylive.php?id=327 IP / ASN 104.21.75.57 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-07-11 Last Seen 2025-08-03 Times Seen 221 Size 52 B (52 bytes) MD5 78a6702d966a64ed29eca96bfefed3de SHA1 cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c SHA256 00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095 Format Code Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-08-06
URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP / ASN 104.16.79.73 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-06-07 Last Seen 2025-08-06 Times Seen 104878 Size 20 kB (19948 bytes) MD5 ec18af6d41f6f278b6aed3bdabffa7bc SHA1 62c9e2cab76b888829f3c5335e91c320b22329ae SHA256 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	73 B	2024-06-29	2025-08-06
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-06-29 Last Seen 2025-08-06 Times Seen 26 Size 73 B (73 bytes) MD5 c2dcd5c213b7b6e49b9f18b0a8d6e7a0 SHA1 410c447a3a8d63b829d489865bd0a76ee0d3a03d SHA256 11ccd46f61d9f9ba84e6fd57131421a09974687d019d0ea763b6b167f22ae045 Format Code Loading...

	unknown	ScriptElement	236 B	2024-12-02	2024-12-02
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 236 B (236 bytes) MD5 88155f88daccdb843790df64441037b4 SHA1 03411a4fbafc63d81ed360b01c79bb12de11169b SHA256 64c2dadcc248ee8e3f68378cf4fb0050c49a34219df52d3003e34a9c67d25be1 Format Code Loading...

	cookiewebplay.xyz/premiumtv/daddylive.php?id=327	ScriptElement	45 B	2024-07-20	2025-08-03
URL cookiewebplay.xyz/premiumtv/daddylive.php?id=327 IP / ASN 104.21.75.57 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-07-20 Last Seen 2025-08-03 Times Seen 206 Size 45 B (45 bytes) MD5 b50a7599a1cd871d2b379f9ef0b04aa4 SHA1 66783a5680bbf18a422b0ebf586f787abb91f56f SHA256 94ba1e39aa22b534544bd907ddee33191396ded56a47cabf861e12ed65780385 Format Code Loading...

	unknown	ScriptElement	236 B	2024-12-02	2024-12-02
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 236 B (236 bytes) MD5 1dbd035110a9514bd18655fbca7498c3 SHA1 58bd7365224e81b50d3c76240c447362ef86dba9 SHA256 84ca42da9190c2e40627b6d9ae332b0b7cf297c3724badcc1a4bc454e497cfab Format Code Loading...

	cookiewebplay.xyz/blast.js	ScriptElement	78 kB	2023-03-08	2025-08-03
URL cookiewebplay.xyz/blast.js IP / ASN 104.21.75.57 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-08 Last Seen 2025-08-03 Times Seen 663 Size 78 kB (77888 bytes) MD5 091faec928970e76d37a3601c19fcf8a SHA1 6441e8eebe90eb8d4a40e7c25440ff99caba3520 SHA256 eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12 Format Code Loading...

	relentlessexpensive.com/6a/0c/24/6a0c242b85c67cc28b75da0dd8ff81e4.js	ScriptElement	100 kB	2024-12-02	2024-12-02
URL relentlessexpensive.com/6a/0c/24/6a0c242b85c67cc28b75da0dd8ff81e4.js IP / ASN 172.240.108.84 #7979 SERVERS-COM Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 100 kB (99875 bytes) MD5 f1aeae66e3916cb5c52421f61f7e885c SHA1 8785be49b061ae4af115774a4dbaa438e01e6d09 SHA256 704f791fd019e7090986f2a7b9c5b068b68a31a94cd09647bcf91bd294cd56df Format Code Loading...

	acscdn.com/script/suv5.js	ScriptElement	96 kB	2024-12-02	2024-12-03
URL acscdn.com/script/suv5.js IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-03 Times Seen 5 Size 96 kB (95632 bytes) MD5 3b35974161b49cfc67d59a3a9535a715 SHA1 7b3e61db4e177b58478b6659556219d388d9fb88 SHA256 49797db633c7937f49b094c32b56583692f22107b55d132c4c69f896f2ab5fd8 Format Code Loading...

	c.adsco.re/	ScriptElement	78 kB	2024-07-13	2024-12-22
URL c.adsco.re/ IP / ASN 104.17.166.186 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-07-13 Last Seen 2024-12-22 Times Seen 3086 Size 78 kB (78046 bytes) MD5 70e681d122073a9bc3f704fb0f96a82d SHA1 5916b6dea0ea58b5807287ca1cd4faf9c9f3aae5 SHA256 73bfce45d382df02d75ef2ef688325cc973139931db445ee753c2af8a85f3965 Format Code Loading...

	xadsmart.com/pgwnzyujxzannsfs?NitsuDfL=BQMyAAAAAAAACZUAAoCITmgJfs3y-UbT7NWN7hDJI6_u0W-7sTjdQoSGeFVZuUk2dP2QrBRbQQR02nutmszSeZM1XMCgyvR171IGFRF9RkRLDkUh3qOSggCH81GNprSoisyNUcxSQACX7TcFeMdh2xNRENwXejZHl5irk6TaQ4NYa072IbkyjPj1sGTwsCA_jnlIoOZWdK9CACTbUc2B5XXmqAV21koNEFSgTE7BGBUpycDqYNqm3ZuV9LWfYHAUFWF-Aa2OmPJYEkwK7hGZtqyx5UfGWbtqAubS2MtjFBsQKOQkk1XVp__Th8-J_AfbA7grRpStSbotcCMswLB0x5QHJivzqS6H5z7rcyFYXxk40Xrx0RuzFNW7AS-lY1p6eCZvG4qD23Hca7ShiJVhm_I7QVTeS90ZYps4H93TLqGOxklDYd5iImcwQ79RfnjWiyNjqKCak-9qxqDVRzfnDuoPa_du4cdBD_m6Xl9tFe73nvqXhJCSjtfS69syH531GYrt4Ne-x5yb-VapFMa9qrdeOOQ2DEwIUQEJPm1YaxwomzrutGEKOLJyUCqlSwQpLFQlB5iOAZoXPOIzuJxITF_LTmJt5KDu0Iq9rsorbLEaxm2LTDvek3UrYUbTcA9CkHrscjR3dHycIDJLvhuwpF-U0HQjJhbloAL7oxdWfXIkbQrSq3liqAjLITh1tURx30oDGQtUrhiNiWtHgV9NjzhBuqxPlAVhMaRisdHgBIqqluBRRdhk4REO0J7WaXu_48jA7nD21jMQlz5vVzFaRr21tU3MBQwsHQH7_uCIVhPhJAT8G01_RGJio8Sh5ac65q6zE7C3aqG2KK9qupKdCWdk-3TtcMQgRLIAhXXlWIiAdMFpj_1hpJywNr-YNXgu7Y03iwpXEl7A3OckYl1CD0ajq2pbtR2K7HNzE-wqpK_Ap88HUsoWVBfIVdB5kYRRGuj4DPuRxwJLKBvpY9Pv9mJrmkQSlJJ1J_W2fCJSf7aC8XzEktHMmiSz7LsnkFOLA1XtUcuDfZenWn0CCUG6ni20Px7Fpox1Kbiq1bQB-fTixHAINOZreT5VEKuuqeKoTQB8chjabNK-f_ZfSg&vgZmHDhJ=4&FuKhngEq=5106651&caAblHBr=&FsvuGVUt=0,0&yjAfmFwx=&LBDeovkY=https%3A%2F%2Ffootyroom.top%2F&s=1280,1024,1,1280,1024,1	ScriptElement	44 B	2023-03-07	2025-08-06
URL xadsmart.com/pgwnzyujxzannsfs?NitsuDfL=BQMyAAAAAAAACZUAAoCITmgJfs3y-UbT7NWN7hDJI6_u0W-7sTjdQoSGeFVZuUk2dP2QrBRbQQR02nutmszSeZM1XMCgyvR171IGFRF9RkRLDkUh3qOSggCH81GNprSoisyNUcxSQACX7TcFeMdh2xNRENwXejZHl5irk6TaQ4NYa072IbkyjPj1sGTwsCA_jnlIoOZWdK9CACTbUc2B5XXmqAV21koNEFSgTE7BGBUpycDqYNqm3ZuV9LWfYHAUFWF-Aa2OmPJYEkwK7hGZtqyx5UfGWbtqAubS2MtjFBsQKOQkk1XVp__Th8-J_AfbA7grRpStSbotcCMswLB0x5QHJivzqS6H5z7rcyFYXxk40Xrx0RuzFNW7AS-lY1p6eCZvG4qD23Hca7ShiJVhm_I7QVTeS90ZYps4H93TLqGOxklDYd5iImcwQ79RfnjWiyNjqKCak-9qxqDVRzfnDuoPa_du4cdBD_m6Xl9tFe73nvqXhJCSjtfS69syH531GYrt4Ne-x5yb-VapFMa9qrdeOOQ2DEwIUQEJPm1YaxwomzrutGEKOLJyUCqlSwQpLFQlB5iOAZoXPOIzuJxITF_LTmJt5KDu0Iq9rsorbLEaxm2LTDvek3UrYUbTcA9CkHrscjR3dHycIDJLvhuwpF-U0HQjJhbloAL7oxdWfXIkbQrSq3liqAjLITh1tURx30oDGQtUrhiNiWtHgV9NjzhBuqxPlAVhMaRisdHgBIqqluBRRdhk4REO0J7WaXu_48jA7nD21jMQlz5vVzFaRr21tU3MBQwsHQH7_uCIVhPhJAT8G01_RGJio8Sh5ac65q6zE7C3aqG2KK9qupKdCWdk-3TtcMQgRLIAhXXlWIiAdMFpj_1hpJywNr-YNXgu7Y03iwpXEl7A3OckYl1CD0ajq2pbtR2K7HNzE-wqpK_Ap88HUsoWVBfIVdB5kYRRGuj4DPuRxwJLKBvpY9Pv9mJrmkQSlJJ1J_W2fCJSf7aC8XzEktHMmiSz7LsnkFOLA1XtUcuDfZenWn0CCUG6ni20Px7Fpox1Kbiq1bQB-fTixHAINOZreT5VEKuuqeKoTQB8chjabNK-f_ZfSg&vgZmHDhJ=4&FuKhngEq=5106651&caAblHBr=&FsvuGVUt=0,0&yjAfmFwx=&LBDeovkY=https%3A%2F%2Ffootyroom.top%2F&s=1280,1024,1,1280,1024,1 IP / ASN 104.153.197.251 #53334 TUT-AS Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 12125 Size 44 B (44 bytes) MD5 d5f0a25e4d3522d56d48ce7bc3e518fb SHA1 86794caff58f7fee6e684c2ba7195f970a8d6f4c SHA256 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Format Code Loading...

	unknown	ScriptElement	49 B	2024-05-15	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-15 Last Seen 2025-08-06 Times Seen 9336 Size 49 B (49 bytes) MD5 0ac7fe824fc01da2eae66c69cde47673 SHA1 12c7d2596939ad5d05162d227907c9bf707559b0 SHA256 c259f617c5131add5a2a6c588f31e278b6c9443eddfa2399888a0d786712f20c Format Code Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
URL recordedthereby.com/sfp.js IP / ASN 185.196.197.71 #39572 DataWeb Global Group B.V. Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-17 Last Seen 2025-01-21 Times Seen 13574 Size 85 kB (85378 bytes) MD5 7e3e44049654b6e244c1777e68ffb8e7 SHA1 8f2a8298666d607afd92a0baa362ef4dc9ccd039 SHA256 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Format Code Loading...

	cookiewebplay.xyz/premiumtv/daddylive.php?id=327	ScriptElement	2.8 kB	2024-11-30	2024-12-02
URL cookiewebplay.xyz/premiumtv/daddylive.php?id=327 IP / ASN 104.21.75.57 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-11-30 Last Seen 2024-12-02 Times Seen 7 Size 2.8 kB (2827 bytes) MD5 6f13076003e641627e62edac0435cf85 SHA1 7f62a06d85c28d4137a4fe63005dd45a142dbb40 SHA256 9d649bf6a7adf1ee577e9dd36e9015f02e00f7349dde0f5a26cdf210c1f41a55 Format Code Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-08-06
URL capaciousdrewreligion.com/advertisers.js IP / ASN 185.196.197.72 #39572 DataWeb Global Group B.V. Introduced by ScriptElement Embedded false Resource Info First Seen 0001-01-01 Last Seen 2025-08-06 Times Seen 5691094 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	424 B	2024-01-30	2025-07-20
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-01-30 Last Seen 2025-07-20 Times Seen 16 Size 424 B (424 bytes) MD5 987b13b2cbc9dfdc9879b4008673b10f SHA1 7aa71c8145c630a01aff5362ff32dd482ecd17e9 SHA256 fde0a8dee7ed4cb89ff47afee5233d1164cac820dd063df589042751a4e8ab2e Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	181 kB	2024-12-02	2024-12-02
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 181 kB (181069 bytes) MD5 4fc2363b9a1f15d3c569c67426b00358 SHA1 874bbb51460ce3393a761d0644b6bcf4fd787d1d SHA256 7b472dada56cfc1e0e2fd9d81e7850c4022cff16c4414fe0efa764d430adec9b Format Code Loading...

	unknown	Function	34 B	2023-04-11	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by Function Embedded false Resource Info First Seen 2023-04-11 Last Seen 2025-08-06 Times Seen 67794 Size 34 B (34 bytes) MD5 572cb94037fffc2a0a53b465972e15f1 SHA1 0d679b041a7c1ca45cc99e2d229fc2b86762838d SHA256 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Format Code Loading...

	unknown	EventHandler	11 B	2024-12-02	2024-12-02
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 11 B (11 bytes) MD5 074bb92159e5452d09ce6d4a07aafb03 SHA1 58606df4f09bc2a122d5e9a35f64a5a1eecfb237 SHA256 1373dcf8718f9ef632e1a07c532d7b7a85fa166d6ca6af4af6335c8a5273bc93 Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	78 B	2024-08-19	2025-08-06
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-08-19 Last Seen 2025-08-06 Times Seen 19 Size 78 B (78 bytes) MD5 4ee97f2871ba08bfb34478b418cd220d SHA1 3bd09f460a3c0bd442387716bc362e908fc20629 SHA256 81d2c836583d2893e7d98a6cf2c9f6a4861e87b4941186137d546b6a3494fc6f Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	157 B	2023-03-11	2025-08-03
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-11 Last Seen 2025-08-03 Times Seen 245 Size 157 B (157 bytes) MD5 60f1798bac26472658ff588720760829 SHA1 9929b26eeb812be15261ac5aee076e468bf4764f SHA256 acf1662d0ddc764da1a0a9ca8c14ce6d6a937aecef80b4b0e0426698a24b765d Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	5.6 kB	2024-05-24	2025-07-20
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-05-24 Last Seen 2025-07-20 Times Seen 19 Size 5.6 kB (5610 bytes) MD5 bdfc5d6bb9ae55a58c6a70d8250abf1a SHA1 d399239a0a47643c7453832b713d1dc9b85bd999 SHA256 49fd13de138a2386a1de2a3968f5dfac449a6fc3f6a6566a3c8511851e5a080d Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	8.5 kB	2023-07-23	2025-08-03
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-07-23 Last Seen 2025-08-03 Times Seen 191 Size 8.5 kB (8477 bytes) MD5 ff656e6bdffbea98da4df97ff7ae3d21 SHA1 f742e8d729409184fdaf152c2d2b670d6db7e9ec SHA256 9e6e95d6fa2ce522e900a6eb22ef91ae4fa930a9e39e2ca913742d48d0484b68 Format Code Loading...

	cookiewebplay.xyz/premiumtv/daddylive.php?id=327	ScriptElement	28 kB	2024-12-02	2024-12-02
URL cookiewebplay.xyz/premiumtv/daddylive.php?id=327 IP / ASN 104.21.75.57 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 28 kB (27963 bytes) MD5 bc6e799b281eb92521841d7f16975dde SHA1 304e509e77011d3bdd36c463cc73b4a5f61aaf71 SHA256 b17dc04e9fde0fb6a1e3c7ce19f418189605e0d5eb474639314b40d73950d37f Format Code Loading...

	unknown	ScriptElement	172 B	2024-12-02	2024-12-02
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 172 B (172 bytes) MD5 5bbd707b79dcb100b1d221e71c18009f SHA1 68bd5135a9f82423d467b16a9b6122630cde7512 SHA256 b0a2cd0fd9227a0ccf4abd7b8bcd69502ffd50b820a6dbc2a5db86144c5c3904 Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	990 B	2024-12-02	2024-12-02
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 990 B (990 bytes) MD5 adba9134cc17f43ff5c9ed6830339087 SHA1 5d4497eb2a6bb232bfd6f0f0023221aeafcbf557 SHA256 876c05a3188cbce4869438d4985f6a2b9ffc42fdaebb9c2aa61c72b4311a9d98 Format Code Loading...

	miztv.shop/tele/stream-327.php	ScriptElement	28 kB	2024-12-01	2024-12-21
URL miztv.shop/tele/stream-327.php IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-01 Last Seen 2024-12-21 Times Seen 6 Size 28 kB (28023 bytes) MD5 2239056e585c1e9f58587c0ae5018afa SHA1 778f2f99bbb349d27181cf2f561b0d131e968bb6 SHA256 d1a4a0410a646b092d9a6e931a9780ea2a4d6b616fa79f7339cdcc59a0508cba Format Code Loading...

	pp-lfekpkr.buzz/script/ut.js?cb=1733144677097	ScriptElement	66 kB	2024-12-02	2025-04-23
URL pp-lfekpkr.buzz/script/ut.js?cb=1733144677097 IP / ASN 172.67.143.195 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-02 Last Seen 2025-04-23 Times Seen 1612 Size 66 kB (66473 bytes) MD5 4afa2ac99f97331dc98263d49022a958 SHA1 60bb7c7c45ff14e8df86ef9e0b9a7a55a7d2baca SHA256 a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32 Format Code Loading...

	unknown	ScriptElement	49 B	2024-05-15	2025-08-06
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-05-15 Last Seen 2025-08-06 Times Seen 9398 Size 49 B (49 bytes) MD5 7d936f0d3e0535e2fa01aa05c9d1508f SHA1 d20537b105615348981de83acaa439e771f719de SHA256 ec4b3c7a9f6ffc2691c526ef4e11982138f47505bf1245a72284d5f2ea3a5139 Format Code Loading...

	footyroom.top/tv/albaplayer/stream-327/?serv=1/	ScriptElement	921 B	2024-12-02	2024-12-02
URL footyroom.top/tv/albaplayer/stream-327/?serv=1/ IP / ASN 188.114.96.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 921 B (921 bytes) MD5 34913abd69032127eff34ca7ce8e73b6 SHA1 f8ad6abfa205e21d9e5fa1407626adc4609daff4 SHA256 36b560ce074f4f45a4ac0c81d660a8614d9f38894c81250ff76187237dd9cdad Format Code Loading...

	unknown	EventHandler	11 B	2024-12-02	2024-12-02
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2024-12-02 Last Seen 2024-12-02 Times Seen 1 Size 11 B (11 bytes) MD5 fcdee98bf5844752985ae93d80e8447f SHA1 82c6a3afb02eaf0af3f67653c2e5c97c05386cbe SHA256 ebc4383c19c7e0469134835c3bb618934ee5919598df60e58c98504f0a319986 Format Code Loading...

HTTP Transactions (54)

URL IP Response Size

GET relentlessexpensive.com/6a/0c/24/6a0c242b85c67cc28b75da0dd8ff81e4.js

172.240.108.84

200 OK

35 kB

URL GET HTTPS

relentlessexpensive.com/6a/0c/24/6a0c242b85c67cc28b75da0dd8ff81e4.js

IP / ASN

172.240.108.84

#7979 SERVERS-COM

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size35 kB (35110 bytes)

MD5f1aeae66e3916cb5c52421f61f7e885c

SHA18785be49b061ae4af115774a4dbaa438e01e6d09

SHA256704f791fd019e7090986f2a7b9c5b068b68a31a94cd09647bcf91bd294cd56df

Certificate Info

IssuerLet's Encrypt

Subject*.relentlessexpensive.com

Fingerprint70:E2:18:28:18:4C:C6:DC:D6:16:D2:E0:55:7F:6B:DC:15:F7:84:DD

ValidityFri, 04 Oct 2024 07:31:56 GMT - Thu, 02 Jan 2025 07:31:55 GMT

HTTP Headers

GET /6a/0c/24/6a0c242b85c67cc28b75da0dd8ff81e4.js HTTP/1.1
Host: relentlessexpensive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: relentlessexpensive.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7151cdf8f6c9d26efac741fcca88d9dc
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET daddylivehd1.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.205.201

302 Found

0 B

URL GET HTTPS

daddylivehd1.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Mon, 02 Dec 2024 13:04:34 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRBuCh8BkX0WOSkgROaAVCkSw4hgrSfvcZJStYjDJQHetnLxrNfd5zo%2FAwZfIxfM67k%2BhGYkR2oh5%2FIJH7npxSL%2FngwlSdRK5GI3o4awttNNKVdt04%2FOGbWub7fkAVjBPT9p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb86087eafb4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21259&min_rtt=17751&rtt_var=9162&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=1482&delivery_rate=36165&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1306&x=1", cfHdrFlush;dur=0

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTPS

recordedthereby.com/sfp.js

IP / ASN

185.196.197.71

#39572 DataWeb Global Group B.V.

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

First Seen2024-05-17

Last Seen2025-01-21

Times Seen13574

Size85 kB (85378 bytes)

MD57e3e44049654b6e244c1777e68ffb8e7

SHA18f2a8298666d607afd92a0baa362ef4dc9ccd039

SHA2564acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Certificate Info

IssuerLet's Encrypt

Subjectrecordedthereby.com

FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76

ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:34 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d194d1d226d2ecca5d14b701a887d925
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET proftrafficcounter.com/stats

18.199.43.28

200 OK

40 B

URL GET HTTPS

proftrafficcounter.com/stats

IP / ASN

18.199.43.28

#16509 AMAZON-02

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size40 B (40 bytes)

MD5c40dba800d31ad092145fae1f8f68b30

SHA143a02102820b2bcc292d722b5a54f3711047d3e6

SHA25605279312d5b687abbe8870c4f0e44a17927807467c59497d0da6d114fd8bb8ba

Certificate Info

IssuerAmazon

Subjectproftrafficcounter.com

Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40

ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylivehd1.top
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daddylivehd1.top
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a3eafed2-09bd-4b91-87a5-8f54c14afaae:2:1; expires=Thu, 30 Nov 2034 13:04:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

POST daddylivehd1.top/cdn-cgi/challenge-platform/h/b/jsd/r/8ebb85ff5af256b9

172.67.205.201

200 OK

0 B

URL POST HTTPS

daddylivehd1.top/cdn-cgi/challenge-platform/h/b/jsd/r/8ebb85ff5af256b9

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8ebb85ff5af256b9 HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12174
Origin: https://daddylivehd1.top
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/live/stream-327.php
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.daddylivehd1.top; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=T3nnhj282rY6apovTrVeGhJb7VGIdon7.LMcFk_wShA-1733144674-1.2.1.1-jV.FzWh2JsePgB7X50gClCfG16quyxaTSZ4m58icM.Z8opEfz_tnIp6A7u_lfcXZYKXRD_bA.Xq2cC_X9sZldh0noAhF33qz2lfHCylm4_l4NbbAnC9FJRfqB8NZKt_zTMxSV1pAaCgFPuDgpwg85Hrhhxw090IIvidR7EaEIVbaf5xMK9Omx2G2ey687_8X654jW1JiMYVK8Bf0tRNYBCJgtV.fSwo1q3ovi5HNamJfKfL.TOUfZ2fKhhmQSXyM7YTpg_xU5COxUPQMHkNFnnstFxl_JtX013jwJBb533ZiljLM1uPmxNbQppBroCaTlkf65pdrcZau1UHfkriUwA; Path=/; Expires=Tue, 02-Dec-25 13:04:34 GMT; Domain=.daddylivehd1.top; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9LKhcyAIYsbeHdAQNFy4sFWJs8wA7kANEQwmD7p1qnodh2z0Udy%2Fs0fatfFdmVV70jZJ7TBB92WwFe25czHBerfT9jmMzhwc%2FI0zUZvky6ye51LarSckCSFraTWfm%2FfZEkh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb860a39a9b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22171&min_rtt=17751&rtt_var=6976&sent=29&recv=21&lost=0&retrans=0&sent_bytes=11784&recv_bytes=15103&delivery_rate=371770&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1594&x=1", cfHdrFlush;dur=0

GET tortoisesun.com/pixel/purst?dl=0&th=0&sc=0&rs=1467&rd=1467&fd=643&bv=24.11.6508&tmpl=70

172.240.127.234

200 OK

0 B

URL GET HTTPS

tortoisesun.com/pixel/purst?dl=0&th=0&sc=0&rs=1467&rd=1467&fd=643&bv=24.11.6508&tmpl=70

IP / ASN

172.240.127.234

#7979 SERVERS-COM

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjecttortoisesun.com

FingerprintC8:26:89:B4:3F:AA:1C:1D:65:78:79:67:CD:DB:EB:A1:96:A9:D1:B7

ValiditySun, 13 Oct 2024 11:06:09 GMT - Sat, 11 Jan 2025 11:06:08 GMT

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1467&rd=1467&fd=643&bv=24.11.6508&tmpl=70 HTTP/1.1
Host: tortoisesun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:34 GMT
Content-Length: 0
Connection: keep-alive
Host: tortoisesun.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET HTTPS

capaciousdrewreligion.com/advertisers.js

IP / ASN

185.196.197.72

#39572 DataWeb Global Group B.V.

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectcapaciousdrewreligion.com

FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80

ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:35 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e5366d0f416b9599e23b0dfff087d6e4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET daddylivehd1.top/favicon.ico

172.67.205.201

302 Found

1.1 kB

URL GET HTTPS

daddylivehd1.top/favicon.ico

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeRIFF (little-endian) data, Web/P image

First Seen2024-12-02

Last Seen2024-12-21

Times Seen3

Size1.1 kB (1064 bytes)

MD5fb69582cac11462ae4905af82a0e0b11

SHA1e071ac6e593622a68296b32db608dac1b081fb5e

SHA256facba7c388a8d9d1329d112088f29c1b87af043ed3e03f1c3d50e0e00aa7d070

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/live/stream-327.php
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: text/html; charset=UTF-8
location: https://daddylivehd1.top/wp-content/uploads/2024/10/cropped-daddylive-32x32.webp
link: <https://daddylivehd1.top/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cache-control: max-age=14400
expires: Mon, 02 Dec 2024 13:04:35 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGphzDncpyTI7sWTE6ioYl9ARZrHZH3ZlHXqSojTpHzwCct65YrPk%2BRQF9jbNhzNr9HJcjPCMV57mFSie2E8FFqfajx1EpSU1h%2BldCs8dBVh2SyjKJqdbUjphsPHCND%2FbIhE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb860a39b8b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23751&min_rtt=17751&rtt_var=8392&sent=30&recv=22&lost=0&retrans=0&sent_bytes=12944&recv_bytes=15147&delivery_rate=21163&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1847&x=1", cfHdrFlush;dur=0

GET footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/css/style.css?v=11.1

188.114.96.1

200 OK

4.1 kB

URL GET HTTPS

footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/css/style.css?v=11.1

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typegzip compressed data, from Unix

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size4.1 kB (4127 bytes)

MD5ae20da398756d09166d5fbc459215c07

SHA198eadd29d460baa48285fefc92f7309c5c3f436e

SHA256e5728bb83e46467ade6ca7afedd98cd55feba3f7e12477b83f856055efdc8ded

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

GET /tv/wp-content/plugins/AlbaPlayer//assets/css/style.css?v=11.1 HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/tv/albaplayer/stream-327/?serv=1/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: text/css
last-modified: Sun, 08 Sep 2024 22:31:05 GMT
vary: Accept-Encoding
etag: W/"66de25a9-3377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: HIT
age: 291258
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Pi729rplNMJSeP7hZLkSlTe7Asqmlvw7TuDXWqMg2e1j1GxxVpsPj7txuJWbrzeVv4x4teYjPjEnkfhQFz%2FXov26XhZHGfjkKTWdXWeNjaMBC%2Fz6MrmOP0BQGrJ%2Fey2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb860f69a6b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19931&min_rtt=18200&rtt_var=8061&sent=19&recv=7&lost=0&retrans=0&sent_bytes=12253&recv_bytes=1443&delivery_rate=35273&cwnd=12000&unsent_bytes=0&cid=b027ecb4f130a161&ts=170&x=1", cfExtPri, cfHdrFlush;dur=0

GET relentlessexpensive.com/3b/47/63/3b4763046974f9160ef113707c7ca5f7.js

172.240.108.84

200 OK

35 kB

URL GET HTTPS

relentlessexpensive.com/3b/47/63/3b4763046974f9160ef113707c7ca5f7.js

IP / ASN

172.240.108.84

#7979 SERVERS-COM

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size35 kB (35103 bytes)

MD5a94b0a5315a34736d9845db37e9ce331

SHA16eca248162f83317885429d89744aced53f99e76

SHA2563d41b0abd7f1ba337ee2115ad27110c048998c9a7828efc8af0b9e42885bd540

Certificate Info

IssuerLet's Encrypt

Subject*.relentlessexpensive.com

Fingerprint70:E2:18:28:18:4C:C6:DC:D6:16:D2:E0:55:7F:6B:DC:15:F7:84:DD

ValidityFri, 04 Oct 2024 07:31:56 GMT - Thu, 02 Jan 2025 07:31:55 GMT

HTTP Headers

GET /3b/47/63/3b4763046974f9160ef113707c7ca5f7.js HTTP/1.1
Host: relentlessexpensive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: relentlessexpensive.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0c66c046265491a01483ded647db194a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTPS

recordedthereby.com/sfp.js

IP / ASN

185.196.197.71

#39572 DataWeb Global Group B.V.

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

First Seen2024-05-17

Last Seen2025-01-21

Times Seen13574

Size85 kB (85378 bytes)

MD57e3e44049654b6e244c1777e68ffb8e7

SHA18f2a8298666d607afd92a0baa362ef4dc9ccd039

SHA2564acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Certificate Info

IssuerLet's Encrypt

Subjectrecordedthereby.com

FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76

ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:35 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 72f970e5d81ed6e9dc2beccac81e38f8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET wedruftod.net/tag.min.js

139.45.197.245

200 OK

27 kB

URL GET HTTPS

wedruftod.net/tag.min.js

IP / ASN

139.45.197.245

#9002 RETN Limited

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen3

Size27 kB (27261 bytes)

MD50fbb791355ac62f078d8d8f1fb39e6df

SHA1098a1e7f69a1c9bbb8ba94b9bbc0c8cb36957f6b

SHA2560eb77b95c8b04b39a236a427a8049f712444092476e3a6e8d0defd898d1b8d2d

Certificate Info

IssuerLet's Encrypt

Subjectwedruftod.net

FingerprintE4:B7:54:83:08:EA:30:56:4C:6C:D9:93:5C:FD:C0:E4:CE:AB:FA:E3

ValidityTue, 05 Nov 2024 05:14:16 GMT - Mon, 03 Feb 2025 05:14:15 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: wedruftod.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 13:04:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 27261
content-encoding: br
x-trace-id: d8d0c4985022e76a5d5ce142ca075268
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 02 Dec 2024 09:45:22 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET daddylivehd1.top/stream/stream-327.php

172.67.205.201

200 OK

8.6 kB

URL GET HTTPS

daddylivehd1.top/stream/stream-327.php

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeHTML document, ASCII text, with very long lines (1424), with CR, LF line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size8.6 kB (8584 bytes)

MD5bf0259ab70518fc3501b3025e97b9ffa

SHA13a3b0f806fff93b724760b94091137f1e704d50f

SHA256c79002327355e1b013b3a47ee048c8f043b41211fb4a62be4413f194ff293baa

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /stream/stream-327.php HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/live/stream-327.php
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
expires: Mon, 02 Dec 2024 13:04:34 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Dec 2024 13:04:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jviuEK0nXl2yO%2Bcrj6l%2FCrPE7wv4%2FiW5rw2iyVNPq5JQ81kVpy9oYQ%2FMrOD6PkMaMkj7EGfjPjHlTJseUjYHYSaBZjiwMqUEKkh03x6tAwei%2FRfXLqL%2F4eetSLVNIxQP0OaF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb86080e18b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="MISS", cfL4;desc="?proto=QUIC&rtt=21674&min_rtt=17751&rtt_var=7701&sent=19&recv=9&lost=0&retrans=0&sent_bytes=9841&recv_bytes=1824&delivery_rate=589&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1371&x=1", cfHdrFlush;dur=0

GET footyroom.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.96.1

302 Found

0 B

URL GET HTTPS

footyroom.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Mon, 02 Dec 2024 13:04:36 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wJKePY%2BGPVjU6Kp4O%2Ft10nqKlYS50q8LXkG7vW6dsG7DiP%2B1RsdNte7ifnEUEwbq9xwuMhAXwgOKuZMGokY3fxWrnKNmC%2BEW4B4ZdRQzdrKgKDdLkuno8KuM3g8lCRD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb86122decb51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21594&min_rtt=18200&rtt_var=6418&sent=26&recv=12&lost=0&retrans=0&sent_bytes=16825&recv_bytes=2092&delivery_rate=34182&cwnd=19200&unsent_bytes=0&cid=b027ecb4f130a161&ts=581&x=1", cfExtPri, cfHdrFlush;dur=0

GET acscdn.com/script/aclib.js

188.114.96.1

200 OK

75 kB

URL GET HTTPS

acscdn.com/script/aclib.js

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators

First Seen2024-12-02

Last Seen2024-12-03

Times Seen5

Size75 kB (74588 bytes)

MD514662eb67bb3aed4331904e559c15328

SHA113abc93cf1ccff4ed582f07bf0d00f076f77c8f9

SHA25655018e943ba41fe9364dd22668344455706c38bf75149bb60c2eed26e329830e

Certificate Info

IssuerGoogle Trust Services

Subjectacscdn.com

Fingerprint1D:5D:A9:04:98:51:30:F6:0C:4B:D5:F0:8B:D0:33:51:4A:54:74:27

ValidityMon, 21 Oct 2024 19:21:20 GMT - Sun, 19 Jan 2025 19:21:19 GMT

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: text/javascript
expires: Mon, 02 Dec 2024 14:03:36 GMT
cache-control: public, max-age=3600
last-modified: Mon, 02 Dec 2024 08:13:03 GMT
etag: W/"14662eb67bb3aed4331904e559c15328"
x-goog-generation: 1733127183553316
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 134490
x-goog-hash: crc32c=d5j2Hw==, md5=FGYutnuzrtQzGQTlWcFTKA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC5c8nTDDE8MexQb3d6LobFCPFfw_ZzazdQBZ0sIDKrz54z2IAt3-UXH1EhrN84_NrZnN8pLkFny8w
cf-cache-status: HIT
age: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubFlmgUMudiMdDQ7VyKE41aW8yCEUUATAQWDXD6jrdzkQ1kqZccJH0tgCu5uDDU4Xm5%2F55aVK9h5uEYMiu6zUAQ12en4DR7EVpg5xthLjJq89TpZA0Fjc7jk94Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb86102cf60b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16559&min_rtt=16438&rtt_var=2055&sent=6&recv=12&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1056&delivery_rate=260634&cwnd=254&unsent_bytes=0&cid=1f3dd9266954a91f&ts=80&x=0"
X-Firefox-Spdy: h2

GET treatedscale.com/pixel/purst?dl=0&th=0&sc=0&rs=899&rd=899&fd=111&bv=24.11.6508&tmpl=70

172.240.108.84

200 OK

0 B

URL GET HTTPS

treatedscale.com/pixel/purst?dl=0&th=0&sc=0&rs=899&rd=899&fd=111&bv=24.11.6508&tmpl=70

IP / ASN

172.240.108.84

#7979 SERVERS-COM

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjecttreatedscale.com

Fingerprint96:76:0D:98:C3:34:14:09:A7:52:EF:46:3C:82:DC:B0:91:5D:30:51

ValiditySun, 13 Oct 2024 11:08:23 GMT - Sat, 11 Jan 2025 11:08:22 GMT

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=899&rd=899&fd=111&bv=24.11.6508&tmpl=70 HTTP/1.1
Host: treatedscale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 02 Dec 2024 13:04:36 GMT
Content-Length: 0
Connection: keep-alive
Host: treatedscale.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET acscdn.com/script/ut.js?cb=1733144676249

188.114.96.1

200 OK

51 kB

URL GET HTTPS

acscdn.com/script/ut.js?cb=1733144676249

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators

First Seen2024-12-02

Last Seen2025-04-23

Times Seen1612

Size51 kB (51018 bytes)

MD54afa2ac99f97331dc98263d49022a958

SHA160bb7c7c45ff14e8df86ef9e0b9a7a55a7d2baca

SHA256a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Certificate Info

IssuerGoogle Trust Services

Subjectacscdn.com

Fingerprint1D:5D:A9:04:98:51:30:F6:0C:4B:D5:F0:8B:D0:33:51:4A:54:74:27

ValidityMon, 21 Oct 2024 19:21:20 GMT - Sun, 19 Jan 2025 19:21:19 GMT

HTTP Headers

GET /script/ut.js?cb=1733144676249 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:36 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC4thkOHdAh4Bzc2rjgWZMoGxVgCdH0Wyo1B0H-ATOK6eFTGeQouMG7TDk5UMnRdWf_chzQ
expires: Mon, 02 Dec 2024 12:30:13 GMT
cache-control: public, max-age=3600
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
age: 3028
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7k5d3Qdgz9QLJWesRGC5ZlsYehh90UD1N7SA%2Bly37YcU4u6ku8b4EohfMHbRDkXGsNZtCQwBu%2BDZQUy8ZwJeWeoPaWbxVwnRAtlW9imLrPOn7ohhb5j7mBnYmtZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb86129975b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22415&min_rtt=17971&rtt_var=8292&sent=41&recv=9&lost=0&retrans=0&sent_bytes=38224&recv_bytes=1383&delivery_rate=1219981&cwnd=24000&unsent_bytes=0&cid=2acffb2ac7944063&ts=371&x=1", cfHdrFlush;dur=0

GET code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTPS

code.jquery.com/jquery-3.6.0.min.js

IP / ASN

151.101.2.137

#54113 FASTLY

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65447)

First Seen2023-03-07

Last Seen2025-08-06

Times Seen266700

Size31 kB (30875 bytes)

MD58fb8fee4fcc3cc86ff6c724154c49c42

SHA1b82d238d4e31fdf618bae8ac11a6c812c03dd0d4

SHA256ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5

ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 02 Dec 2024 13:04:37 GMT
age: 1667967
x-served-by: cache-lga21931-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 247926
x-timer: S1733144677.463425,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg

185.15.59.240

200 OK

328 B

URL GET HTTPS

upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg

IP / ASN

185.15.59.240

#14907 WIKIMEDIA

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2024-06-21

Last Seen2025-08-03

Times Seen257

Size328 B (328 bytes)

MD51e965f9ca6bac55c4bfece8dabe6fa47

SHA1ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab

SHA25670e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9

Certificate Info

IssuerDigiCert Inc

Subject*.wikipedia.org

Fingerprint0B:3A:AB:D4:5E:55:A4:08:2B:F7:C1:DA:63:37:75:F1:EB:04:6E:A5

ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

HTTP Headers

GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Dec 2024 20:18:17 GMT
server: ATS/9.2.6
etag: W/1e965f9ca6bac55c4bfece8dabe6fa47
content-type: image/svg+xml
x-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j
last-modified: Wed, 28 Aug 2019 18:11:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 60380
x-cache: cp3078 hit, cp3078 hit/12189
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
content-length: 328
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

104.18.186.31

200 OK

145 kB

URL GET HTTPS

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

IP / ASN

104.18.186.31

#13335 CLOUDFLARENET

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2023-03-07

Last Seen2025-08-05

Times Seen1128

Size145 kB (145133 bytes)

MD5f55c6c796275a41ce7d97bd160e648ff

SHA1936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89

SHA256db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Certificate Info

IssuerSectigo Limited

Subject*.jsdelivr.net

Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE

ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 145133
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
x-served-by: cache-fra-eddf8230067-FRA, cache-lga21958-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34370
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GX3smeB1H%2Fk%2FbBymBPcNtQAJCQyrQ3XoqhoefQ27NKmEuNaHg6IBPANZ4u4ufLhK7GKnod3pGqHjKNON2qFBE4%2B91cEe%2B1ow%2B%2Fqk5%2FIgbCrWabxBpHb00CFNBgiFSZg0fj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb861a3c4756c7-OSL
X-Firefox-Spdy: h2

GET miztv.shop/tele/stream-327.php

188.114.96.1

200 OK

0 B

URL GET HTTPS

miztv.shop/tele/stream-327.php

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectmiztv.shop

Fingerprint78:DB:F6:53:C2:31:F6:7D:0D:0A:FB:7A:64:CA:37:93:FB:45:FA:39

ValidityFri, 11 Oct 2024 03:54:03 GMT - Thu, 09 Jan 2025 03:54:02 GMT

HTTP Headers

HEAD /tele/stream-327.php HTTP/1.1
Host: miztv.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/tele/stream-327.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIFROTblEKyN%2FX2vY%2F9AX28siwm5eDBA3h8XAEubKeEH3Cx5KMBX0pnzkxJh%2BJIFa0qOeNese8jAbIM%2FutdDOngnZWAeEBejajFuYfFUCIkmjAHfEFXdVbKWwHaW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb86179e415697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21123&min_rtt=17862&rtt_var=9027&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4039&recv_bytes=1070&delivery_rate=33254&cwnd=12000&unsent_bytes=0&cid=2dbc2e5236b771cc&ts=808&x=1", cfExtPri, cfHdrFlush;dur=0

GET cookiewebplay.xyz/premiumtv/daddylive.php?id=327

104.21.75.57

200 OK

0 B

URL GET HTTPS

cookiewebplay.xyz/premiumtv/daddylive.php?id=327

IP / ASN

104.21.75.57

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectcookiewebplay.xyz

Fingerprint54:1D:2C:07:01:AF:6E:E6:AC:C6:B9:03:83:21:68:FD:98:1D:CE:B4

ValiditySun, 06 Oct 2024 08:54:17 GMT - Sat, 04 Jan 2025 08:54:16 GMT

HTTP Headers

HEAD /premiumtv/daddylive.php?id=327 HTTP/1.1
Host: cookiewebplay.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/premiumtv/daddylive.php?id=327
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
videocdn: HIT
videocdnx: NO
node: PHP
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eW3f99Br2Ds73zh9jPGQLP999adELJ08qTG%2BG%2Bg80HqRYkayUAf3Mkw6lx%2BTxV5GZtPAoqna%2BGhv7DxNnFRjelkf6wL3n9U4%2FhUiKKcbQmic97Ag4udW3byhjcjDwn1YwdXWxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb8619fe1f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21745&min_rtt=18200&rtt_var=7212&sent=37&recv=9&lost=0&retrans=0&sent_bytes=34021&recv_bytes=1461&delivery_rate=929762&cwnd=24000&unsent_bytes=0&cid=34c78b8b072313cf&ts=344&x=1", cfHdrFlush;dur=0

GET pp-lfekpkr.buzz/script/ut.js?cb=1733144677097

172.67.143.195

200 OK

24 kB

URL GET HTTPS

pp-lfekpkr.buzz/script/ut.js?cb=1733144677097

IP / ASN

172.67.143.195

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators

First Seen2024-12-02

Last Seen2025-04-23

Times Seen1612

Size24 kB (24261 bytes)

MD54afa2ac99f97331dc98263d49022a958

SHA160bb7c7c45ff14e8df86ef9e0b9a7a55a7d2baca

SHA256a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Certificate Info

IssuerGoogle Trust Services

Subjectpp-lfekpkr.buzz

Fingerprint14:8B:06:CA:C2:A6:32:D9:6C:32:5C:87:6C:6B:22:1A:66:58:A5:AC

ValiditySat, 30 Nov 2024 10:36:10 GMT - Fri, 28 Feb 2025 10:36:09 GMT

HTTP Headers

GET /script/ut.js?cb=1733144677097 HTTP/1.1
Host: pp-lfekpkr.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC4LI-hgS4TI-WDQB_SGgp7g4u37gRVCjyHUu36MQRmml8dT_fwJjdv27dqh3fHsnqJypIaJ4xtHvQ
expires: Mon, 02 Dec 2024 13:30:52 GMT
cache-control: public, max-age=14400
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
age: 1483
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJBQ33UXpV6Te4nP4nfbMRG5xgPZLE9ts4XOjg4WtUeVgm%2BBkcZI0IUk75xD0U4s%2BLFAqAFNDiaYAovqz0KK8PEF6PKr%2FSfbQ6IgggHRTmBRUlmjBTFdxGHqMMUKZf4QDpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb8618ac2b56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17192&min_rtt=16636&rtt_var=3120&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3281&recv_bytes=1197&delivery_rate=260556&cwnd=253&unsent_bytes=0&cid=a980847b715e0ad5&ts=60&x=0"
X-Firefox-Spdy: h2

GET kizohilsoa.net/tag.min.js

139.45.197.243

200 OK

27 kB

URL GET HTTPS

kizohilsoa.net/tag.min.js

IP / ASN

139.45.197.243

#9002 RETN Limited

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen3

Size27 kB (27261 bytes)

MD50fbb791355ac62f078d8d8f1fb39e6df

SHA1098a1e7f69a1c9bbb8ba94b9bbc0c8cb36957f6b

SHA2560eb77b95c8b04b39a236a427a8049f712444092476e3a6e8d0defd898d1b8d2d

Certificate Info

IssuerLet's Encrypt

Subjectkizohilsoa.net

Fingerprint4E:7F:2D:D6:4A:F9:58:66:0B:7D:9B:FD:F1:69:2D:F5:2C:8B:69:9A

ValidityWed, 23 Oct 2024 05:38:44 GMT - Tue, 21 Jan 2025 05:38:43 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: kizohilsoa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: text/javascript; charset=utf-8
content-length: 27261
content-encoding: br
x-trace-id: d878ab4580451f6df5782db4ac12a412
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 02 Dec 2024 09:45:22 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET 4.adsco.re/

162.252.214.5

200 OK

62 B

URL GET HTTPS

4.adsco.re/

IP / ASN

162.252.214.5

#53334 TUT-AS

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen15625

Size62 B (62 bytes)

MD55b41cb22f84f645a103acc7bfbf084ff

SHA1bac3967b26d5ec4a0d09a580714e8219796816bd

SHA256709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 02 Dec 2024 13:04:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://miztv.shop
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

GET 4.adsco.re:2087/

162.252.214.5

200 OK

62 B

URL GET HTTPS

4.adsco.re:2087/

IP / ASN

162.252.214.5

#53334 TUT-AS

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen15625

Size62 B (62 bytes)

MD55b41cb22f84f645a103acc7bfbf084ff

SHA1bac3967b26d5ec4a0d09a580714e8219796816bd

SHA256709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 02 Dec 2024 13:04:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://miztv.shop
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

GET 6.adsco.re:2087/

104.17.167.186

200 OK

45 B

URL GET HTTPS

6.adsco.re:2087/

IP / ASN

104.17.167.186

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen15625

Size45 B (45 bytes)

MD55b41cb22f84f645a103acc7bfbf084ff

SHA1bac3967b26d5ec4a0d09a580714e8219796816bd

SHA256709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://miztv.shop
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861e08e2b4f7-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2

GET 6.adsco.re/

104.17.167.186

200 OK

45 B

URL GET HTTPS

6.adsco.re/

IP / ASN

104.17.167.186

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen15625

Size45 B (45 bytes)

MD55b41cb22f84f645a103acc7bfbf084ff

SHA1bac3967b26d5ec4a0d09a580714e8219796816bd

SHA256709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://miztv.shop
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861e18ed56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST eqaztmxcha6p.l4.adsco.re/

185.200.118.62

200 OK

0 B

URL POST HTTPS

eqaztmxcha6p.l4.adsco.re/

IP / ASN

185.200.118.62

#9009 M247 Europe SRL

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subject*.l4.adsco.re

Fingerprint4D:AE:36:D9:F8:FA:CC:AB:F6:34:54:35:4E:1D:68:A6:4A:C9:FA:AA

ValidityTue, 19 Nov 2024 09:14:30 GMT - Mon, 17 Feb 2025 09:14:29 GMT

HTTP Headers

POST / HTTP/1.1
Host: eqaztmxcha6p.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 6.adsco.re/

104.17.166.186

200 OK

45 B

URL GET HTTPS

6.adsco.re/

IP / ASN

104.17.166.186

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-06

Times Seen15625

Size45 B (45 bytes)

MD55b41cb22f84f645a103acc7bfbf084ff

SHA1bac3967b26d5ec4a0d09a580714e8219796816bd

SHA256709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861ff8c31c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET c.adsco.re/

104.17.166.186

200 OK

30 kB

URL GET HTTPS

c.adsco.re/

IP / ASN

104.17.166.186

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (881)

First Seen2024-07-13

Last Seen2024-12-22

Times Seen214

Size30 kB (29781 bytes)

MD50ed9f2d3db1d3f83591d5796425768ae

SHA1349dd80a2b07b5e2563d405bfee49a54c5ac8f8e

SHA25665d20dc9dd242fffccdb61b77abd8894df27b66f10ddb178df2ea0dfe2b40003

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 02 Jan 2025 13:04:38 GMT
etag: W/"cOaB0SIHOpvD9wT7D5aoLQ=="
content-encoding: gzip
cf-cache-status: HIT
age: 561404
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861eaf051c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST eqaztmxcha6p.n4.adsco.re/

38.132.109.126

200 OK

0 B

URL POST HTTPS

eqaztmxcha6p.n4.adsco.re/

IP / ASN

38.132.109.126

#9009 M247 Europe SRL

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subject*.n4.adsco.re

FingerprintCA:A8:32:44:42:24:5D:95:22:A1:65:D6:DE:30:E8:2A:01:17:AE:8D

ValidityTue, 19 Nov 2024 09:14:09 GMT - Mon, 17 Feb 2025 09:14:08 GMT

HTTP Headers

POST / HTTP/1.1
Host: eqaztmxcha6p.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET daddylivehd1.top/live/stream-327.php

172.67.205.201

200 OK

7.4 kB

URL User Request GET HTTPS

daddylivehd1.top/live/stream-327.php

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with very long lines (1527), with CRLF, LF line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size7.4 kB (7369 bytes)

MD59bffa6a5f6ca5fefb20d4110626db3a7

SHA1b62193e19f4a6d0edaf530898273561c25ea2153

SHA2567eb34dab5fa207d1063956969760498a8fc20b9282dbd837805c1714a8800ad8

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /live/stream-327.php HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
expires: Mon, 02 Dec 2024 13:04:33 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Dec 2024 13:04:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5QPHGqlkQeEPIyCz4ddnQ4IEK5lZeBlyijhl%2Fl3OLs4iHeWri9%2FlypoHHvs69EdrVfv%2FY3i1aMuDKdcOPF%2F%2BsTC2gC61iSbJMRbnTRAh2qYyOlRRCh2iyV05hEr5tTmPkUn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ebb85ff5af256b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="MISS", cfL4;desc="?proto=TCP&rtt=21845&min_rtt=16495&rtt_var=12585&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3289&recv_bytes=1261&delivery_rate=260228&cwnd=254&unsent_bytes=0&cid=44938506ef899a05&ts=161&x=0"
X-Firefox-Spdy: h2

POST eqaztmxcha6p.s4.adsco.re/

185.200.116.60

200 OK

0 B

URL POST HTTPS

eqaztmxcha6p.s4.adsco.re/

IP / ASN

185.200.116.60

#9009 M247 Europe SRL

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subject*.s4.adsco.re

Fingerprint5B:26:FD:D5:2E:64:53:9F:6D:20:4F:04:72:4B:D4:1A:AF:59:28:19

ValidityTue, 19 Nov 2024 09:14:12 GMT - Mon, 17 Feb 2025 09:14:11 GMT

HTTP Headers

POST / HTTP/1.1
Host: eqaztmxcha6p.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:39 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=00812611b52e4f94e8fc8ce2711727f4

104.21.27.183

200 OK

66 B

URL GET HTTPS

my.rtmark.net/gid.js?userId=00812611b52e4f94e8fc8ce2711727f4

IP / ASN

104.21.27.183

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJSON text data

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size66 B (66 bytes)

MD5112da0089c8923fcc1172a2a955073ee

SHA11ccf548c99c91d259b61efd6a512b0bb1c302a92

SHA256df767c8fd4f5c8fbf349e4af1d4743f052d005495f00972baf644dc4c5452c9d

Certificate Info

IssuerGoogle Trust Services

Subjectmy.rtmark.net

Fingerprint8A:B7:CD:87:FA:39:07:A8:88:41:1C:9E:2D:0E:97:51:61:75:C1:34

ValidityWed, 06 Nov 2024 10:31:42 GMT - Tue, 04 Feb 2025 10:31:41 GMT

HTTP Headers

GET /gid.js?userId=00812611b52e4f94e8fc8ce2711727f4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:39 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://miztv.shop
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=00812611b52e4f94e8fc8ce2711727f4; expires=Tue, 02 Dec 2025 13:04:39 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iT87E0kSTP5UZmLHIKW%2FWGFMaE8PoohKLslRQkckRrNs0v2%2F%2FqUqwvTGnlCxhC9z5bm6nfIxFIbUY%2F6DzD9E6vMDLMytgLbdBujhQ7pRLB1JvyGHagn5hWPJ%2BhXmiLDs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb8626a8abb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17009&min_rtt=16558&rtt_var=3164&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1098&delivery_rate=261686&cwnd=254&unsent_bytes=0&cid=1d86a729404d6145&ts=103&x=0"
X-Firefox-Spdy: h2

GET xadsmart.com/pgwnzyujxzannsfs?NitsuDfL=BQMyAAAAAAAACZUAAoCITmgJfs3y-UbT7NWN7hDJI6_u0W-7sTjdQoSGeFVZuUk2dP2QrBRbQQR02nutmszSeZM1XMCgyvR171IGFRF9RkRLDkUh3qOSggCH81GNprSoisyNUcxSQACX7TcFeMdh2xNRENwXejZHl5irk6TaQ4NYa072IbkyjPj1sGTwsCA_jnlIoOZWdK9CACTbUc2B5XXmqAV21koNEFSgTE7BGBUpycDqYNqm3ZuV9LWfYHAUFWF-Aa2OmPJYEkwK7hGZtqyx5UfGWbtqAubS2MtjFBsQKOQkk1XVp__Th8-J_AfbA7grRpStSbotcCMswLB0x5QHJivzqS6H5z7rcyFYXxk40Xrx0RuzFNW7AS-lY1p6eCZvG4qD23Hca7ShiJVhm_I7QVTeS90ZYps4H93TLqGOxklDYd5iImcwQ79RfnjWiyNjqKCak-9qxqDVRzfnDuoPa_du4cdBD_m6Xl9tFe73nvqXhJCSjtfS69syH531GYrt4Ne-x5yb-VapFMa9qrdeOOQ2DEwIUQEJPm1YaxwomzrutGEKOLJyUCqlSwQpLFQlB5iOAZoXPOIzuJxITF_LTmJt5KDu0Iq9rsorbLEaxm2LTDvek3UrYUbTcA9CkHrscjR3dHycIDJLvhuwpF-U0HQjJhbloAL7oxdWfXIkbQrSq3liqAjLITh1tURx30oDGQtUrhiNiWtHgV9NjzhBuqxPlAVhMaRisdHgBIqqluBRRdhk4REO0J7WaXu_48jA7nD21jMQlz5vVzFaRr21tU3MBQwsHQH7_uCIVhPhJAT8G01_RGJio8Sh5ac65q6zE7C3aqG2KK9qupKdCWdk-3TtcMQgRLIAhXXlWIiAdMFpj_1hpJywNr-YNXgu7Y03iwpXEl7A3OckYl1CD0ajq2pbtR2K7HNzE-wqpK_Ap88HUsoWVBfIVdB5kYRRGuj4DPuRxwJLKBvpY9Pv9mJrmkQSlJJ1J_W2fCJSf7aC8XzEktHMmiSz7LsnkFOLA1XtUcuDfZenWn0CCUG6ni20Px7Fpox1Kbiq1bQB-fTixHAINOZreT5VEKuuqeKoTQB8chjabNK-f_ZfSg&vgZmHDhJ=4&FuKhngEq=5106651&caAblHBr=&FsvuGVUt=0,0&yjAfmFwx=&LBDeovkY=https%3A%2F%2Ffootyroom.top%2F&s=1280,1024,1,1280,1024,1

104.153.197.251

200 OK

44 B

URL GET HTTPS

xadsmart.com/pgwnzyujxzannsfs?NitsuDfL=BQMyAAAAAAAACZUAAoCITmgJfs3y-UbT7NWN7hDJI6_u0W-7sTjdQoSGeFVZuUk2dP2QrBRbQQR02nutmszSeZM1XMCgyvR171IGFRF9RkRLDkUh3qOSggCH81GNprSoisyNUcxSQACX7TcFeMdh2xNRENwXejZHl5irk6TaQ4NYa072IbkyjPj1sGTwsCA_jnlIoOZWdK9CACTbUc2B5XXmqAV21koNEFSgTE7BGBUpycDqYNqm3ZuV9LWfYHAUFWF-Aa2OmPJYEkwK7hGZtqyx5UfGWbtqAubS2MtjFBsQKOQkk1XVp__Th8-J_AfbA7grRpStSbotcCMswLB0x5QHJivzqS6H5z7rcyFYXxk40Xrx0RuzFNW7AS-lY1p6eCZvG4qD23Hca7ShiJVhm_I7QVTeS90ZYps4H93TLqGOxklDYd5iImcwQ79RfnjWiyNjqKCak-9qxqDVRzfnDuoPa_du4cdBD_m6Xl9tFe73nvqXhJCSjtfS69syH531GYrt4Ne-x5yb-VapFMa9qrdeOOQ2DEwIUQEJPm1YaxwomzrutGEKOLJyUCqlSwQpLFQlB5iOAZoXPOIzuJxITF_LTmJt5KDu0Iq9rsorbLEaxm2LTDvek3UrYUbTcA9CkHrscjR3dHycIDJLvhuwpF-U0HQjJhbloAL7oxdWfXIkbQrSq3liqAjLITh1tURx30oDGQtUrhiNiWtHgV9NjzhBuqxPlAVhMaRisdHgBIqqluBRRdhk4REO0J7WaXu_48jA7nD21jMQlz5vVzFaRr21tU3MBQwsHQH7_uCIVhPhJAT8G01_RGJio8Sh5ac65q6zE7C3aqG2KK9qupKdCWdk-3TtcMQgRLIAhXXlWIiAdMFpj_1hpJywNr-YNXgu7Y03iwpXEl7A3OckYl1CD0ajq2pbtR2K7HNzE-wqpK_Ap88HUsoWVBfIVdB5kYRRGuj4DPuRxwJLKBvpY9Pv9mJrmkQSlJJ1J_W2fCJSf7aC8XzEktHMmiSz7LsnkFOLA1XtUcuDfZenWn0CCUG6ni20Px7Fpox1Kbiq1bQB-fTixHAINOZreT5VEKuuqeKoTQB8chjabNK-f_ZfSg&vgZmHDhJ=4&FuKhngEq=5106651&caAblHBr=&FsvuGVUt=0,0&yjAfmFwx=&LBDeovkY=https%3A%2F%2Ffootyroom.top%2F&s=1280,1024,1,1280,1024,1

IP / ASN

104.153.197.251

#53334 TUT-AS

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-07

Last Seen2025-08-06

Times Seen12125

Size44 B (44 bytes)

MD5d5f0a25e4d3522d56d48ce7bc3e518fb

SHA186794caff58f7fee6e684c2ba7195f970a8d6f4c

SHA2569d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Certificate Info

IssuerSectigo Limited

Subjectxadsmart.com

Fingerprint93:C6:D1:45:9B:D8:08:5D:B9:EE:D2:6F:16:89:3B:34:E6:34:28:BC

ValidityWed, 11 Sep 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT

HTTP Headers

GET /pgwnzyujxzannsfs?NitsuDfL=BQMyAAAAAAAACZUAAoCITmgJfs3y-UbT7NWN7hDJI6_u0W-7sTjdQoSGeFVZuUk2dP2QrBRbQQR02nutmszSeZM1XMCgyvR171IGFRF9RkRLDkUh3qOSggCH81GNprSoisyNUcxSQACX7TcFeMdh2xNRENwXejZHl5irk6TaQ4NYa072IbkyjPj1sGTwsCA_jnlIoOZWdK9CACTbUc2B5XXmqAV21koNEFSgTE7BGBUpycDqYNqm3ZuV9LWfYHAUFWF-Aa2OmPJYEkwK7hGZtqyx5UfGWbtqAubS2MtjFBsQKOQkk1XVp__Th8-J_AfbA7grRpStSbotcCMswLB0x5QHJivzqS6H5z7rcyFYXxk40Xrx0RuzFNW7AS-lY1p6eCZvG4qD23Hca7ShiJVhm_I7QVTeS90ZYps4H93TLqGOxklDYd5iImcwQ79RfnjWiyNjqKCak-9qxqDVRzfnDuoPa_du4cdBD_m6Xl9tFe73nvqXhJCSjtfS69syH531GYrt4Ne-x5yb-VapFMa9qrdeOOQ2DEwIUQEJPm1YaxwomzrutGEKOLJyUCqlSwQpLFQlB5iOAZoXPOIzuJxITF_LTmJt5KDu0Iq9rsorbLEaxm2LTDvek3UrYUbTcA9CkHrscjR3dHycIDJLvhuwpF-U0HQjJhbloAL7oxdWfXIkbQrSq3liqAjLITh1tURx30oDGQtUrhiNiWtHgV9NjzhBuqxPlAVhMaRisdHgBIqqluBRRdhk4REO0J7WaXu_48jA7nD21jMQlz5vVzFaRr21tU3MBQwsHQH7_uCIVhPhJAT8G01_RGJio8Sh5ac65q6zE7C3aqG2KK9qupKdCWdk-3TtcMQgRLIAhXXlWIiAdMFpj_1hpJywNr-YNXgu7Y03iwpXEl7A3OckYl1CD0ajq2pbtR2K7HNzE-wqpK_Ap88HUsoWVBfIVdB5kYRRGuj4DPuRxwJLKBvpY9Pv9mJrmkQSlJJ1J_W2fCJSf7aC8XzEktHMmiSz7LsnkFOLA1XtUcuDfZenWn0CCUG6ni20Px7Fpox1Kbiq1bQB-fTixHAINOZreT5VEKuuqeKoTQB8chjabNK-f_ZfSg&vgZmHDhJ=4&FuKhngEq=5106651&caAblHBr=&FsvuGVUt=0,0&yjAfmFwx=&LBDeovkY=https%3A%2F%2Ffootyroom.top%2F&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Mon, 02 Dec 2024 13:04:39 GMT
X-Firefox-Spdy: h2

GET footyroom.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

188.114.96.1

200 OK

13 kB

URL GET HTTPS

footyroom.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (8746), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen3

Size13 kB (13192 bytes)

MD54360d5efbd5b638d2a5ab76edb5750a7

SHA12f1e2389c0f09f788a131089a71614f8ac00289d

SHA256a13a8e6ec24431165af2249c3bd16b481c6ae849ba144c1c5c431fb75e29017a

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js? HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:36 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHWf1FQ22UGVIJg7Z6CMwaHjuuFE96UbmnymoetbkV7pZ%2Bkg8OGMRTAI6lDqsrkdzWaUQV1U7oKWv4TAryY8BSTfQgiIKcUUMdh%2FwEOtg6JE2nPzy1AblebDPKcPHpwv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8ebb86129e88b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24112&min_rtt=18200&rtt_var=8378&sent=29&recv=15&lost=0&retrans=0&sent_bytes=18502&recv_bytes=2436&delivery_rate=8852&cwnd=19200&unsent_bytes=0&cid=b027ecb4f130a161&ts=655&x=1", cfExtPri, cfHdrFlush;dur=0

GET cookiewebplay.xyz/blast.js

104.21.75.57

200 OK

78 kB

URL GET HTTPS

cookiewebplay.xyz/blast.js

IP / ASN

104.21.75.57

#13335 CLOUDFLARENET

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2023-03-08

Last Seen2025-08-03

Times Seen663

Size78 kB (77888 bytes)

MD5091faec928970e76d37a3601c19fcf8a

SHA16441e8eebe90eb8d4a40e7c25440ff99caba3520

SHA256eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12

Certificate Info

IssuerGoogle Trust Services

Subjectcookiewebplay.xyz

Fingerprint54:1D:2C:07:01:AF:6E:E6:AC:C6:B9:03:83:21:68:FD:98:1D:CE:B4

ValiditySun, 06 Oct 2024 08:54:17 GMT - Sat, 04 Jan 2025 08:54:16 GMT

HTTP Headers

GET /blast.js HTTP/1.1
Host: cookiewebplay.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/premiumtv/daddylive.php?id=327
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 06:47:40 GMT
etag: W/"6710b30c-13040"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veGRdeglW7%2FYJTqbqY9ACLoAHgxUVxr8iFE%2FXnIU%2F5cGYTSAZGfDz8hBOcaI%2FGxErC5MzFCg8crefPNzqdJxiNFq2Jies8H8SmQQg17eHQ9lX8m7MY9M2033X15Fopmy5HM0Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb86197d6c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22662&min_rtt=18200&rtt_var=10012&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4058&recv_bytes=1095&delivery_rate=32636&cwnd=12000&unsent_bytes=0&cid=34c78b8b072313cf&ts=179&x=1", cfHdrFlush;dur=0

GET footyroom.top/tv/albaplayer/stream-327/?serv=1/

188.114.96.1

200 OK

38 kB

URL GET HTTPS

footyroom.top/tv/albaplayer/stream-327/?serv=1/

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/stream/stream-327.php

Resource Info

File typeHTML document, ASCII text, with very long lines (28501), with CRLF line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size38 kB (37993 bytes)

MD59ffa438f629fe227661401903f2f72f4

SHA1a680c2e75ab6a717a516d47a4631c7c5573f7df2

SHA2560dc4b90b611a985a3d78b3f3ebd351b71780d00f03b253cb558cf7a355f18358

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

GET /tv/albaplayer/stream-327/?serv=1/ HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://footyroom.top/tv/wp-json/>; rel="https://api.w.org/", <https://footyroom.top/tv/?p=144440>; rel=shortlink
set-cookie: pvc_visits[0]=1733231075b144440; expires=Tue, 03-Dec-2024 13:04:35 GMT; Max-Age=86400; path=/tv/; secure; SameSite=LAX
x-cache: HIT from Backend
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Od9McPckXIEI1fEmb9EaqESpFUfAtLNYwJJEqs1qMhCbP2Ih9SwQBdpOOKWGxQ3ecpXlgc7%2BY1CdeumNS2VGARbgM%2BYL7WtKv03x5g3U9iberZlNKJvS5RGOTlvYDY%2FH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb860d39a37130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16987&min_rtt=16751&rtt_var=2883&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1158&delivery_rate=259080&cwnd=254&unsent_bytes=0&cid=2e3c56f0b7296252&ts=227&x=0"
X-Firefox-Spdy: h2

GET waust.at/c.js

172.67.71.57

200 OK

13 kB

URL GET HTTPS

waust.at/c.js

IP / ASN

172.67.71.57

#13335 CLOUDFLARENET

Requested byhttps://cookiewebplay.xyz/premiumtv/daddylive.php?id=327

Resource Info

File typeJavaScript source, ASCII text, with very long lines (12997), with no line terminators

First Seen2023-03-08

Last Seen2025-04-19

Times Seen420

Size13 kB (12997 bytes)

MD545bfa6dedd6f7a9ce980b168e0350ad0

SHA182c6b381da9abd8cb3db22ba4868287fe4e976f1

SHA256856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Certificate Info

IssuerGoogle Trust Services

Subjectwaust.at

FingerprintBC:C9:3C:D0:15:1B:12:28:22:28:25:BF:E8:B9:52:A3:81:D9:D6:DB

ValidityMon, 28 Oct 2024 07:25:24 GMT - Sun, 26 Jan 2025 07:25:23 GMT

HTTP Headers

GET /c.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookiewebplay.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
etag: W/"63c04115-32c5"
expires: Tue, 03 Dec 2024 12:22:55 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2502
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzPiC113qe3jkgqrtiuHAJLKMXwIVWP9paL6JstYDXwQcTXW6kbyU%2F4Igp%2BZS3bXlkv1220%2BM7UUnfptkxtjdICTo1%2Fwc4AzUE3u1BHfVeXsh7wfYK38NOC%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861a3e2bb509-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=16762&min_rtt=16606&rtt_var=3659&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1020&delivery_rate=261340&cwnd=252&unsent_bytes=0&cid=d747d4e32dfa086e&ts=74&x=0"
X-Firefox-Spdy: h2

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTPS

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

IP / ASN

104.16.79.73

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (19948), with no line terminators

First Seen2024-06-07

Last Seen2025-08-06

Times Seen104878

Size20 kB (19948 bytes)

MD5ec18af6d41f6f278b6aed3bdabffa7bc

SHA162c9e2cab76b888829f3c5335e91c320b22329ae

SHA2568a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Certificate Info

IssuerGoogle Trust Services

Subjectcloudflareinsights.com

FingerprintA3:1D:4E:72:41:6A:D8:04:03:98:90:E7:8B:07:8D:A6:88:FE:B6:A3

ValidityFri, 01 Nov 2024 08:16:38 GMT - Thu, 30 Jan 2025 08:16:37 GMT

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daddylivehd1.top
DNT: 1
Connection: keep-alive
Referer: https://daddylivehd1.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:33 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb86045ece568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET aisorussooxacm.net/5/6712285/?oo=1&js_build=iclick-v1.1017.0&dmn=graigloapikraft.net&tt=2&ix=1

139.45.197.245

200 OK

4.0 kB

URL GET HTTPS

aisorussooxacm.net/5/6712285/?oo=1&js_build=iclick-v1.1017.0&dmn=graigloapikraft.net&tt=2&ix=1

IP / ASN

139.45.197.245

#9002 RETN Limited

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typetroff or preprocessor input, ASCII text, with very long lines (3968), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size4.0 kB (3964 bytes)

MD516008bed5c3a5c6e5cd8a0ba0ce63c9c

SHA12e857a451780740251c77637e50c416fe2a2bab3

SHA2566851827e844a82b63672652e977b3c7f7290bc502097a1af284ee73658e79fc8

Certificate Info

IssuerLet's Encrypt

Subjectaisorussooxacm.net

FingerprintFE:61:9C:F1:B9:03:C0:07:13:BC:D2:F2:B5:57:05:3C:37:EC:C7:85

ValiditySun, 17 Nov 2024 09:32:53 GMT - Sat, 15 Feb 2025 09:32:52 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6712285/?oo=1&js_build=iclick-v1.1017.0&dmn=graigloapikraft.net&tt=2&ix=1 HTTP/1.1
Host: aisorussooxacm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/json
x-trace-id: 8f7bbfec65476e741dbdad668e7b8a9c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://miztv.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00812611b52e4f94e8fc8ce2711727f4; expires=Tue, 02 Dec 2025 13:04:37 GMT; path=/; secure; SameSite=None
oaidts=1733144677; expires=Tue, 02 Dec 2025 13:04:37 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js

188.114.96.1

200 OK

17 kB

URL GET HTTPS

footyroom.top/tv/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeJavaScript source, ASCII text, with very long lines (17120), with no line terminators

First Seen2024-05-24

Last Seen2025-08-06

Times Seen30

Size17 kB (17120 bytes)

MD54edd87322f246f6c5c0b3d2fb0d204ae

SHA112e92acb11f80b8b409c8a24893a0907dbcbed78

SHA256587cee8a94747a6aae8d17ac1b5bb2823588ba299564aa894b5c1f3b28c1d573

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

GET /tv/wp-content/plugins/AlbaPlayer//assets/js/albaplayer.js HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/tv/albaplayer/stream-327/?serv=1/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: application/javascript
cache-control: max-age=315360000
cf-bgj: minify
etag: W/"66de25a9-42e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 08 Sep 2024 22:31:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3451501
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETefgXvs5LvHaiuXEqUyebxff70TOpPr8mk576oGfw%2BZlU32an2p%2FwLujyVHyZOWwx4bYw7led7z%2FucodULn9kCCC5415olGplcwu1nkXlqOqsuyh1FTAqSKlN1TzOso"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb860f79c6b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19931&min_rtt=18200&rtt_var=8061&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4121&recv_bytes=1443&delivery_rate=35273&cwnd=12000&unsent_bytes=0&cid=b027ecb4f130a161&ts=164&x=1", cfExtPri, cfHdrFlush;dur=0

GET c.adsco.re/

104.17.166.186

200 OK

78 kB

URL GET HTTPS

c.adsco.re/

IP / ASN

104.17.166.186

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (881)

First Seen2024-07-13

Last Seen2024-12-22

Times Seen3086

Size78 kB (78046 bytes)

MD570e681d122073a9bc3f704fb0f96a82d

SHA15916b6dea0ea58b5807287ca1cd4faf9c9f3aae5

SHA25673bfce45d382df02d75ef2ef688325cc973139931db445ee753c2af8a85f3965

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:38 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 02 Jan 2025 13:04:38 GMT
etag: W/"cOaB0SIHOpvD9wT7D5aoLQ=="
content-encoding: gzip
cf-cache-status: HIT
age: 561404
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb861eaf051c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET graigloapikraft.net/tag.min.js

139.45.197.243

200 OK

71 kB

URL GET HTTPS

graigloapikraft.net/tag.min.js

IP / ASN

139.45.197.243

#9002 RETN Limited

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen3

Size71 kB (71416 bytes)

MD50fbb791355ac62f078d8d8f1fb39e6df

SHA1098a1e7f69a1c9bbb8ba94b9bbc0c8cb36957f6b

SHA2560eb77b95c8b04b39a236a427a8049f712444092476e3a6e8d0defd898d1b8d2d

Certificate Info

IssuerLet's Encrypt

Subjectgraigloapikraft.net

FingerprintD6:F1:F7:B3:CD:75:2C:2B:51:65:3C:C6:5B:33:47:6C:41:3B:21:FA

ValidityThu, 10 Oct 2024 11:53:14 GMT - Wed, 08 Jan 2025 11:53:13 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: graigloapikraft.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: text/javascript; charset=utf-8
content-length: 27261
content-encoding: br
x-trace-id: a9663abeaf3d0c46436f2e4925cca29b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 02 Dec 2024 09:45:22 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET aisorussooxacm.net/?rb=RXVrGGaq3_R8o8bYF5Qxv0xnDDu3Z-_wS1GlKFXAlcOA9dSUVUncq1YCXWXIIzZLRdjfYPxPzO4u9JtMhg4nMjD0uPGkX2Bo78W8_KKwJT8UmR2ZoY8VRxvahYepZ31QLAMvlOuKs2GHTaW4g4fzGPvw8kwv2-cir5bAg44POh0AhoRpuSJgFTMGOtqVkHOwfiym3_FcXmZxywUeSndTVEMPuEUWhzPFo0L5Qd4hX1xkyf0h-qUtiOgL0ozXbTSjxSQAEIA_RiXD_jmOAOugKg%3D%3D&request_ab2=0&zoneid=6712285&js_build=iclick-v1.1017.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=634&wiw=1136&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1136&wfc=2&pl=https%3A%2F%2Fmiztv.shop%2Ftele%2Fstream-327.php&drf=https%3A%2F%2Ffootyroom.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1017.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=41245ddd-f562-46b6-bbd9-bd3e5ee2a063&wasm=1&userId=00812611b52e4f94e8fc8ce2711727f4&m=link

139.45.197.245

202 Accepted

0 B

URL GET HTTPS

aisorussooxacm.net/?rb=RXVrGGaq3_R8o8bYF5Qxv0xnDDu3Z-_wS1GlKFXAlcOA9dSUVUncq1YCXWXIIzZLRdjfYPxPzO4u9JtMhg4nMjD0uPGkX2Bo78W8_KKwJT8UmR2ZoY8VRxvahYepZ31QLAMvlOuKs2GHTaW4g4fzGPvw8kwv2-cir5bAg44POh0AhoRpuSJgFTMGOtqVkHOwfiym3_FcXmZxywUeSndTVEMPuEUWhzPFo0L5Qd4hX1xkyf0h-qUtiOgL0ozXbTSjxSQAEIA_RiXD_jmOAOugKg%3D%3D&request_ab2=0&zoneid=6712285&js_build=iclick-v1.1017.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=634&wiw=1136&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1136&wfc=2&pl=https%3A%2F%2Fmiztv.shop%2Ftele%2Fstream-327.php&drf=https%3A%2F%2Ffootyroom.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1017.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=41245ddd-f562-46b6-bbd9-bd3e5ee2a063&wasm=1&userId=00812611b52e4f94e8fc8ce2711727f4&m=link

IP / ASN

139.45.197.245

#9002 RETN Limited

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectaisorussooxacm.net

FingerprintFE:61:9C:F1:B9:03:C0:07:13:BC:D2:F2:B5:57:05:3C:37:EC:C7:85

ValiditySun, 17 Nov 2024 09:32:53 GMT - Sat, 15 Feb 2025 09:32:52 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=RXVrGGaq3_R8o8bYF5Qxv0xnDDu3Z-_wS1GlKFXAlcOA9dSUVUncq1YCXWXIIzZLRdjfYPxPzO4u9JtMhg4nMjD0uPGkX2Bo78W8_KKwJT8UmR2ZoY8VRxvahYepZ31QLAMvlOuKs2GHTaW4g4fzGPvw8kwv2-cir5bAg44POh0AhoRpuSJgFTMGOtqVkHOwfiym3_FcXmZxywUeSndTVEMPuEUWhzPFo0L5Qd4hX1xkyf0h-qUtiOgL0ozXbTSjxSQAEIA_RiXD_jmOAOugKg%3D%3D&request_ab2=0&zoneid=6712285&js_build=iclick-v1.1017.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=634&wiw=1136&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1136&wfc=2&pl=https%3A%2F%2Fmiztv.shop%2Ftele%2Fstream-327.php&drf=https%3A%2F%2Ffootyroom.top%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1017.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=41245ddd-f562-46b6-bbd9-bd3e5ee2a063&wasm=1&userId=00812611b52e4f94e8fc8ce2711727f4&m=link HTTP/1.1
Host: aisorussooxacm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miztv.shop/
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Cookie: OAID=00812611b52e4f94e8fc8ce2711727f4; oaidts=1733144677
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
server: nginx
date: Mon, 02 Dec 2024 13:04:39 GMT
content-length: 0
x-trace-id: f0f50536f3aaf539bb4f1a620b72f889
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://miztv.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
set-cookie: OAID=00812611b52e4f94e8fc8ce2711727f4; expires=Tue, 02 Dec 2025 13:04:39 GMT; path=/; secure; SameSite=None
oaidts=1733144679; expires=Tue, 02 Dec 2025 13:04:39 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 09 Dec 2024 13:04:39 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

GET daddylivehd1.top/wp-content/uploads/2024/10/cropped-daddylive-32x32.webp

172.67.205.201

200 OK

1.1 kB

URL GET HTTPS

daddylivehd1.top/wp-content/uploads/2024/10/cropped-daddylive-32x32.webp

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeRIFF (little-endian) data, Web/P image

First Seen2024-12-02

Last Seen2024-12-21

Times Seen3

Size1.1 kB (1064 bytes)

MD5fb69582cac11462ae4905af82a0e0b11

SHA1e071ac6e593622a68296b32db608dac1b081fb5e

SHA256facba7c388a8d9d1329d112088f29c1b87af043ed3e03f1c3d50e0e00aa7d070

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /wp-content/uploads/2024/10/cropped-daddylive-32x32.webp HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daddylivehd1.top/live/stream-327.php
DNT: 1
Connection: keep-alive
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0; cf_clearance=T3nnhj282rY6apovTrVeGhJb7VGIdon7.LMcFk_wShA-1733144674-1.2.1.1-jV.FzWh2JsePgB7X50gClCfG16quyxaTSZ4m58icM.Z8opEfz_tnIp6A7u_lfcXZYKXRD_bA.Xq2cC_X9sZldh0noAhF33qz2lfHCylm4_l4NbbAnC9FJRfqB8NZKt_zTMxSV1pAaCgFPuDgpwg85Hrhhxw090IIvidR7EaEIVbaf5xMK9Omx2G2ey687_8X654jW1JiMYVK8Bf0tRNYBCJgtV.fSwo1q3ovi5HNamJfKfL.TOUfZ2fKhhmQSXyM7YTpg_xU5COxUPQMHkNFnnstFxl_JtX013jwJBb533ZiljLM1uPmxNbQppBroCaTlkf65pdrcZau1UHfkriUwA; aUuid=a3eafed2-09bd-4b91-87a5-8f54c14afaae%3A2%3A1; pp_main_6a0c242b85c67cc28b75da0dd8ff81e4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: image/webp
content-length: 1064
last-modified: Fri, 18 Oct 2024 17:07:41 GMT
etag: "671295dd-428"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1531113
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLld0dBtQiHTelFt68XRG92b0qgoJtC%2BJaNze7VLOP%2FTogydAY2XYEeZ%2BXXW6AvIhNPUj4koLlnJjV4Nd%2FGn63z75dO%2BScIIRG3cSLW%2B2MeHzZnqQkP8idojh83nnvO57dba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb860c0cafb4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23751&min_rtt=17751&rtt_var=8392&sent=32&recv=23&lost=0&retrans=0&sent_bytes=13809&recv_bytes=15904&delivery_rate=21163&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1886&x=1", cfHdrFlush;dur=0

GET acscdn.com/script/suv5.js

188.114.96.1

200 OK

96 kB

URL GET HTTPS

acscdn.com/script/suv5.js

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size96 kB (95632 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectacscdn.com

Fingerprint1D:5D:A9:04:98:51:30:F6:0C:4B:D5:F0:8B:D0:33:51:4A:54:74:27

ValidityMon, 21 Oct 2024 19:21:20 GMT - Sun, 19 Jan 2025 19:21:19 GMT

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:35 GMT
content-type: text/javascript
x-goog-generation: 1733127669505947
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 95632
x-goog-hash: crc32c=ldNLKA==, md5=OzWXQWG0nPxn1Zo6lTWnFQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC6es6YWZg2qrTyCFa6MlWNDkQ3FmzykFne8lxJYPLWyXF_PR1w4X7mLa-ogTM7JW-7CNI78QscbDw
expires: Mon, 02 Dec 2024 12:56:05 GMT
cache-control: public, max-age=3600
last-modified: Mon, 02 Dec 2024 08:21:09 GMT
etag: W/"3b35974161b49cfc67d59a3a9535a715"
age: 823
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ujbeZP1VifRJq3SomNtfYMZK%2FdiV2BS8UfTE9fAkvdJi2YxviAVO%2BmWhW5AH60mISHZ3wqOkr%2FpLV90QugHzqLr%2F0il8DWK0amLviYntD8LF8ZdkdUpBYmfqrKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ebb8610ef35b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21876&min_rtt=17971&rtt_var=9528&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4035&recv_bytes=1050&delivery_rate=33051&cwnd=12000&unsent_bytes=0&cid=2acffb2ac7944063&ts=99&x=1", cfHdrFlush;dur=0

GET youradexchange.com/script/suurl5.php?r=6707202&cbur=0.1507385257255075&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Ffootyroom.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=pp-lfekpkr.buzz&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676929&srs=5b9eb905f995824f3ec8565a48efb48d&atv=56.1&abtg=1&adbv=3-cdn-js

104.21.91.188

200 OK

1.1 kB

URL GET HTTPS

youradexchange.com/script/suurl5.php?r=6707202&cbur=0.1507385257255075&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Ffootyroom.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=pp-lfekpkr.buzz&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676929&srs=5b9eb905f995824f3ec8565a48efb48d&atv=56.1&abtg=1&adbv=3-cdn-js

IP / ASN

104.21.91.188

#13335 CLOUDFLARENET

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typetroff or preprocessor input, ASCII text, with very long lines (1103), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size1.1 kB (1076 bytes)

MD531b706b1f4871d94fea26d1f231328c1

SHA157a5e61b1c8105f78d6474a95e949216f65032c2

SHA256a2d39de1407d28907275c18cc92c72ddc2a2220fdf218489357b07380d1924ed

Certificate Info

IssuerGoogle Trust Services

Subjectyouradexchange.com

Fingerprint03:7E:C0:10:42:5B:39:CE:2A:03:91:B7:74:65:C7:B0:C7:27:21:4B

ValidityTue, 08 Oct 2024 07:34:56 GMT - Mon, 06 Jan 2025 07:34:55 GMT

HTTP Headers

GET /script/suurl5.php?r=6707202&cbur=0.1507385257255075&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Ffootyroom.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=pp-lfekpkr.buzz&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676929&srs=5b9eb905f995824f3ec8565a48efb48d&atv=56.1&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miztv.shop/
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOfNYlhf7jayP%2BS9NFN3HH9cq5P9cKehhTCTYGdKHjKuBAPVmST8UohccTJ%2FcX82XAxSI0ADHBeIZaHNuqC1smftpwuhFRSKH49GID%2BaQ3%2FJOTEZYwhFrqgA0MFsHF2YSCiqhiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb8616dda9b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20332&min_rtt=16463&rtt_var=8500&sent=12&recv=15&lost=0&retrans=0&sent_bytes=4728&recv_bytes=1690&delivery_rate=262604&cwnd=257&unsent_bytes=0&cid=7f265812602d476d&ts=864&x=0"
X-Firefox-Spdy: h2

GET youradexchange.com/script/suurl5.php?r=8717698&cbur=0.7266510198368743&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Fdaddylivehd1.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676205&srs=4fad4d98b45b7e48df89128fc0df6d0c&atv=56.1

104.21.91.188

200 OK

943 B

URL GET HTTPS

youradexchange.com/script/suurl5.php?r=8717698&cbur=0.7266510198368743&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Fdaddylivehd1.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676205&srs=4fad4d98b45b7e48df89128fc0df6d0c&atv=56.1

IP / ASN

104.21.91.188

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typetroff or preprocessor input, ASCII text, with very long lines (970), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size943 B (943 bytes)

MD5641a48117d142aa23bd9329e12201874

SHA19cb25a5fe2cfbda7ec9dfed34396cac6849ad6a5

SHA25650cf64d8cb460dd0c804cb4d9f6a87f99e4e1eda0f18840fac23114dc0d80910

Certificate Info

IssuerGoogle Trust Services

Subjectyouradexchange.com

Fingerprint03:7E:C0:10:42:5B:39:CE:2A:03:91:B7:74:65:C7:B0:C7:27:21:4B

ValidityTue, 08 Oct 2024 07:34:56 GMT - Mon, 06 Jan 2025 07:34:55 GMT

HTTP Headers

GET /script/suurl5.php?r=8717698&cbur=0.7266510198368743&cbiframe=1&cbWidth=1136&cbHeight=634&cbtitle=&cbpage=https%3A%2F%2Fdaddylivehd1.top%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1733144676205&srs=4fad4d98b45b7e48df89128fc0df6d0c&atv=56.1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://footyroom.top/
Origin: https://footyroom.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:36 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRTQsKHN5Pa4skGnZ27KZzYFVxvFstxCCsXoBMAS%2F8Td2Rr717LJ9iFi6C16xeR6G0pMJe3WBa73bqWAuXLhBJiNE2Qjnas3X4vTjtEbIOKXE3FA29WqHSFT7iMIza0fwYSTsg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb8612ff1fb51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22232&min_rtt=16480&rtt_var=13373&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3216&recv_bytes=1322&delivery_rate=261639&cwnd=254&unsent_bytes=0&cid=7f265812602d476d&ts=231&x=0"
X-Firefox-Spdy: h2

POST adsco.re/p

162.252.214.5

200 OK

1.1 kB

URL POST HTTPS

adsco.re/p

IP / ASN

162.252.214.5

#53334 TUT-AS

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeASCII text, with very long lines (1106), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size1.1 kB (1106 bytes)

MD56ca96c66a0d78ba188b22c3222c4fcf0

SHA13514af17f59001aab761dd248104d1ed5bdb750d

SHA256956aa33b7cf6d88afea55261344fe97dfea2b964332760e5825e1f32d5f6a653

Certificate Info

IssuerSectigo Limited

Subject*.adsco.re

Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B

ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

HTTP Headers

POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2131
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 02 Dec 2024 13:04:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://miztv.shop
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

GET www.xadsmart.com/kbootstrap-year-calendar.min.css

185.76.9.11

200 OK

37 kB

URL GET HTTPS

www.xadsmart.com/kbootstrap-year-calendar.min.css

IP / ASN

185.76.9.11

#60068 Datacamp Limited

Requested byhttps://miztv.shop/tele/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1568)

First Seen2024-12-02

Last Seen2024-12-04

Times Seen2

Size37 kB (37168 bytes)

MD5af87b4352b1cbe3adc3a53cc3f6b447e

SHA145387c012cfda9daa62e2e55243724f961de37a5

SHA256b76c9c3dbab0257921d03b4b27204cd0a93c6ccc25271b79de923f5f1c43338b

Certificate Info

IssuerLet's Encrypt

Subject1376341044.rsc.cdn77.org

Fingerprint77:46:F7:4F:C5:2E:9B:F0:77:6B:95:4C:C4:01:12:FD:A7:69:5A:58

ValidityTue, 26 Nov 2024 18:50:17 GMT - Mon, 24 Feb 2025 18:50:16 GMT

HTTP Headers

GET /kbootstrap-year-calendar.min.css HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://miztv.shop
DNT: 1
Connection: keep-alive
Referer: https://miztv.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Dec 2024 13:04:37 GMT
content-type: application/x-javascript
popads-node: wb11
expires: Mon, 09 Dec 2024 09:15:47 GMT
access-control-allow-origin: https://miztv.shop
link: <https://xadsmart.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwgBuUwJCgFBDAG5TAoBAfcpMwAADAElE8IxAbd5AgAA
x-77-nzt-ray: e2f75420bf7bed0265b04d67c9757004
x-77-cache: HIT
x-77-age: 13097
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

GET daddylivehd1.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

172.67.205.201

200 OK

8.9 kB

URL GET HTTPS

daddylivehd1.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

IP / ASN

172.67.205.201

#13335 CLOUDFLARENET

Requested byhttps://daddylivehd1.top/live/stream-327.php

Resource Info

File typeJavaScript source, ASCII text, with very long lines (8868), with no line terminators

First Seen2024-12-02

Last Seen2024-12-02

Times Seen1

Size8.9 kB (8868 bytes)

MD58af4685b0b71ba4db82b63fd3bb2ab79

SHA1a48faeb25700acaf6a7a9d1a53132ebde76769f2

SHA256969348d042f0384df1a57698ed7b63d8653d00eaeabd2eeb5ae0172a893b64bf

Certificate Info

IssuerGoogle Trust Services

Subjectdaddylivehd1.top

Fingerprint1E:12:01:7A:F5:C7:10:BB:15:BD:78:D3:0C:AF:C8:90:71:EB:05:CB

ValidityFri, 18 Oct 2024 15:30:37 GMT - Thu, 16 Jan 2025 15:30:36 GMT

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js? HTTP/1.1
Host: daddylivehd1.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: variant=0.09378599977812807; psid=FEATURES-2203_0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jlrHM7eAxeMwjrYHc0aRI5fndn7w%2FfQ%2FSBC39LjaO6ezWKFC0gCBGBRqTTVWdwIXqQPSMubaMC1T3FTn6b6jftLAKn8QSPUbsX4BLS9WQjB40S4miSfPZrn8zUiqrCRFIMO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8ebb8608bf2cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21674&min_rtt=17751&rtt_var=7701&sent=14&recv=9&lost=0&retrans=0&sent_bytes=4919&recv_bytes=1824&delivery_rate=589&cwnd=12000&unsent_bytes=0&cid=22c1643861dd08d3&ts=1359&x=1", cfHdrFlush;dur=0

HEAD footyroom.top/tv/albaplayer/stream-327/?serv=1/

188.114.96.1

200 OK

0 B

URL HEAD HTTPS

footyroom.top/tv/albaplayer/stream-327/?serv=1/

IP / ASN

188.114.96.1

#13335 CLOUDFLARENET

Requested byhttps://footyroom.top/tv/albaplayer/stream-327/?serv=1/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-06

Times Seen5691094

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectfootyroom.top

FingerprintC9:1C:48:AD:8D:58:F3:32:58:8C:7C:ED:B3:34:91:0D:6C:3E:0C:7C

ValidityThu, 07 Nov 2024 03:51:56 GMT - Wed, 05 Feb 2025 03:51:55 GMT

HTTP Headers

HEAD /tv/albaplayer/stream-327/?serv=1/ HTTP/1.1
Host: footyroom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://footyroom.top/tv/albaplayer/stream-327/?serv=1/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Dec 2024 13:04:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://footyroom.top/tv/wp-json/>; rel="https://api.w.org/", <https://footyroom.top/tv/?p=144440>; rel=shortlink
set-cookie: pvc_visits[0]=1733231076b144440; expires=Tue, 03-Dec-2024 13:04:36 GMT; Max-Age=86400; path=/tv/; secure; SameSite=LAX
x-cache: HIT from Backend
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: BYPASS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9N%2FQ1nzTTweskplAu6s1beBzfOJZHx61MOARZ4Bk%2BpueWOHWqnX5vUKTJptk8hXKdijLGKvjH7gExrqmrzvWHXLcB3j997XUVZGAUIaAbDf16mr2q6CuKDvJZPAaxaT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ebb86114c86b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21594&min_rtt=18200&rtt_var=6418&sent=27&recv=12&lost=0&retrans=0&sent_bytes=17582&recv_bytes=2092&delivery_rate=34182&cwnd=19200&unsent_bytes=0&cid=b027ecb4f130a161&ts=616&x=1", cfExtPri, cfHdrFlush;dur=0