{"report_id":"e0482a10-efd4-4727-aaa9-65c121fe1443","version":6,"status":"done","tags":[],"date":"2026-01-03T18:05:29Z","url":{"schema":"http","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"title":"daddylive4.click/live/stream-940.php","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T18:05:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":29}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T18:05:07Z","timestamp":1767463507,"ip_dst":{"addr":"162.159.207.0","port":3478,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.13","port":41358,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)","source":"{\"timestamp\":\"2026-01-03T18:05:07.284310+0000\",\"flow_id\":1462223131334294,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":41358,\"dest_ip\":\"162.159.207.0\",\"dest_port\":3478,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016149,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2026-01-03T18:05:07.284310+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T18:05:07Z","timestamp":1767463507,"ip_dst":{"addr":"172.18.0.13","port":41358,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.159.207.0","port":3478,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Response)","source":"{\"timestamp\":\"2026-01-03T18:05:07.284988+0000\",\"flow_id\":1462223131334294,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.159.207.0\",\"src_port\":3478,\"dest_ip\":\"172.18.0.13\",\"dest_port\":41358,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016150,\"rev\":3,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Response)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2013_01_04\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_24\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":62,\"bytes_toclient\":74,\"start\":\"2026-01-03T18:05:07.284310+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"d3m6crjuedf6o.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"torealiukzemydr.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xadsmart.com","ip":{"addr":"104.153.197.251","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2020-04-18","domain_rank":39181,"first_seen":"2020-04-19T20:24:06Z","last_seen":"2026-01-01T18:53:30.448745Z","alert_count":0,"request_count":1,"received_data":257,"sent_data":1700,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-12-28T22:27:44.219613Z","alert_count":0,"request_count":1,"received_data":90137,"sent_data":424,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"6.adsco.re","ip":{"addr":"104.16.83.77","port":2087,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-14","domain_rank":91627,"first_seen":"2018-01-15T04:15:29Z","last_seen":"2026-01-02T15:58:02.609061Z","alert_count":0,"request_count":2,"received_data":1189,"sent_data":865,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2026-01-01T07:47:27.133157Z","alert_count":6,"request_count":2,"received_data":754,"sent_data":838,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hv.encystkokil.com","ip":{"addr":"172.255.106.53","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-01","domain_rank":0,"first_seen":"2025-05-17T04:34:19.69533Z","last_seen":"2025-12-28T16:32:53.344005Z","alert_count":3,"request_count":1,"received_data":1416,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ukankingwithea.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-01","domain_rank":32650,"first_seen":"2024-09-05T12:50:03Z","last_seen":"2025-12-30T01:59:11.301646Z","alert_count":3,"request_count":1,"received_data":840,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ltszhyysre9h.s4.adsco.re","ip":{"addr":"185.200.116.60","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":463,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sourshaped.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2026-01-03T09:56:38.479224Z","alert_count":2,"request_count":1,"received_data":513,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2025-12-30T10:54:18.159058Z","alert_count":6,"request_count":2,"received_data":1038,"sent_data":1003,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2025-12-29T04:54:49.804781Z","alert_count":0,"request_count":1,"received_data":1853,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"torealiukzemydr.org","ip":{"addr":"104.21.3.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-06","domain_rank":0,"first_seen":"2025-12-21T08:49:45.283212Z","last_seen":"2025-12-28T09:14:33.95479Z","alert_count":4,"request_count":4,"received_data":2136,"sent_data":2331,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"daddylive4.click","ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-12","domain_rank":0,"first_seen":"2025-12-20T19:30:44.827313Z","last_seen":"2025-12-28T16:32:52.42762Z","alert_count":0,"request_count":3,"received_data":653526,"sent_data":1842,"comment":"","tags":null,"fingerprints":[{"name":"C3.js","description":"D3 based reusable chart library","website":"https://c3js.org/","common_platform_enumeration":"","icon":"C3.js.png","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-30T21:57:49.11287Z","alert_count":0,"request_count":2,"received_data":726,"sent_data":954,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-12-30T12:40:20.855851Z","alert_count":2,"request_count":2,"received_data":3803,"sent_data":1550,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"ltszhyysre9h.n4.adsco.re","ip":{"addr":"38.132.109.126","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":463,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ltszhyysre9h.l4.adsco.re","ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":463,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.xadsmart.com","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2020-04-18","domain_rank":409261,"first_seen":"2020-04-18T18:24:57Z","last_seen":"2026-01-01T18:53:30.346273Z","alert_count":0,"request_count":1,"received_data":42469,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"quasicurrant.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2026-01-02","domain_rank":0,"first_seen":"2026-01-03T16:45:38.927075Z","last_seen":"2026-01-03T16:45:42.531784Z","alert_count":0,"request_count":1,"received_data":107670,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"chevy.giokko.ru","ip":{"addr":"172.67.149.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-15","domain_rank":0,"first_seen":"2025-12-20T01:30:46.335351Z","last_seen":"2025-12-27T15:25:01.455046Z","alert_count":0,"request_count":1,"received_data":805,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"epicplayplay.cfd","ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-11","domain_rank":0,"first_seen":"2025-11-04T19:50:04.315105Z","last_seen":"2025-12-27T14:47:15.980351Z","alert_count":0,"request_count":4,"received_data":1305641,"sent_data":1926,"comment":"","tags":null,"fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"kzt2afc1rp52.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2020-04-27","domain_rank":1699334,"first_seen":"2020-04-27T04:28:17Z","last_seen":"2025-12-27T15:25:00.542704Z","alert_count":4,"request_count":2,"received_data":215338,"sent_data":900,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"d3m6crjuedf6o.cloudfront.net","ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2025-06-23T17:24:38.613809Z","last_seen":"2025-12-27T14:47:16.100546Z","alert_count":3,"request_count":3,"received_data":234490,"sent_data":1836,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"waust.at","ip":{"addr":"104.26.4.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":36042,"first_seen":"2016-01-28T18:24:33Z","last_seen":"2025-12-30T13:10:43.150086Z","alert_count":2,"request_count":1,"received_data":12437,"sent_data":402,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adsco.re","ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":3069,"first_seen":"2017-04-03T03:11:30Z","last_seen":"2025-12-31T07:41:43.098962Z","alert_count":0,"request_count":1,"received_data":1750,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usrpubtrk.com","ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2026-01-01T07:24:01.334994Z","alert_count":5,"request_count":1,"received_data":528,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-12-29T14:32:54.672001Z","alert_count":0,"request_count":1,"received_data":839,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-31T21:55:03.360474Z","alert_count":6,"request_count":2,"received_data":171912,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"4.adsco.re","ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"domain_registered":"2017-02-14","domain_rank":95532,"first_seen":"2021-01-04T16:47:52Z","last_seen":"2026-01-02T14:18:55.851749Z","alert_count":0,"request_count":2,"received_data":1058,"sent_data":865,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2025-12-29T00:14:05.184038Z","alert_count":0,"request_count":6,"received_data":13786,"sent_data":3788,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"x7i0.com","ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-06-30","domain_rank":0,"first_seen":"2025-09-22T01:01:11.695894Z","last_seen":"2026-01-02T16:38:27.55657Z","alert_count":0,"request_count":1,"received_data":113318,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-28T22:26:34.892336Z","alert_count":0,"request_count":1,"received_data":18819,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"oyo4d.com","ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2019-03-26","domain_rank":201644,"first_seen":"2025-06-02T17:08:26.404235Z","last_seen":"2026-01-01T23:25:21.765552Z","alert_count":0,"request_count":1,"received_data":831,"sent_data":596,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"78a6702d966a64ed29eca96bfefed3de","sha1":"cc38ab49fb9cf0b5dfe3639378bd12af22ef1c0c","sha256":"00f32959faf141840611a9e3f434a6924cbcd843de990bb5df8ad037b9f8d095","sha512":"2b6c83fa444ad44b55fcced6f581d11b7a8e1e4339769b78b124e257de6526d0e1f7f2a974311d2a5e92633a22ff4846ee52276703d73de4dca305a5eba4be29","ssdeep":"","tlshash":"8d9002e65045d01019e61142772273497932159931451002821a4115301192fcb51594","size":52,"data":"","first_seen":"2024-07-11T01:38:35Z","last_seen":"2026-04-18T20:00:46.983312Z","times_seen":874,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5a774e3f3f50d990ee426b47a7a5e033","sha1":"9aa8984d60feb823b28791881bf02f3a0e9caf1c","sha256":"b869dcaa9146835641bfdf2eb8f89a7333dfb5b3e3acb61cf77f5bdc1488c281","sha512":"bc13482b39099c513154042ebb239bbd84fae0b144176f3a294fb46cf1734bcf7add238bc70c416bbc3332e8ef6a36236b3570f6c9c8ad65a1aef2b805f1356a","ssdeep":"","tlshash":"0ae026283db7e161012734eb2b3ec0526226c01dad24d78298feca989dd0ff00926dd0","size":332,"data":"","first_seen":"2025-04-16T10:55:46.992611Z","last_seen":"2026-04-13T18:50:49.556345Z","times_seen":481,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"87c725e214683adf9b74663ff14946ab","sha1":"ccbe1b6c564d65ad51f1488627d8ea8d1e97e131","sha256":"93e773869f7f7e03ab47466b60c2b9113b1da6b969d5963c03678e5a4c0e0807","sha512":"1e58750aa931cbda42301559e3502f01877a49aa3dd6384fc9146e4ea9e24bc11fa94db7a17ddb522aa2b4ccdf51c65f21329abb1c5cd8edc69bc22fb90f980c","ssdeep":"","tlshash":"fe1121ad306572be1ba315e4a137974bf271117c605c04324b5dc8f5ac75caf8623ac8","size":1000,"data":"","first_seen":"2023-05-26T08:35:46Z","last_seen":"2026-06-01T18:40:50.371759Z","times_seen":5778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b7d8a1a33a77fcd0328d3c709c5a9eb3","sha1":"e8ea90d66488aae87f231079141b02b04cc26f05","sha256":"3f06772f212125287a824492bf133d5fc6ef851b8478c081406f650716869cde","sha512":"b92d0879e95318270c892770db71380d6f66efbeb8e4c9a8155e82b09e66a0a90844a4d0e38ede9b6bd536d8926ab4359e3bcc5266594f04136fa66295bbc9c1","ssdeep":"","tlshash":"f37000082080000200200002020222003202203080c82002a2000a3020ea08b8020080","size":20,"data":"","first_seen":"2023-03-07T16:36:56Z","last_seen":"2026-03-06T11:55:01.489296Z","times_seen":4296,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-01T17:50:48.22076Z","times_seen":227290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/XNTh2UVRWVxg3a0FREmxlBwhDZ2MAHgYjMVMFEjAwUUEaOCJQDFgyOFxbHXc+RlcYIWlDfzlmGwJMFwVlflxQJS5RBUZ3OFRWEWxyUFYVbGUTWRIzaQUeAzBpWFcMODhZWVNjEgAWRnRmBRABODpRVwEicQcIGCVxBwhHYXoFHUUTcQcIATg6AwxTYhYQCk-YpYgEdRRNxBwgEJ3EGeUdiYBsIX3RmBV8TMj9aHUQXZgUJRmFlBQlTY2RTUQQ0MlpAU2MSBAtCf2QTTUtg","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"698dfc650e27873c2e368996efb36464","sha1":"a76758ca8d062d9c050c9d069decac01a7e0c2bc","sha256":"2d32b5961616da3159d8532ba935dec68e5ec54b0c1299c42329060d8e59d95a","sha512":"69ded3ada1ac1a951937f9de1fabef1bbede7ec2050481351aad41e8cc070b672ed0731b909529e54c10928e36ac46df7efc7a99a16046ec2c487b0925550ff5","ssdeep":"","tlshash":"78d0a73d2308ca034cf611567115b80083cbb14f136487446a8a1e93168a4495c60335","size":208,"data":"","first_seen":"2026-01-03T18:05:38.822884Z","last_seen":"2026-01-03T18:05:38.822884Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ef9e29d830b47e493c51972bb3af3ef6","sha1":"95d6255c5e100dce97da5619be073c8dbf4f00c0","sha256":"fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77","sha512":"af408037587ea95e4db5c0412d582ea898d2fb5084e5917048698bc482dd7c3e8854d87fcf3adf508fd8cceef746eab017029aba07aa934184675a6e6c88f0b9","ssdeep":"","tlshash":"a270000000002830080208002020ca8e2a22208022033a00800a000000208802088b0a","size":19,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.495259Z","times_seen":19082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f6ca01bb0ca3ebde821544f18ec83583","sha1":"2e8cbf747f80c79ae8c12b8685556757e813b9db","sha256":"a1d2b03b3b1269adbdcbda20f64807bc730335783a9a90e9fbd743f898fb675c","sha512":"abe6913529a7c6d57112e1fd7e8705144a557783b8b7e957c00e9d2a1cb5b05c00411e04d1c84a5df1032558a0151b396099d0582dbc944944f6040dad241573","ssdeep":"","tlshash":"cbf05c2a98e707384cfa7a441034ca7534fc38a0a9a3d067625cc82ccd39fc54c14bec","size":467,"data":"","first_seen":"2023-03-09T01:35:27Z","last_seen":"2026-05-31T11:47:38.317527Z","times_seen":937,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xadsmart.com/ele.min.css","fqdn":"www.xadsmart.com","domain":"xadsmart.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"804d1dcbf12d2a8a16f6bc71556e2a49","sha1":"f2af0634d16ed634408c4b9e353d29f6f1d5aed8","sha256":"9e6f1c55e7ad9d343bf28fa16cfa780b612dc51b8923a1022e4e9a52da84c777","sha512":"438e9d1f496d681e6095ffbe896cbf341b42926ba908f40a2b716cea36268416a178dc50ec33cbe3602ed415653206910916ffc87f24d91e05b8e5816210d35d","ssdeep":"768:bt9rqAYKK2ZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigC0/+CntlqoD:bbdZzFQ9JsTgZvfzmMzhYrTscpjZd","tlshash":"5f132aaab286282601e741b9503eb316b23305167812d458fcb9cdf96e3ddc611bb7fc","size":41925,"data":"","first_seen":"2026-01-03T17:47:11.974012Z","last_seen":"2026-01-03T18:05:38.82987Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e018c77e67a96b7f5440da3c7397e35a","sha1":"a090b0a7035556c7f71070fe10c2e37fa15584c5","sha256":"5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e","sha512":"cfaad7c410b0f14c2c849855f859a973177c6bdeb27ce9e3dfbbb38169a4abd0f66252213aa1885751c54d1ae761fd68af739081e9b7d6875f084c2240874062","ssdeep":"","tlshash":"0a6000c000030030000300303030c3cc3c30003030333000000c3c3f0000f00c003f0c","size":17,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-06-01T17:05:26.84676Z","times_seen":21500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fe99bbf2987d52a27e4d042d61264b5f","sha1":"96bb68de49d3a4146142cce3f02de1ccbf8d0bf6","sha256":"cfe90e4da6c1841088b25b3582dc78b887f3239cdfde633ff426703c6ed538f5","sha512":"9dd74689d8b3460b4da7557d2797047f31cfa1b8522959d152c08f1f48989897e15f026d9b254a7ef61b99b9b18fc002054f29a12a2e30554a68d7815c53f3dd","ssdeep":"","tlshash":"d570000a20a02022082a000082022200288c0082a80800380a008b003c008032222382","size":22,"data":"","first_seen":"2025-03-02T21:04:17.177505Z","last_seen":"2026-03-06T11:55:01.511158Z","times_seen":8483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"671444b18b3cc3e70701e1183d62160b","sha1":"a30c8b7a7723916e44d14ba3ea0729257ee9b07a","sha256":"d5725ea1e17d2b1090598bb1251d4c715418c9a3be04dabbc83fb77bf1de0f29","sha512":"5bef3b2071b8ced17eeceb3dc7e1bcc4071594cea23767db79ed1f42569aaac1fd8ceef808354a03c4f63e9c2b7a7109ecac108d2eefe8b01df68ca9cebcf093","ssdeep":"","tlshash":"cfc04c0a6b8037a5126b06fd166625d3d065b91339f9c253160478a6fc6f604d4d3e79","size":155,"data":"","first_seen":"2026-01-03T12:54:16.411469Z","last_seen":"2026-01-03T23:06:58.150712Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"902c460afdd3e381e561395b818a5dbf","sha1":"91008cfe46804ec773a2e4f72302086a0a41366b","sha256":"64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7","sha512":"f1cdaa252c9faeb7cafc830b5d755b186e10d090b7b2482e66ff0cba147c8ba570a1751dec8f3cbc4a59e654025753813aa3910f3c0c9ea2a673bec65e485416","ssdeep":"","tlshash":"5670002002002820802e20022202a3002000020008000000820800082220203280828a","size":18,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-31T21:28:39.691629Z","times_seen":17729,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d09df5f459de00e5cd4e67c5af5d2801","sha1":"3879581b5991afcc68ff65a1fb28c17230f3d8a1","sha256":"e713f3153dad10e9d9339b71e239843eb17aca79068b1564d9233027934a4408","sha512":"31bd7fdcad80c396f1a93e13fcdbc7023dfff049fc25eb1b65e871b650348a86d5b7f48f5b69a297bb580586f3cef787f39b47b6ba72ec0cf1a6615cb11984e7","ssdeep":"12288:SdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkx:SHtbhM40/0RRIZDFObnpe9AUTpKWZVax","tlshash":"fed4501837844587371b4ebb773ba5d1e40b38da7609488ff6087c65a1965a3fbe8332","size":612094,"data":"","first_seen":"2026-01-02T20:35:19.711582Z","last_seen":"2026-01-05T02:42:04.916837Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-01T18:02:39.503332Z","times_seen":75445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"879c12264b74d969b0314e9a9cd1f17d","sha1":"714a5d759f4d1b7d41f8c5526451aef114b33d41","sha256":"28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337","sha512":"3547b27de7764e655bc8749fd5c1166599da57d2a76057e66923476fda692917a9e537a934374c77f361359b9fe94d739bc037044bbcf2648feb43f7ff9f1c7f","ssdeep":"","tlshash":"f7700008e0a03032203a020a228222202a0c2020800000a0080a328028882832380880","size":22,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-19T05:15:08.498638Z","times_seen":21975,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"694d1f2dc9f80f083fa5ecd022545a07","sha1":"06a3dcee7aaa68c20db386bd68c202ba6bbdbfb5","sha256":"e876189b21f9f8f9f75b9cf4fc0aa32f1df79690aee84a479a6b97832d17c1e1","sha512":"6355c71d5b8a1c289c24b3edb483accb33846d562dc52f268a2249ee1456b488656c7d78d740502515b1f0a0db980dbe85f2da739aa095b898ce73d3ae65a8e7","ssdeep":"","tlshash":"6b5000000000000c0c00003000000003c000f00300030c000000000000000000000000","size":8,"data":"","first_seen":"2025-10-29T18:06:27.685253Z","last_seen":"2026-04-11T19:01:02.655637Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9aa3dc35f8ba994aa0f04a42c4da5062","sha1":"a65df79b7b70e8b8d22a2db929f6598428a827e0","sha256":"89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb","sha512":"72ec1d5aaa34463f798b2d2c5976a6221f70e51ea2afff582319f4c8b7e31f4a67ef2a2d39427b4d1cc89ca66c4d4374db662c1137380ce0aad2acfcdbed4d6c","ssdeep":"","tlshash":"ec7000080000a0308808a002882ca3803c20a820b022a008080823080000a020008e0e","size":24,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:25.041668Z","times_seen":23255,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b639122523caa43371803a68bac5cfb0","sha1":"02e21a07838fc57db033101f6c01a7a6fdb49b42","sha256":"8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076","sha512":"293813694526a8020fc37c3814f05b4c5cd2ee009bdb297081509cab1a89c278eee157b83a86436d6449b18ac59b53f5bab2768867c2bcfb341fc9ad2c61c4f4","ssdeep":"","tlshash":"36800082ca200a03a33280a8e0888a82220003088202a803082830203c8a3002880acb","size":32,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-04T21:53:37.382857Z","times_seen":13592,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/8VGtjTEo3BA0qdSACB3F7ZVJUfXNjTRM+LzJWBy0uMBIPJTwxX00vJj0ICGogJwQNPHchLBR1EjIdAg8QAk0XNi5pW0UgKzoMXmovOghefWw1DwFxenIfEyMhaQISKycuExo+JC1NFi13OQQZJSY4CkZ+DGFFU2l4ZEMUJSQwBBQ/b2ZbDThvZltSfGRkTl-AOb2ZbFCUkYl9GfwhxWVM0fGBOUA5vZlsROm9nKlJ/fnpbSml4ZAwGLyE7TlEKeGRaU3x7ZFpGfnoyAhEpLDsTRn4MZVhXYnpyHl59","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f436606d1752a6cab340635a2eb1e068","sha1":"88a172dbf3d310888d00a1d8cd4bae42b69bea29","sha256":"0b2d3226532905a1e562b2d350c41c809a832a6d90bfd563eeecc43cc24d39af","sha512":"d34c710a8233b6233af454e0f17c77ec5ce99f89ee644c3f96f3ac0ef0e806942b648e8d9e23e021861d2877e55ef251017c0e9a4c437d97c8e92f15ad83799c","ssdeep":"","tlshash":"e201705a2ac08a6204baa0271af2b445638af4cd5ab6125934110b7bba0da4bca6052b","size":747,"data":"","first_seen":"2026-01-03T18:05:38.827509Z","last_seen":"2026-01-03T18:05:38.827509Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7545d1da7159ca66338b4c84b69f8ae4","sha1":"0858800340ee5b8c413a1aabc50fb28d0bdf89db","sha256":"7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81","sha512":"dbd944acd2868ed6eb1de313c0efe7590f715129f7ca5a9ae5a3dfb9de0035612a248441d9e6c4c1812d8ec4b3de7cd2a5973c4c71887361a2276de1d73fab94","ssdeep":"","tlshash":"af8000088820202a20be0a0e02a3e232220e3022a0020220000f0280380020bb302880","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.475594Z","times_seen":22616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be2d0eed5eded93d8440b1dae0f30960","sha1":"36e7177a4932c42e56d3e3f7b0580e4c88df96d5","sha256":"8368de6b02128e66831895a77f280482d7ed841a61c42d2304966f12a4efd46d","sha512":"185f6d9ce439ce4ddf557c13303790f74031c221e1578c98aee9a8b10e5ee6cca66c207b04686510faa128ccf19ea5f3c71d3494157709f5a7e984079c6c1ad7","ssdeep":"","tlshash":"8b110209b920b49661ab53fe811f000fb33098b7d89d58e057244cf59ef10ad05d7f0d","size":1000,"data":"","first_seen":"2025-08-02T17:09:38.072547Z","last_seen":"2026-05-22T09:36:44.433157Z","times_seen":531,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"60f1798bac26472658ff588720760829","sha1":"9929b26eeb812be15261ac5aee076e468bf4764f","sha256":"acf1662d0ddc764da1a0a9ca8c14ce6d6a937aecef80b4b0e0426698a24b765d","sha512":"9d0a619d6ac5f0516ddca9675f3eb2f0f58b6f2277e3e5925fa3ef9609f51fd08ab1826a609edf62cc1eb9d5c6543e459c205ffab10ef6cd4973caf62803f07e","ssdeep":"","tlshash":"aac08ca60128d1aae0a94c05270242006cf5bc6fdb8fea060840c20fae27216c798698","size":157,"data":"","first_seen":"2023-03-11T19:15:55Z","last_seen":"2026-05-31T11:47:38.379827Z","times_seen":732,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ff656e6bdffbea98da4df97ff7ae3d21","sha1":"f742e8d729409184fdaf152c2d2b670d6db7e9ec","sha256":"9e6e95d6fa2ce522e900a6eb22ef91ae4fa930a9e39e2ca913742d48d0484b68","sha512":"6d33c580d8b244ba6a4268947d576a1633f299fa43cc01e6f492e69b3245b277b9ead9597d20e953f5af78c8b9caa3c2fd80fc92a259de307b4461ccd71b63a0","ssdeep":"192:M4CrN2ip9brETbWI/Yum+RyXePI06HGwBJk4W1x:MjH9brETbP/Yum+RyXePI06mrX1x","tlshash":"2802c9bb7b49359061f10c7e625b7225753604baaa0f9512a262c8513c1cd0fc3afbee","size":8477,"data":"","first_seen":"2023-07-23T19:35:27Z","last_seen":"2026-05-31T11:47:38.39462Z","times_seen":667,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d5757abfc2dfe2efd4bb1409941cf087","sha1":"a3eb249ef753951d22faa61f87302479aff27023","sha256":"bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87","sha512":"a21d0aae842d3e854147d43d706f8a72afeb8a045e8c020c6a3f0e61a0c91066b86163539ba9a2827f0a61d53b120a90b5c1ba65875e334a87ceca32b06c0117","ssdeep":"","tlshash":"188000ae80a800202230282a020222a02203e002c882008000ab0300208002b0280c80","size":27,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.51193Z","times_seen":19592,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"316649f46d5ed4a4305c0208990b7ebb","sha1":"7f62b2311689698810412bbdbb26f28e498da8e1","sha256":"4ef746826b9961a1e7b68547c3d57be2ee14f5fc5b7aa71ae5082862b9d720bf","sha512":"d481051c6270e8f0534dfb7c2239c9cda6546efc3448cac9f0010381869824456e8b518bc17b2b30606deda44d320447e34d764a132519ddd6e6d12fc9d004b7","ssdeep":"","tlshash":"4c1167282421b41911eb34fc817af81db4b121e8cb8466d978fea4e45774dc77c96edc","size":926,"data":"","first_seen":"2026-01-03T17:47:12.362409Z","last_seen":"2026-01-03T18:05:38.896973Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"df0f0e3e7f31f2501d7e19833ccb4ddc","sha1":"e551bfcbdd3a7c41875f1a974ad1914604b5969f","sha256":"511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089","sha512":"57497c56a50a2a0ed0cd9862fdaf381fbf969bd3048dff24dee46f2dc10139cccfcc4b275d7d74cd3d8f036ada1eabe54d05c4773e80ba797748aeff6c855898","ssdeep":"","tlshash":"b98000f8002300c302300f032b0b3302b033000c3accb0ebba3080303802303f8020c0","size":33,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.512729Z","times_seen":18132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"be6b25353280fac3960e70c9dcb6804f","sha1":"46c69609a3bb697e60644b18dc85d780c44804ea","sha256":"38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd","sha512":"cfb553df29882616e097d28e643208df6aae0e005e63b7e7d9310a731135e9e33407ec268f12699208db7dd4fe2e8ba8a49de900e8b0a1a4bd83bd522f2ee953","ssdeep":"","tlshash":"10700008e08020a308380002028223222a0c282080822020002b0280288228baa88a80","size":24,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.509203Z","times_seen":22176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"079bda4c7eb6f2ec243bf61dfb86349e","sha1":"5e976527436b4b3cc5757b3d8fec2e932da4d1d2","sha256":"c5fb9b21c3598dd2a1c96e9842f3c6969f973c425ffeb5af72efc649178c6a11","sha512":"ae0e31aa8ad430f042cc2dae0f8e907eacab25df9b571feb20234f1fa386e18784eac42f95b4e5bebbcfafd5ddcedd01f4bdc71a140ba03a9e6b3697d0c4f9fa","ssdeep":"","tlshash":"de5000000f0000c000c00c000000c000000033003000c000000000ccc0000c00000000","size":8,"data":"","first_seen":"2025-10-29T18:06:27.678989Z","last_seen":"2026-04-11T19:01:02.637206Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6a88d4bd5bd93656328a2f38b4378d0b","sha1":"d2afdc9b1693f0cf62ab6e88bbcf4e20fb62844e","sha256":"3b1758c84d9df642c22e7c547795bd40ff0a9610795e44c90109fa7f9b8016ab","sha512":"c64eb8517871a1b996d76fd0d9982a9726515a003cebbbdf1639067607e2f7697c97f79fc176802c7e560f325e3f39f40c9edecb49e7c1626b95ca0cb8349424","ssdeep":"","tlshash":"687000380a2000000230202200020002008282a0c0a2a8c0222a820002020200282002","size":21,"data":"","first_seen":"2023-03-07T12:58:03Z","last_seen":"2026-03-06T11:55:01.48721Z","times_seen":8444,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"67b2371a222c2dc94f01b8579fff4f4d","sha1":"0b0a5e2d11790de282055efe8b8cfd6f4378bbfd","sha256":"dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b","sha512":"06a32863a820cca2b2f4460c10c4dc3583687648c909c5f67c746e727ecd4ea6301db1273b40dacdaf397a585ff257eb8c3e226fc023e95d3bda257e02505dfb","ssdeep":"","tlshash":"d4700002880200a8302bc808a3022300200080802882000008888002b0000230808088","size":20,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:24.96695Z","times_seen":20843,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ab3b4884408bb0261d6b56a7d288fe80","sha1":"b0f370141ada9b591302b575434c255db51ae151","sha256":"e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587","sha512":"e57cb5cdac6519a8a24e85d5d91f2c6492e282308a94d369619e9455cef8f22a2a6abd62023647fbfa0228b6d3e12da22c280d691cd351608aada9c284ca3a66","ssdeep":"","tlshash":"6c80008ea0803232a2fa02038a822200a2af38ea88008820000a0200288030f232ac8a","size":26,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:24.975662Z","times_seen":23030,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hv.encystkokil.com/ri0nEDbUj67nZK/69521","fqdn":"hv.encystkokil.com","domain":"encystkokil.com","tld":"com"},"ip":{"addr":"172.255.106.53","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","size":5,"data":"","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-06-01T18:13:56.741792Z","times_seen":17325,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"61d9031f2b0da3ac81b6732b6d1ecf83","sha1":"515d4db3d1120a7160d1bc7d93d57f7fbdea1fc4","sha256":"436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27","sha512":"3b6ddafdb73b34756f57d92b3db048d03ac38dd2f96be7d4ba695835470b8ce460e2d6059a84e64f3bc2d5237b6151aad2a649f76ab43a81447182684b5741de","ssdeep":"","tlshash":"b58000b02020a830088e020cb030c3cc3e32000230033000a00c028c0830ec00228f88","size":36,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-04-19T05:15:08.455572Z","times_seen":18664,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f694bc1d93055e95c4871ec22720262","sha1":"24be8aa417259d91057032deb37b48f643c6400b","sha256":"bf3922e6d5bfd4b551d7f2b20057a63550e9a82815b19f445cd8bc2e64f62d1c","sha512":"4b9c2bf7a4adc7ff28f3117ec4521fdc50852826ec3ab441a1d6d0b449609410c900edc99f052d478c3aabb5772b149f45886e4bbf3b0a3b106f76c5de54429d","ssdeep":"384:+v0a/K7iYFRdYtn6f0Qen9tO69aI8tAUeNDaUGRQ2t4PpBahqoo+KXnS7YhfGMOY:+K72n5Q80GaIoQPzahq/AMOY","tlshash":"12c2e5a7321eb91a8719626150ef2ec5a2cc48c4718f1b7ce724e53634d753485ebef8","size":27996,"data":"","first_seen":"2025-10-29T18:06:27.722474Z","last_seen":"2026-04-11T18:48:33.854433Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x7i0.com/tag.min.js","fqdn":"x7i0.com","domain":"x7i0.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"b105ae11aaf0b47395b2000405b0c592","sha1":"3c1e064f7f5914d976f4a81aea09018b88252773","sha256":"59f1a5a724edcb7907d7734c94ea7893e3c0153854847a1dde214f8c71339e9a","sha512":"3e3a9f1b04582013f15fe140f1aeee984bf74299ec944c6d5752bcd8a14db371f03a7f7f3002eee365d2b98a80791f2a0dc2b380001c80928295458d02be6190","ssdeep":"3072:tXki1TG8YlAVCzIqwL76WJHpYx85/MVzUL:6WTGvlwqw5JJdQza","tlshash":"3ab3295673a277d21a6e60d42d57d60573fd8c80488f8867e3c8787972d081cd3abbea","size":112425,"data":"","first_seen":"2025-12-18T15:53:40.958967Z","last_seen":"2026-01-08T02:23:09.116351Z","times_seen":241,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c2ea614d1bc750cfde52d2cc45abe299","sha1":"5e166dbdca67e79e7279c7e0818928894d216b4b","sha256":"951bc13086d06d7a02e9c1e56696df1982e9775bd071f7d6d97df719ff445a03","sha512":"2deb2e1f7323c8870b63f94d712177f2755d5e69d3e0129fef54c1ecc8fb628a7d62a771b7b2a04de3e1e3b8282a7452ff05b6ce94f2f2d60bf8ff08b80018e9","ssdeep":"","tlshash":"6a80044d501015d4c074307d001310141033d350515f11d04147115005404745713c13","size":36,"data":"","first_seen":"2023-03-13T22:08:52Z","last_seen":"2026-03-01T10:26:38.372728Z","times_seen":13572,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7a837a4ba8ea13b8193945adf0261e19","sha1":"61428cd720ebc0f01c4c017204c313193c22c101","sha256":"28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e","sha512":"abe0e46d98027527a7d2567c4feaece7ad3c1ec94eed8fea59b9eec596cdd4fa39e7776e9dbc4dd6fe777d9b09300d45ba2a49fc9479e0acbdea92ebf5ef940f","ssdeep":"","tlshash":"516000000003c03300300300030f33000030003000030000000c00303003c03c0030c3","size":14,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-31T21:28:39.706494Z","times_seen":23267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/?jrcmd=1197197","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1f934c0c8dbaa7b1232193d91b015c3","sha1":"da36c1a812685834469ae214e95fbae9f76685e4","sha256":"4c276d995b06b58cdb4ad5b415b56863745bc327c45569255af58fb14fd1f7e5","sha512":"7e1bc23e0a422ab10c3fccd87dcc01be9d51648d4cda3b435ddfae88ee0f062772a63f0ba72ac5ace85509c3c3f1e272097e8d0547dae0b0794631756de4a51c","ssdeep":"3072:XBUNP5+Ya/06R42Da7oV6+53UOng7L9vN9M+Zc53+Zc0M8Eo:XuNR+t/06G2D02cZU3+iAr","tlshash":"aa344cc9ba923429836374f540bf124ab23f5a69b8084dd4f496d4d07db8d4a437bfac","size":232302,"data":"","first_seen":"2026-01-03T17:47:12.056052Z","last_seen":"2026-01-03T18:05:38.780305Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d9f9b0f82813d813afe0d450e9fab4d6","sha1":"cb6ce93dd97adc3649f697ff49681f5aaf8b1671","sha256":"d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b","sha512":"849997b396eb218b8bbc788eeb34ec3eb9ab4c809a07ac707a57a5e13baabb69d2c52795403d032f007276109c7f4476daa8255550fa236873e1eb9ba6dba3ba","ssdeep":"","tlshash":"706000c20008802002c200028820a2802832008a20022000c00800000000a0c0222808","size":17,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:24.983731Z","times_seen":23638,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d720eef71edef78b948a643d5712ec07","sha1":"ea5eb334bd6ddb0f04abafb700dc2ecb30070c76","sha256":"2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae","sha512":"63368ff1fef849df7f849af23bc2f24698893bd3d58300282427a76665b2d5c94f097d409f93173ad9c36944b4fffc2e37fa03a91f81e4e04f3737f9b73d2d6f","ssdeep":"","tlshash":"5f6000c00000c00c0000ccc3c00300c030000030c0cc3c0003003c3300cf00ccc00033","size":15,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-03-06T11:55:01.51255Z","times_seen":24260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57f4b109276130a100c6feb3c82ca4a2","sha1":"8d881955992fa0ee1fb8e230a8183570292b5294","sha256":"c23d7a815e5dbbd8fa37ffdb9672cb316388daa36a057e44a5148c58f9cf7796","sha512":"af3e6bc7d899ab2866ce9ea03e7aa44a75b6d41f3484c0d9d21c10238b372d07e15a8c46c09eb88e2a6684529a851a4355fcb8b27ccdf56947e7978af43f0278","ssdeep":"3072:EHR17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGews5:EHRw194Lws5","tlshash":"2ea3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106830,"data":"","first_seen":"2025-12-27T14:47:22.823658Z","last_seen":"2026-01-03T18:05:38.792716Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"41310478a380eaf7e07dbad9b4f81a97","sha1":"1714b6ef86e90b5b23e2aaa1e7728ed9c59f4d34","sha256":"848e5342d9196c0f64861ab926a3c5aecce9294750febbd22e5d8df859bdb144","sha512":"7b93f330547524ce01b8f888a8d56c19cd4432fbee43db16aab33fc1aecd77243762c5e7dd5ce767e38c0fdf9d58bc629caf106d77689c1ef90ebeb09406580e","ssdeep":"","tlshash":"d37000000000000b203c00020a023a003003003000880800820808302ae800b802c0a0","size":23,"data":"","first_seen":"2024-02-12T20:00:21Z","last_seen":"2026-03-06T11:55:01.500018Z","times_seen":19951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8b5e8699c1b76c14c38283a27772a3e0","sha1":"8e39b41dbcb6877e9b189351a2c90908abdc7754","sha256":"cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c","sha512":"66ffa0031cc22b4eec8867f36dcf3d887b021a11ea74f51c2a2eff1ec4cf9eeb44c4e1d5a6c197f29d66546c5f42ef283c54261f6157687237e4dabe1715523d","ssdeep":"","tlshash":"cb700000000228a200fe230e8e82230822282223a28820c820220a2820003232380880","size":25,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-01T02:02:25.035676Z","times_seen":22396,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"aaf72876f0d5e8a677a383fd45bf938b","sha1":"d8b2ca3c238c933223f4a6313c5c0561f99e0c1c","sha256":"15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6","sha512":"c6bec20224539a5319a753a794c7521e7063e76b3d41bac8d7f0159880eaf3ed07c3fc1b0eb4ec285f1970f270f4b0ab68890d5a0ed01e3b1542102ad707f6d7","ssdeep":"","tlshash":"207000080820000820200802220322283822323022cc0002220a083022ea00b80282e2","size":24,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-03-06T11:55:01.498128Z","times_seen":23956,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c510d5a3d97cb2f599576a56b2703434","sha1":"9bc8f27eddd88f1e3f879b2dceb86f92486dc1e3","sha256":"b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79","sha512":"7adf4f6f79a04ef4aa41503ef199d996dfe027863d5493881f4689e595cc9ce27a4451f1be2617108f3716d2c26bea30fe4ef4c7c4922d4896cf3f7f94e50467","ssdeep":"","tlshash":"7d60002002002820002002000a02a20a2002020c82020200000a8000220208300802c0","size":17,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-05-23T13:35:10.426838Z","times_seen":18167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"97027e2582ced35b186bf66d3601cfd2","sha1":"4133fa316e585c4426c58951884d2db2d0e21548","sha256":"b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1","sha512":"6ce568f004c961c5a0e2e884ed98e6bdc8ecbba0dcbadf7d88cff201ff8b40a55d01a18cc7a247832c93f0129a2f7e68217dffa94071a50337ef0e17366448a0","ssdeep":"","tlshash":"9f60000000002830002e28002202a20a2002200002020a00800a00002220283208838a","size":17,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-31T21:28:39.707368Z","times_seen":18017,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"476b43130f4da0758e51a26ea93e733d","sha1":"5eac9c53e9cc1410e58f6f0bdc85528acab30736","sha256":"b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c","sha512":"d7b6af5bbc8185dfa58fccd8be30e14c79aed4aba53d8824cc066465690837c5f2d173bc3bb78eda33f9ae91ac0434fbb63d4d4c906e1874cc614ecf72ac4291","ssdeep":"","tlshash":"547000088202202a003828028282a220223ca82080028020000a020228002032ba08c8","size":22,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.474522Z","times_seen":22786,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quasicurrant.com/3d/71/24/3d712439b634feba69e3e22374c27420.js","fqdn":"quasicurrant.com","domain":"quasicurrant.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2460589873cab50273ab78d53ef9b559","sha1":"c45497d2b3302e4a6213d03a39086a9eff850be7","sha256":"499049d3e08fa46c4454ebe2ca8f0666e1ed49ad9afe2956e28bba2f115f75cd","sha512":"0f0e9c978c8869a0ca27169cfccc386828f0aab0f0f92239286113a02e701cab09276f3d6d8273aa62f9ddc701d918868e34184ec6bad9fb145933cce717fd7e","ssdeep":"","tlshash":"321154de32549f8eaae53d3f7427550422354c0e1461ece0da47cf7d918491521b7a5a","size":1000,"data":"","first_seen":"2026-01-03T18:05:38.95763Z","last_seen":"2026-01-03T21:24:09.720166Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"68934a3e9455fa72420237eb05902327","sha1":"7cb6efb98ba5972a9b5090dc2e517fe14d12cb04","sha256":"fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa","sha512":"719fa67eef49c4b2a2b83f0c62bddd88c106aaadb7e21ae057c8802b700e36f81fe3f144812d8b05d66dc663d908b25645e153262cf6d457aa34e684af9e328d","ssdeep":"","tlshash":"aa3000000000000c000000000000000000000000000000000000000030000000000000","size":5,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-06-01T18:02:39.503332Z","times_seen":75445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-01T18:09:59.566239Z","times_seen":680245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7145e6d4dd187b573a13f0240103f6f0","sha1":"f8e7ff7fd488f675f418011ef8ecca4a822933b5","sha256":"02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897","sha512":"8fb980002683780ece97cb8cc6679fb9c8c97f543b927fe1efbf4073887176b68be02fd0ffbbc4bec0ebce401d04132fe4d1ab1edab9d006be9493f77bcfc736","ssdeep":"","tlshash":"0d700020000082000b2000032f83b280300a033000c8000002028f32a8e802fc020080","size":25,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-01T02:02:24.962633Z","times_seen":21543,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xadsmart.com/ontequsfuvrsjl?NMAKVDUh=BQNiAAAAAAAACZUAAsW3WndHR73rT4lxuN22NJDWNMFLkrumIahHbUE73AdBZplvGvRcMt9D_D9XaSUG8wG7TW41ZkAALVzFinwjcGqx6oeT8yrDBLz6ku6F8-_nkg_AmFUUwVv1bc9pX1bALgoX0u_gBrobtdYHVUAThlSXE8vcEf3RQR_0us_6Gyvx27flEiXjGGyrB9zKElfIHNblEsnic6-4fd1HYGFe0Dtkp6VOjPGmJFGVUVdQvQnWOVmgec7Kp6CxBIZZFeiPFQL6If1WwCLJW9dElOjfqPBy3dj6poVGcfdOGY_TZXJN4XT-DntvZ0eFPotj3DwPIAoZhBmW7CKIPOghHxg_JOi1ZYK1l2bcBEygNOZMl31huvH5WHYbcNCQ-2_O0xtTvyy1T2i4xYegd0_5TbDeHTwDxqZXBoQU6yt3r5ms1syGXfVqNB6bEwVyigtkUszHsaCRB2FAEAQvFQwSpL-KUyoWz3necDaa_D1al2yJSwzvUeyhPgpKl-Uf_YpgxMd_DNYLVOPjc7EQHZmItlVktmTgh9gPL_MD2d6nTNuj33VVmIfUffWvh2k9OXqF3juBcB2KIaX6WvA6oMXrki4Nn3EgEgtDAXgqhS6LwD4Wx3XGOKvoJdLHLs-vm68NNihY9CLdcAjXhbsO4wKezqvBUQpstg6OHuHYMRBWgFnE8vMGI-9hM30Doh4js0BYdYT1iGi7IiISq_2XgYBIxNNV8iu0ujyMrEO7YZXL3DH-IE__0SYfrKV82Hesc9Uin_APY38TX5cgVlGLjJ_H8SNBOyRPatD7VqXvu7InDbbngdQURYQ3Vm2NVr2BG9mbIlB_eDoS7l3r2t3JYMk10Yixo3-tFy-W0kzstccuEIQoNYskPEJ7eNXVCU3gFJtcVW9j-cMc-SnCS_h4PphPtgGKOap93-1UALqy355vDiEQEesQfZwhnX_Y8242xLMZGNDB-lfIkrIdfrUYl5VqfuhuSP1RIl5yZ36yVQcjYTrZo0mqIWmynXtXwzazZsI6Box73Mx3nzukRWZWwejQFFFtz9QNkcGWfMWw_O3GoK7gw3YAcZqDazCp2mo4ejx4YaGzTpPpL9lFe6-EeP9NOjwQtxJ6yzyTAwdInpxaiTa60dvyOjqixBv2Nd-LyiAbGN-WXA\u0026wBMqxKsW=4\u0026eFTPxOUK=5260641\u0026uQbITVpA=\u0026FdYUVgmD=0,0\u0026SrWMymJq=\u0026tVSJiwhe=\u0026ZCAzqwOa=1280,1024,1,1280,1024,0","fqdn":"xadsmart.com","domain":"xadsmart.com","tld":"com"},"ip":{"addr":"104.153.197.251","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","size":44,"data":"","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-06-01T17:40:06.741929Z","times_seen":24614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"11cc3621e45b2f0b945ccf3c32be2d99","sha1":"65369460879076ce3d2ca049392097e9c15b8149","sha256":"8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c","sha512":"e8af12a7397f87b88e2b71577fbb9be3be97b309345786db07de0c882ef2203a6d2b98a7f74c4f5b065e3d67cdb2c54f23ff7694c9ccc83e22ee93e950e60715","ssdeep":"","tlshash":"8bb009b69262c0b9c4469c9eb13ad6e7397a12143813b327901d49205522e5e2b008a0","size":108,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.455072Z","times_seen":20074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bdc6234a33432c503640ad2f62105dbf","sha1":"2e733c2d4f1953a7ca2231208e8e31edc399ab19","sha256":"61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6","sha512":"ff6da6a9cfa04e9c0e4c8c038b70ff6461de31cf3020ffa062fb50d6507ffb72d431652f7a8eaf7fab316b387a16a0ba5923cb568450f6e5a3eb7c232a3793b6","ssdeep":"","tlshash":"bd70008e020000a0cab220a80a022300b0202c0008022200a0a00008202ee038288080","size":21,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-05-31T21:28:39.692668Z","times_seen":20594,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e969e6981adb7ab1cb174994a5c8c627","sha1":"5f534a259a6f3754d1d392028fd4cbb344fb6563","sha256":"5cb18f9c0eebf644c0bc27e5224177984121b4c4a3f8189861a6d797a15a2e7a","sha512":"10bbe815bb6e4ade10d00a42a82dd10b668e95e275161cb0a637b2ea95785f8f7fc72b31bb48ac9c1dfad03d811912c0683941a3c09357525f164915d5b033cf","ssdeep":"","tlshash":"a380000a88a8a0222a30a0228c020200202e822080ee208083f2032020c283c022b802","size":30,"data":"","first_seen":"2024-02-12T20:00:22Z","last_seen":"2026-03-06T11:55:01.514986Z","times_seen":20053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c24107ca675c86ce400f00f60737bf91","sha1":"915db7d3426c409da4f1c6d58c38d9dfd6ad39be","sha256":"3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1","sha512":"0b10c8522a9d3b4cd1b5d63918ca7888bf837bd48c2c456c38e20e215a0c5e1cc38e5248658c54021b1d2337a68dc1f61b17adfbda678078d0d4a8cb4fc56e40","ssdeep":"","tlshash":"2870002002002830880200022020cb8c2a200280280230008208000800208002808a0a","size":20,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-04-19T05:15:08.509945Z","times_seen":18884,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"6043a0b1ebb36c505a9191b20e11815f","sha1":"6f9cda2539774241dca5f5df2e40b2e83139768e","sha256":"354d474759535f5f0bb63dc6c5ea17455fb3d281aeb3cd6d44c2f3f594c5dec3","sha512":"5a55931f152716ef8803227e0518befc7ec9fdbc66f16aab57824511c7f3a94bfd9b93b4417d6f759d04c517f3d242eec582b49a8d92be6079b88e10a27fb9bb","ssdeep":"","tlshash":"517000a20c0ba0020c228b02838222002020028a288830c220a088203222e0b3028080","size":24,"data":"","first_seen":"2024-05-15T22:21:35Z","last_seen":"2026-03-06T11:55:01.515568Z","times_seen":14363,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-01T18:11:21.591683Z","times_seen":17633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"79e362235e366729632e60d6d35f8904","sha1":"69df1a1691b05442e11e2bc5825fc6297b977a92","sha256":"da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36","sha512":"94ca14ccb12238f547249a07134689257dd97639be34d7f466f52741df7176be982d88c5d294dd42a534a32d908533b5eaae33a13cb47ce0cf065d3098d9383d","ssdeep":"","tlshash":"fe60000000000c30000303000c30c3cc3c3f000030033030030c00000c00c003300c00","size":15,"data":"","first_seen":"2023-03-07T01:03:04Z","last_seen":"2026-05-31T21:28:39.681301Z","times_seen":23618,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8f1caa9d00584207cc7b2a526fe54b02","sha1":"d84b214abd64bdb31f7a5ac80a578cef40629f5a","sha256":"5ffb98cac73a86aa2a57057c03edb66d258e29c38c805d58ff40e7dfc4f0e37a","sha512":"a0d3b5d17fa0fed7063d292c9232716709073916e9b929aa0ad585a082051f687fd046e77d5e419e59f0e4e5913dd504ab41dcd75d23773f20c4f750ed8a42da","ssdeep":"","tlshash":"ac41ae0ab1f62117956e60ed8a5fb007b0765007f71cc944be1d53502f9a33d869a7cf","size":1986,"data":"","first_seen":"2025-11-22T19:35:09.386728Z","last_seen":"2026-04-09T00:43:56.002895Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fb440b8133f21c3e5d3e39624e7bda94","sha1":"1b46d8568f9bd8a2be944d6a61924a21ec0b6e4f","sha256":"a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc","sha512":"f874692932aab2be754d763a3998c5cd3c654a5bcd78c5d839fe0ba506f9a9e563d3cecba0ca71a6b0db35ff94943f6fa8bb0292f10c1aeb7df2704ea6d85fbf","ssdeep":"","tlshash":"047000000000000820200802220322083822223002cc0002220a083022ea00b80282a0","size":20,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-31T21:28:39.702301Z","times_seen":24318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"364c3a7c2ee385c62b62d1eb0d1a2bac","sha1":"aec36616a986bbddf4922bb3b0e772c06605f2de","sha256":"c68ccf6fea4c7ca129a1a67d56d514a3749dbef0d56adee206e73105209e0c13","sha512":"6deb4fb96483a992477ee5f8824cd96c9884e94e93a672aaa2c8623db8532273eed81d2f526f029a2ed9b99fee1c8e32f26ec925db94ad14f8b806cf8731e0af","ssdeep":"3072:EDR17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGews5:EDRw194Lws5","tlshash":"c0a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","size":106824,"data":"","first_seen":"2025-12-28T16:33:02.089637Z","last_seen":"2026-01-25T20:17:55.561254Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"dca14c896efeb4b80c68c457aea67f39","sha1":"2488a552655a41fbd3f3165ea5b1999f46f25738","sha256":"998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27","sha512":"56d0ea635f1a8dd9f7bfed6a8e087ec4d8e38bf65eaee1e1262740fc7ce80cf1b45ea861f0d5949b69ecc650427ccc8879f1b7c9af78933ba26d0aa9f704033b","ssdeep":"","tlshash":"ac8000b02a02b830888c220eb030c3c83c30000030033800a22c00cc08b0ec02208e8a","size":37,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-19T05:15:08.469862Z","times_seen":18394,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"a97ae6bd4dc972c26de801f868a79d5c","sha1":"cf1a46aa575a9718f8d4154813a7892317e7f8bf","sha256":"51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5","sha512":"f16b7e511db0f35f83e9380c46a6173de1ca6aebbcf4aec1be6efd8d0cb669fc9a07c4e7702149f0421425109c35a9cd041347677ccaed445c978296502e78a8","ssdeep":"","tlshash":"51600003030c0000c00000030c003000fc333c0c3c0c30000c0030000000f033cccf3c","size":17,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-05-31T21:28:39.680023Z","times_seen":20826,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c809887dc51fb5a7e73a3a98c3dd661c","sha1":"7d7574d4dcf1e06e2230379897c5df681ba603de","sha256":"1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085","sha512":"3a5e6abed1f1fa40c5d7d13b98d4e90d180f5913a673f10db23f40b1fe68a70de8e780c2633bb6f37745ce4aaf81707844817fa84baaa2b764a322831c298e7a","ssdeep":"","tlshash":"9b8000f00283008b08308f03230b3300b030200c30c032cf3038003c3002383bc030c0","size":32,"data":"","first_seen":"2023-03-07T01:03:05Z","last_seen":"2026-04-19T05:15:08.510411Z","times_seen":17900,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"epicplayplay.cfd/premiumtv/daddylive.php?id=940","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"epicplayplay.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 15:01:18 GMT","end":"Tue, 31 Mar 2026 15:59:53 GMT"},"fingerprint":{"sha1":"7E:97:56:F0:47:2F:8F:51:78:6E:38:ED:A0:72:AA:10:A1:6A:5E:96","sha256":"BB:3F:24:90:54:1B:10:56:FE:CC:4A:D6:3A:8A:2A:38:23:8F:F3:C5:D2:0C:D9:92:B1:8B:51:25:A8:DA:0F:F1"}}},"request":{"raw":"GET /premiumtv/daddylive.php?id=940 HTTP/1.1\r\nHost: epicplayplay.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-cacheable: YES, YES\r\nx-cache-status: MISS\r\nvideocdnx: NO\r\nnode: PHP\r\nservedby: PHPVX\r\ncache-control: public, max-age=30, immutable, no-transform\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OjWg3hC3pMOswkvofc51RfReaLyV3Y3KG%2BWzNotWFTysT0O26hwqwJdVr%2FvyfooVPNvcCPkPtAGuaLAeoyUYzHWW2HZfrQkOFtjKBtoCxH0%3D\"}]}\r\ncf-ray: 9b846c1df8d35a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":49182,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8595), with CRLF line terminators","md5":"10e770321f4389bf64c3eb6b6b962aa5","sha1":"255478c62616d9ac436d1a290ff60958c99f8f06","sha256":"34acd613b86c8360737448bb5628b16764f86224d8cddad6e7d0a07325c7057a","sha512":"4b0c87f6aead341bce558a255316f60b12c3e74356d1a0cd1db9d0d3ac2f2614f82831455b1ca06cb625fee05e817428db03926cf66b7e5be749eca7848c75dc","ssdeep":"768:44P1UiULcuYlKi/IC0zF5IiXp/ppN34D5oVLgPrK8z77pNTBCK1Xt+vDs+SYdJV9:TKif45f/ppN34ggPXplL3+XZvVlPlh/n","tlshash":"c323290168916436413792a49b33a119f4361d2f7342c2e6be9cda53aff5a68c472ffc","first_seen":"2026-01-03T18:05:38.756249Z","last_seen":"2026-01-03T18:05:38.756249Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":60,"dns":34,"connect":2,"send":0,"wait":33,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://daddylive4.click\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=300, immutable, stale-if-error=300, stale-while-revalidate=300\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":264,"timings":{"blocked":107,"dns":0,"connect":29,"send":0,"wait":37,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S1207991125%3A1767463506412057\u0026hl=en\u0026ifkv=Ac2yZaU7ekCIBTajcCLYTNjakF0EGZmVF472Euen50liqo-MIpVzNIPRXHG42yngqlVlAPBIo6GZ7g\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:08.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:09 GMT","end":"Wed, 25 Feb 2026 15:50:08 GMT"},"fingerprint":{"sha1":"70:35:5F:58:F3:50:B0:2A:0E:11:9A:FD:D4:67:00:94:17:0E:03:EF","sha256":"01:93:34:8C:59:AC:52:25:54:81:E8:50:E1:E9:8A:11:1F:3C:82:81:00:B2:90:35:17:5F:25:9C:C2:2D:D2:E2"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S1207991125%3A1767463506412057\u0026hl=en\u0026ifkv=Ac2yZaU7ekCIBTajcCLYTNjakF0EGZmVF472Euen50liqo-MIpVzNIPRXHG42yngqlVlAPBIo6GZ7g\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:08 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-WuEN_897o_xU7o1gDX5veA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.jam3aJYHpRA.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xadsmart.com/ontequsfuvrsjl?NMAKVDUh=BQNiAAAAAAAACZUAAsW3WndHR73rT4lxuN22NJDWNMFLkrumIahHbUE73AdBZplvGvRcMt9D_D9XaSUG8wG7TW41ZkAALVzFinwjcGqx6oeT8yrDBLz6ku6F8-_nkg_AmFUUwVv1bc9pX1bALgoX0u_gBrobtdYHVUAThlSXE8vcEf3RQR_0us_6Gyvx27flEiXjGGyrB9zKElfIHNblEsnic6-4fd1HYGFe0Dtkp6VOjPGmJFGVUVdQvQnWOVmgec7Kp6CxBIZZFeiPFQL6If1WwCLJW9dElOjfqPBy3dj6poVGcfdOGY_TZXJN4XT-DntvZ0eFPotj3DwPIAoZhBmW7CKIPOghHxg_JOi1ZYK1l2bcBEygNOZMl31huvH5WHYbcNCQ-2_O0xtTvyy1T2i4xYegd0_5TbDeHTwDxqZXBoQU6yt3r5ms1syGXfVqNB6bEwVyigtkUszHsaCRB2FAEAQvFQwSpL-KUyoWz3necDaa_D1al2yJSwzvUeyhPgpKl-Uf_YpgxMd_DNYLVOPjc7EQHZmItlVktmTgh9gPL_MD2d6nTNuj33VVmIfUffWvh2k9OXqF3juBcB2KIaX6WvA6oMXrki4Nn3EgEgtDAXgqhS6LwD4Wx3XGOKvoJdLHLs-vm68NNihY9CLdcAjXhbsO4wKezqvBUQpstg6OHuHYMRBWgFnE8vMGI-9hM30Doh4js0BYdYT1iGi7IiISq_2XgYBIxNNV8iu0ujyMrEO7YZXL3DH-IE__0SYfrKV82Hesc9Uin_APY38TX5cgVlGLjJ_H8SNBOyRPatD7VqXvu7InDbbngdQURYQ3Vm2NVr2BG9mbIlB_eDoS7l3r2t3JYMk10Yixo3-tFy-W0kzstccuEIQoNYskPEJ7eNXVCU3gFJtcVW9j-cMc-SnCS_h4PphPtgGKOap93-1UALqy355vDiEQEesQfZwhnX_Y8242xLMZGNDB-lfIkrIdfrUYl5VqfuhuSP1RIl5yZ36yVQcjYTrZo0mqIWmynXtXwzazZsI6Box73Mx3nzukRWZWwejQFFFtz9QNkcGWfMWw_O3GoK7gw3YAcZqDazCp2mo4ejx4YaGzTpPpL9lFe6-EeP9NOjwQtxJ6yzyTAwdInpxaiTa60dvyOjqixBv2Nd-LyiAbGN-WXA\u0026wBMqxKsW=4\u0026eFTPxOUK=5260641\u0026uQbITVpA=\u0026FdYUVgmD=0,0\u0026SrWMymJq=\u0026tVSJiwhe=\u0026ZCAzqwOa=1280,1024,1,1280,1024,0","fqdn":"xadsmart.com","domain":"xadsmart.com","tld":"com"},"ip":{"addr":"104.153.197.251","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:08.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xadsmart.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 04 Apr 2025 00:00:00 GMT","end":"Tue, 05 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"57:60:97:0C:DC:E6:0F:0D:1B:04:5B:46:03:77:64:46:88:C5:CF:87","sha256":"14:CD:91:C4:51:65:3A:E9:F5:6D:CB:BF:EF:86:31:A9:7F:DD:F9:17:57:48:89:78:CE:C4:29:EA:76:4F:04:DB"}}},"request":{"raw":"GET /ontequsfuvrsjl?NMAKVDUh=BQNiAAAAAAAACZUAAsW3WndHR73rT4lxuN22NJDWNMFLkrumIahHbUE73AdBZplvGvRcMt9D_D9XaSUG8wG7TW41ZkAALVzFinwjcGqx6oeT8yrDBLz6ku6F8-_nkg_AmFUUwVv1bc9pX1bALgoX0u_gBrobtdYHVUAThlSXE8vcEf3RQR_0us_6Gyvx27flEiXjGGyrB9zKElfIHNblEsnic6-4fd1HYGFe0Dtkp6VOjPGmJFGVUVdQvQnWOVmgec7Kp6CxBIZZFeiPFQL6If1WwCLJW9dElOjfqPBy3dj6poVGcfdOGY_TZXJN4XT-DntvZ0eFPotj3DwPIAoZhBmW7CKIPOghHxg_JOi1ZYK1l2bcBEygNOZMl31huvH5WHYbcNCQ-2_O0xtTvyy1T2i4xYegd0_5TbDeHTwDxqZXBoQU6yt3r5ms1syGXfVqNB6bEwVyigtkUszHsaCRB2FAEAQvFQwSpL-KUyoWz3necDaa_D1al2yJSwzvUeyhPgpKl-Uf_YpgxMd_DNYLVOPjc7EQHZmItlVktmTgh9gPL_MD2d6nTNuj33VVmIfUffWvh2k9OXqF3juBcB2KIaX6WvA6oMXrki4Nn3EgEgtDAXgqhS6LwD4Wx3XGOKvoJdLHLs-vm68NNihY9CLdcAjXhbsO4wKezqvBUQpstg6OHuHYMRBWgFnE8vMGI-9hM30Doh4js0BYdYT1iGi7IiISq_2XgYBIxNNV8iu0ujyMrEO7YZXL3DH-IE__0SYfrKV82Hesc9Uin_APY38TX5cgVlGLjJ_H8SNBOyRPatD7VqXvu7InDbbngdQURYQ3Vm2NVr2BG9mbIlB_eDoS7l3r2t3JYMk10Yixo3-tFy-W0kzstccuEIQoNYskPEJ7eNXVCU3gFJtcVW9j-cMc-SnCS_h4PphPtgGKOap93-1UALqy355vDiEQEesQfZwhnX_Y8242xLMZGNDB-lfIkrIdfrUYl5VqfuhuSP1RIl5yZ36yVQcjYTrZo0mqIWmynXtXwzazZsI6Box73Mx3nzukRWZWwejQFFFtz9QNkcGWfMWw_O3GoK7gw3YAcZqDazCp2mo4ejx4YaGzTpPpL9lFe6-EeP9NOjwQtxJ6yzyTAwdInpxaiTa60dvyOjqixBv2Nd-LyiAbGN-WXA\u0026wBMqxKsW=4\u0026eFTPxOUK=5260641\u0026uQbITVpA=\u0026FdYUVgmD=0,0\u0026SrWMymJq=\u0026tVSJiwhe=\u0026ZCAzqwOa=1280,1024,1,1280,1024,0 HTTP/1.1\r\nHost: xadsmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npopads-node: wb9\r\naccess-control-allow-origin: *\r\nasf: 9\r\npopads-ec: ASB\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-length: 44\r\ndate: Sat, 03 Jan 2026 18:05:09 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d5f0a25e4d3522d56d48ce7bc3e518fb","sha1":"86794caff58f7fee6e684c2ba7195f970a8d6f4c","sha256":"9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5","sha512":"a3a81801f516a4eb11f00d6f56dab0ed4b8a79219e6b4f5436993479f09dae08f14cffbab3327ff66fb39201d8eba1153ae7114f7705a01cc6f0edf840ef1616","ssdeep":"","tlshash":"789002801814116115d1500b8d5159d01259b1a4540801324446ca502dc7883a415774","first_seen":"2023-03-07T01:17:45Z","last_seen":"2026-06-01T17:40:06.741929Z","times_seen":24614,"resource_available":true,"data":null}},"time_used":1032,"timings":{"blocked":413,"dns":1,"connect":142,"send":0,"wait":165,"receive":1,"ssl":306},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/puclc?tmpl=70\u0026bv=25.12.4806\u0026plk=9ff35b0cd63b95f2925204c4dd0a79c3","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:50:13 GMT","end":"Sun, 29 Mar 2026 00:50:12 GMT"},"fingerprint":{"sha1":"B6:89:38:EE:EF:1E:F1:A0:93:51:BB:7A:F2:13:F5:DF:8C:9B:8F:F7","sha256":"74:22:2C:3F:1E:A6:04:C8:AD:7C:D8:B4:13:57:A5:95:EF:83:FA:28:18:BC:F3:BD:38:93:CB:DA:4B:30:3F:8A"}}},"request":{"raw":"GET /pixel/puclc?tmpl=70\u0026bv=25.12.4806\u0026plk=9ff35b0cd63b95f2925204c4dd0a79c3 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:05 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/2/21/Speaker_Icon.svg","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.59.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 07:10:52 GMT","end":"Sat, 14 Mar 2026 07:10:51 GMT"},"fingerprint":{"sha1":"2F:5C:84:59:D5:30:00:E0:37:A2:1D:EB:D0:9C:0C:C7:A4:17:88:77","sha256":"F5:68:C5:ED:48:C7:A4:1A:86:BA:C6:95:8C:B8:7B:F5:F6:0D:EE:3E:CF:94:35:A3:03:3F:5B:20:B8:51:8B:33"}}},"request":{"raw":"GET /wikipedia/commons/2/21/Speaker_Icon.svg HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:06:15 GMT\r\nserver: ATS/9.2.11\r\netag: W/1e965f9ca6bac55c4bfece8dabe6fa47\r\ncontent-type: image/svg+xml\r\nx-object-meta-sha1base36: rcosig5pk1fefnugtbiewl19zhtt86j\r\nlast-modified: Wed, 28 Aug 2019 18:11:18 GMT\r\ncontent-encoding: gzip\r\nage: 17930\r\naccept-ranges: bytes\r\nx-cache: cp3076 hit, cp3076 hit/7856\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp3076\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 91.90.42.154\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\nset-cookie: WMF-Uniq=itKrxMWiMXkY1zhA8sn2JwLdAAAAAFvdFgiwq-hHnAE0wvCi3VISKgXrNH4Y7LUM;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Sun, 03 Jan 2027 00:00:00 GMT\r\ncontent-length: 328\r\nx-request-id: 9bb840b3-47ea-4ba4-9059-be28618a6716\r\nx-analytics: \r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":514,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e965f9ca6bac55c4bfece8dabe6fa47","sha1":"ea28e0f6d1a42bd7f2ab416bcf2a9fd0dde55fab","sha256":"70e589ae4b79586ddd4eadd1ac8b501d64ab0433c2038c92e945fbb6195ad7a9","sha512":"ac5cba3ff4bd990c24695203c88c8b444051059398c8d7b53c8dd87bbe4d2693000a2b2e502bcfc0dee7b745b01a580c9dba3cf362337003626f9e18394fed75","ssdeep":"","tlshash":"53f0591d83865c3ea0628b148750f90963bb5552a672f394cebd1b7325171d450bbaec","first_seen":"2024-06-21T01:55:05Z","last_seen":"2026-04-19T15:29:45.160483Z","times_seen":1036,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":558,"dns":4,"connect":26,"send":0,"wait":26,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kzt2afc1rp52.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 22:13:37 GMT","end":"Mon, 02 Mar 2026 22:13:36 GMT"},"fingerprint":{"sha1":"50:C7:67:7D:BA:F1:12:EB:1F:AA:1B:F8:B9:E8:03:5A:12:3C:84:D2","sha256":"CD:CB:DE:73:B2:E7:C9:1D:5C:9E:A3:37:51:9B:9D:45:00:A0:0B:BE:29:AD:B7:58:98:90:1B:63:E7:39:40:EC"}}},"request":{"raw":"GET /9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js HTTP/1.1\r\nHost: kzt2afc1rp52.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38056\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: kzt2afc1rp52.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 95796f1fad6c5f229ab3621c10b1a7d0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106824,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"364c3a7c2ee385c62b62d1eb0d1a2bac","sha1":"aec36616a986bbddf4922bb3b0e772c06605f2de","sha256":"c68ccf6fea4c7ca129a1a67d56d514a3749dbef0d56adee206e73105209e0c13","sha512":"6deb4fb96483a992477ee5f8824cd96c9884e94e93a672aaa2c8623db8532273eed81d2f526f029a2ed9b99fee1c8e32f26ec925db94ad14f8b806cf8731e0af","ssdeep":"3072:EDR17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGews5:EDRw194Lws5","tlshash":"c0a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2025-12-28T16:33:02.089637Z","last_seen":"2026-01-25T20:17:55.561254Z","times_seen":7,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4.adsco.re:2087/","fqdn":"4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":2087,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: text/plain;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Methods: GET, HEAD, OPTIONS\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Origin: https://daddylive4.click\r\nAccess-Control-Expose-Headers: *\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: private, max-age=300, immutable, stale-if-error=300, stale-while-revalidate=300\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":80,"dns":1,"connect":28,"send":0,"wait":30,"receive":3,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1493785765%3A1767463506494290\u0026hl=en\u0026ifkv=Ac2yZaX8DiRA7CTV2GMBYnrr-CwVY4X8s-287potwKRgEf5s5bJbR3dc4dDTFjBzoPOmUCw0AlYM1Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:08.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:09 GMT","end":"Wed, 25 Feb 2026 15:50:08 GMT"},"fingerprint":{"sha1":"70:35:5F:58:F3:50:B0:2A:0E:11:9A:FD:D4:67:00:94:17:0E:03:EF","sha256":"01:93:34:8C:59:AC:52:25:54:81:E8:50:E1:E9:8A:11:1F:3C:82:81:00:B2:90:35:17:5F:25:9C:C2:2D:D2:E2"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1493785765%3A1767463506494290\u0026hl=en\u0026ifkv=Ac2yZaX8DiRA7CTV2GMBYnrr-CwVY4X8s-287potwKRgEf5s5bJbR3dc4dDTFjBzoPOmUCw0AlYM1Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:08 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-JqMtVmDzaE4LZeV7xdv_ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.gstatic.com/recaptcha/ https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.jam3aJYHpRA.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ukankingwithea.com/","fqdn":"ukankingwithea.com","domain":"ukankingwithea.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ukankingwithea.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 14:41:35 GMT","end":"Sat, 21 Mar 2026 15:38:12 GMT"},"fingerprint":{"sha1":"F5:49:6B:45:9A:B4:87:30:F2:34:12:BC:49:A1:48:31:A2:B6:9B:7F","sha256":"55:CC:57:AE:F5:9A:5C:FB:E7:85:83:CD:13:37:E9:19:A2:79:01:68:7B:D7:7F:4B:80:61:9B:7D:C8:9A:17:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ukankingwithea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: csu=1840459716833584@1@1767463506; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://daddylive4.click\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hIZt%2BxrQaTNfq9WL9xGvWI3yBl%2F5O8axQVmNhh11MClE%2BAynrj4PeyRRHOlbyR3%2F6MGU2z3%2Bie9PBU8Wg9ZKqpxI6SHFC%2FJBVB7BdKoXlUU%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9b846c230a9756b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"37cf97ffead5e3cec979ca23c6f35268","sha1":"d0b19075cd9b3a333675cea12296a163dcfb49f7","sha256":"077d89e2eb4587895b80c8c15c0f637c610c7067c80a53cd47129817b279408d","sha512":"b11695224a27a14196d5816380cfba8e4c685bf4f0a54de6be4009fd017215b82db557d90d9b92e5d668bff0bfda7319026d8df6aea666f0f3014be65b56cd88","ssdeep":"","tlshash":"788000c02203c28b03803aa0c0883008c20c22838e20280230aa02b208830288c0230c","first_seen":"2026-01-03T18:05:38.773574Z","last_seen":"2026-01-03T18:05:38.773574Z","times_seen":1,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":47,"dns":33,"connect":1,"send":0,"wait":149,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"ukankingwithea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re:2087/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.83.77","port":2087,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re:2087\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 9b846c240ae72efa-OSL\r\naccess-control-allow-origin: https://daddylive4.click\r\ncache-control: private, max-age=300, immutable, stale-if-error=300, stale-while-revalidate=300\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":2087\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":63,"dns":18,"connect":5,"send":0,"wait":9,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x7i0.com/tag.min.js","fqdn":"x7i0.com","domain":"x7i0.com","tld":"com"},"ip":{"addr":"139.45.195.12","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"x7i0.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 05:11:27 GMT","end":"Wed, 04 Mar 2026 05:11:26 GMT"},"fingerprint":{"sha1":"14:77:2C:D5:C8:69:E2:EA:97:D1:53:2B:C9:3D:84:C5:41:25:53:E0","sha256":"FD:43:E2:10:79:04:11:D2:A4:2E:C6:D9:FC:A2:35:7E:62:29:C6:EF:AE:E8:17:F6:03:BB:46:5F:31:D8:6E:6C"}}},"request":{"raw":"GET /tag.min.js HTTP/1.1\r\nHost: x7i0.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 18:05:04 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 20892767ce78abba7045d0a320bfc6f9\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112425,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b105ae11aaf0b47395b2000405b0c592","sha1":"3c1e064f7f5914d976f4a81aea09018b88252773","sha256":"59f1a5a724edcb7907d7734c94ea7893e3c0153854847a1dde214f8c71339e9a","sha512":"3e3a9f1b04582013f15fe140f1aeee984bf74299ec944c6d5752bcd8a14db371f03a7f7f3002eee365d2b98a80791f2a0dc2b380001c80928295458d02be6190","ssdeep":"3072:tXki1TG8YlAVCzIqwL76WJHpYx85/MVzUL:6WTGvlwqw5JJdQza","tlshash":"3ab3295673a277d21a6e60d42d57d60573fd8c80488f8867e3c8787972d081cd3abbea","first_seen":"2025-12-18T15:53:40.958967Z","last_seen":"2026-01-08T02:23:09.116351Z","times_seen":241,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":85,"dns":27,"connect":27,"send":0,"wait":52,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ltszhyysre9h.s4.adsco.re/","fqdn":"ltszhyysre9h.s4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"185.200.116.60","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.s4.adsco.re","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 09:14:21 GMT","end":"Wed, 11 Feb 2026 09:14:20 GMT"},"fingerprint":{"sha1":"7A:03:26:53:17:4A:DA:4B:6B:97:17:4A:3D:39:18:9E:5A:E0:99:3D","sha256":"BC:B6:01:45:97:52:31:7E:50:44:A4:6C:B3:E7:A3:3D:8E:5A:1E:32:79:2D:E0:BF:94:ED:5C:36:3A:0D:94:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ltszhyysre9h.s4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:07 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Tue, 03 Oct 2023 13:29:59 GMT\r\netag: \"651c1757-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":1091,"timings":{"blocked":-1,"dns":340,"connect":184,"send":0,"wait":192,"receive":0,"ssl":375},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/blast.js","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"epicplayplay.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 15:01:18 GMT","end":"Tue, 31 Mar 2026 15:59:53 GMT"},"fingerprint":{"sha1":"7E:97:56:F0:47:2F:8F:51:78:6E:38:ED:A0:72:AA:10:A1:6A:5E:96","sha256":"BB:3F:24:90:54:1B:10:56:FE:CC:4A:D6:3A:8A:2A:38:23:8F:F3:C5:D2:0C:D9:92:B1:8B:51:25:A8:DA:0F:F1"}}},"request":{"raw":"GET /blast.js HTTP/1.1\r\nHost: epicplayplay.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/premiumtv/daddylive.php?id=940\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Thu, 17 Oct 2024 06:47:40 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\ncache-control: public, max-age=31536000, immutable\r\nexpires: Thu, 17 Dec 2026 18:33:20 GMT\r\nage: 1467105\r\ncf-cache-status: HIT\r\netag: W/\"6710b30c-13040\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NkHxrEbCwfu6v12QCuSJyf4B6vsh7kuQ2VH2QW2ew6F%2FAS9zXVb6UNN0Pfoncf52GGTkX0JSOTLS2OL59Sf4nW5ilfgicPZySipbXOr%2FsR4%3D\"}]}\r\ncf-ray: 9b846c250b00120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"091faec928970e76d37a3601c19fcf8a","sha1":"6441e8eebe90eb8d4a40e7c25440ff99caba3520","sha256":"eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12","sha512":"0065b4e5167b85abb85d4af6be22853d1ea16e9c0d5420173f356dd7a980374487405d8561a4a5df32dd68d2956af6c7a3f099776994e2cf6a3b0eb8df1c3277","ssdeep":"1536:HnyiwA6dLK4I7T8IVCJ0Xiyu/lpvd7TN8+Prp2s:HnyiwFLzI7AeSymrpTNZrpN","tlshash":"16732ec177d5bc8212872b77731bb1e6e82a9dd87188488ef104bc90f4bda12fae4575","first_seen":"2023-03-08T14:53:38Z","last_seen":"2026-05-30T19:04:26.654571Z","times_seen":1597,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/?jrcmd=1197197","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /?jrcmd=1197197 HTTP/1.1\r\nHost: d3m6crjuedf6o.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 79094\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\ndate: Sat, 03 Jan 2026 17:46:48 GMT\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 6a7eeeb375db56eafe74d447721ccbb8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ck5BRrvAYMxjI5lkAUZYK1fe_YkSqKWMxoLZgQw-bAwV-K3d90BzlA==\r\nage: 1096\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":232302,"size_decoded":0,"mime_type":"text/plain","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)","md5":"d1f934c0c8dbaa7b1232193d91b015c3","sha1":"da36c1a812685834469ae214e95fbae9f76685e4","sha256":"4c276d995b06b58cdb4ad5b415b56863745bc327c45569255af58fb14fd1f7e5","sha512":"7e1bc23e0a422ab10c3fccd87dcc01be9d51648d4cda3b435ddfae88ee0f062772a63f0ba72ac5ace85509c3c3f1e272097e8d0547dae0b0794631756de4a51c","ssdeep":"3072:XBUNP5+Ya/06R42Da7oV6+53UOng7L9vN9M+Zc53+Zc0M8Eo:XuNR+t/06G2D02cZU3+iAr","tlshash":"aa344cc9ba923429836374f540bf124ab23f5a69b8084dd4f496d4d07db8d4a437bfac","first_seen":"2026-01-03T17:47:12.056052Z","last_seen":"2026-01-03T18:05:38.780305Z","times_seen":2,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":36,"dns":26,"connect":2,"send":0,"wait":26,"receive":3,"ssl":7},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"d3m6crjuedf6o.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torealiukzemydr.org/T2hWdVNgVzUGbhkvA0cKITo9LQIVPQQiYhsqOjMRFgQhNAUkC3ABOitVZ0RqeFlvQnU/ATJIYmkbIhQnOhtrRHUmBjAabmkea0R9fFx4RmVhX3AAbn5OIgUyKFVnUyM7HDpIYnheYUFlfF1mQGF+Xg","fqdn":"torealiukzemydr.org","domain":"torealiukzemydr.org","tld":"org"},"ip":{"addr":"104.21.3.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torealiukzemydr.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Dec 2025 16:32:37 GMT","end":"Wed, 04 Mar 2026 17:29:41 GMT"},"fingerprint":{"sha1":"E4:88:98:0C:79:8A:86:67:9B:27:C3:69:5F:77:A4:65:E6:18:C9:F3","sha256":"6F:A1:4B:E2:F8:C7:BF:1C:EE:EA:6D:4F:44:EA:A3:8C:6C:8B:11:75:C8:28:F1:EA:BF:9D:32:1A:85:10:12:55"}}},"request":{"raw":"GET /T2hWdVNgVzUGbhkvA0cKITo9LQIVPQQiYhsqOjMRFgQhNAUkC3ABOitVZ0RqeFlvQnU/ATJIYmkbIhQnOhtrRHUmBjAabmkea0R9fFx4RmVhX3AAbn5OIgUyKFVnUyM7HDpIYnheYUFlfF1mQGF+Xg HTTP/1.1\r\nHost: torealiukzemydr.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k7XdEDTUv93JXYzRCLHRQRPpLxOM2Oi6i%2BVZ%2Frek%2F7ybIU%2FMwG5BayZvmqeIvw1C1fK1znJq4RNKGxDyS355Vjnn29TeMPnY5Rcp2ndNBCqH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9b846c1c08780b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":66,"dns":34,"connect":1,"send":0,"wait":124,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"torealiukzemydr.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torealiukzemydr.org/b2VlcGVAWgYDWAshCUMGJzMhNDA1JDQ1ICY3Dj4kOyQjNTRfVUMEDAtYVEJVWlNSRUMfDAFNVFdDFgQEGxAWTVRJDAsWClJDE01UQVVLQktaQxBNVEkRFRECUlRDABEbCVhBUllSUUZWWlVQQldc","fqdn":"torealiukzemydr.org","domain":"torealiukzemydr.org","tld":"org"},"ip":{"addr":"104.21.3.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torealiukzemydr.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Dec 2025 16:32:37 GMT","end":"Wed, 04 Mar 2026 17:29:41 GMT"},"fingerprint":{"sha1":"E4:88:98:0C:79:8A:86:67:9B:27:C3:69:5F:77:A4:65:E6:18:C9:F3","sha256":"6F:A1:4B:E2:F8:C7:BF:1C:EE:EA:6D:4F:44:EA:A3:8C:6C:8B:11:75:C8:28:F1:EA:BF:9D:32:1A:85:10:12:55"}}},"request":{"raw":"GET /b2VlcGVAWgYDWAshCUMGJzMhNDA1JDQ1ICY3Dj4kOyQjNTRfVUMEDAtYVEJVWlNSRUMfDAFNVFdDFgQEGxAWTVRJDAsWClJDE01UQVVLQktaQxBNVEkRFRECUlRDABEbCVhBUllSUUZWWlVQQldc HTTP/1.1\r\nHost: torealiukzemydr.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IKZ3lXKSONv7N7pqYoxrwpoeMnpVHWHJia1ur9h%2FGj6Uh%2FmZJ7LHOnHFWRju8kegO9eRdpUsGpGUfA4zOMAegcS%2Fjm0ITG6DojrE0Wm%2FdCzr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9b846c1c28960b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":38,"dns":6,"connect":1,"send":0,"wait":149,"receive":1,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"torealiukzemydr.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest/disable-devtool.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/disable-devtool@latest/disable-devtool.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6646\r\ncf-ray: 9b846c210ad8120a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.9\r\nx-jsd-version-type: version\r\netag: W/\"4514-YJEJ2C3rDH3T2dISgI3LoFSM49E\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230057-FRA, cache-bma-essb1270062-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 8810\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=RMEAa9IJG28VctRuTdmlSb54n6rwMBxywLFb0ssS8C%2BscR1DlRornb4%2BNQk8PfipxLQr%2FNwWCCvWNLmhLNAS0JZ0wLf%2BNVX8Ed1OoHwIo3pFVvtEM0nWxuhOdNZ1jMbKVmw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17684,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17663)","md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-06-01T16:40:15.865634Z","times_seen":4264,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":57,"connect":6,"send":0,"wait":8,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ltszhyysre9h.n4.adsco.re/","fqdn":"ltszhyysre9h.n4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"38.132.109.126","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.n4.adsco.re","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 09:14:20 GMT","end":"Wed, 11 Feb 2026 09:14:19 GMT"},"fingerprint":{"sha1":"FB:34:12:01:B6:D1:B3:BD:9C:64:10:4B:29:6B:C7:44:FD:21:82:69","sha256":"D8:BD:52:A0:9E:11:2A:7E:51:D4:43:1D:9D:F7:F0:66:68:70:DF:0B:20:4A:38:60:4C:B5:37:82:2C:42:01:6B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ltszhyysre9h.n4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Fri, 16 Jun 2023 08:37:42 GMT\r\netag: \"648c1f56-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":882,"timings":{"blocked":394,"dns":124,"connect":90,"send":0,"wait":89,"receive":0,"ssl":181},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1207991125:1767463506412057\u0026ifkv=Ac2yZaVpzkxk7d-b0dgp0Ymc4NDBDgSSJYwFcDW4XHO9ppAPo3GTURjdYKRx7roeTTPDlG6qXxm6Xw","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:07.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:09 GMT","end":"Wed, 25 Feb 2026 15:50:08 GMT"},"fingerprint":{"sha1":"70:35:5F:58:F3:50:B0:2A:0E:11:9A:FD:D4:67:00:94:17:0E:03:EF","sha256":"01:93:34:8C:59:AC:52:25:54:81:E8:50:E1:E9:8A:11:1F:3C:82:81:00:B2:90:35:17:5F:25:9C:C2:2D:D2:E2"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1207991125:1767463506412057\u0026ifkv=Ac2yZaVpzkxk7d-b0dgp0Ymc4NDBDgSSJYwFcDW4XHO9ppAPo3GTURjdYKRx7roeTTPDlG6qXxm6Xw HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:ovFV2U_fltR5LTNmkLdo9_vSKmjn8Q:VqqHwI9dPo903Mt8;Path=/;Expires=Mon, 03-Jan-2028 18:05:07 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:07 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026dsh=S1207991125%3A1767463506412057\u0026hl=en\u0026ifkv=Ac2yZaU7ekCIBTajcCLYTNjakF0EGZmVF472Euen50liqo-MIpVzNIPRXHG42yngqlVlAPBIo6GZ7g\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-MQftZks7eBZUOHFcPJAF_g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 417\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T18:05:03.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylive4.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Dec 2025 17:13:27 GMT","end":"Thu, 12 Mar 2026 18:10:35 GMT"},"fingerprint":{"sha1":"40:9A:3B:34:D8:6B:50:D4:BB:13:FA:5C:2D:E2:A6:7F:CE:C2:4D:40","sha256":"BA:0F:DB:6E:8C:95:45:C0:C5:67:90:43:87:0F:25:5F:EF:2D:CF:9B:30:1B:01:70:A2:36:48:5C:8E:26:AF:AE"}}},"request":{"raw":"GET /live/stream-940.php HTTP/1.1\r\nHost: daddylive4.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mh%2F5uvMrU%2BxPPC7whKcwgfFBTuxxs5PEkNTeVdXe2NcmLEIliHUxp0fEeIs%2FU%2BNKgFgsEPnfxjYGlsN9%2BsKokx3COqEkSxzf7dhIYEzi\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b846c132ff556bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"C3.js","description":"D3 based reusable chart library","website":"https://c3js.org/","common_platform_enumeration":"","icon":"C3.js.png","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":651614,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (64504)","md5":"1d9023513a1d104315146fbf8ad805b4","sha1":"2a873c459b046c44f78ba52022c9f1fe8eb25b43","sha256":"2aea6cc216db2ab816bb1e44078bd5891f9667cf167dcb9387bd87876634369f","sha512":"62d30082633ac7220042bac2ae03103aa45f6ac31af708862ec1726f47be0e5fe19a4c6af7222f03ddd86c668ed600913397db83277ec0f91682a226ee852a33","ssdeep":"12288:NdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkN:NHtbhM40/0RRIZDFObnpe9AUTpKWZVaN","tlshash":"00d4611837845986371b4ebb733fa5d1e40b38da7609488ff6087c65a1965a3fbe8331","first_seen":"2026-01-03T18:05:38.78607Z","last_seen":"2026-01-03T18:05:38.78607Z","times_seen":1,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":38,"dns":18,"connect":1,"send":0,"wait":212,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:51:40 GMT","end":"Sun, 29 Mar 2026 00:51:39 GMT"},"fingerprint":{"sha1":"F3:CE:FF:C9:F8:70:23:18:40:13:70:96:1A:D1:FD:34:D3:CD:66:FC","sha256":"07:8C:A3:3F:1D:F1:E0:75:3D:26:20:F5:D5:75:64:CE:F7:40:6E:B7:BB:B9:EC:79:33:27:5F:51:2E:B0:12:E7"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ca6756f55f59edef9ccfc1111edb8d4d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":219,"dns":176,"connect":21,"send":0,"wait":18,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/c.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.4.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waust.at","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Dec 2025 19:37:15 GMT","end":"Sun, 15 Mar 2026 20:37:11 GMT"},"fingerprint":{"sha1":"65:98:57:1D:D0:E1:C6:FD:D4:EA:FE:DC:DD:B7:64:B6:6F:BC:2D:3E","sha256":"73:94:A9:0B:3C:AC:A5:A2:4B:D1:6F:F3:A7:32:53:C1:6F:62:A5:D7:51:1D:50:84:CB:3B:AB:DB:1B:B3:78:23"}}},"request":{"raw":"GET /c.js HTTP/1.1\r\nHost: waust.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Wed, 17 Dec 2025 22:03:12 GMT\r\netag: W/\"694328a0-2db8\"\r\nexpires: Sun, 04 Jan 2026 17:58:49 GMT\r\ncache-control: max-age=86400\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 376\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HUPHD%2B1tU7nwPj8OqL8TQXxC%2BSwTcU4vAPdhzlEo6s1RArZRGQ0J8FhqA%2F1UWlLWATzfxdIS086iVYu4W0auWhCBOU8J0cs%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9b846c2168e18be6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11704,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (11704), with no line terminators","md5":"530782c5a9f2e54753e0bc231ae9d46c","sha1":"75cd71ba9148c556f6e216ee9f8a1cedc03c154b","sha256":"95b4c9194652bc6107784e7198a02d381e630eb404accc3ef2ee0ac2c81c38cc","sha512":"09d2b567dff41a0f2b6555e3c48ab2bcc835ac514364b4263f80e3c30abd92ec78041284b7b9804e98c42c885a3e20836ac9063f1b588970472443ff049011b1","ssdeep":"192:l7pBK4BQM5iClA7y1w65jqc4izncX9HVvW2kdjxWybsmm29NBm2/MVpd:l7pBK4BQB9W1wC4bN1wdjxWybsmm2420","tlshash":"f3323d55221b18b6a7ff50d9252f73067030953aaf4a91519066c0bc367de0f50fbeb6","first_seen":"2025-11-29T06:12:12.624589Z","last_seen":"2026-06-01T18:12:28.201236Z","times_seen":533,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":102,"connect":5,"send":0,"wait":5,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/clappr/hlsjs-playback.min.js?ssss","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"epicplayplay.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 15:01:18 GMT","end":"Tue, 31 Mar 2026 15:59:53 GMT"},"fingerprint":{"sha1":"7E:97:56:F0:47:2F:8F:51:78:6E:38:ED:A0:72:AA:10:A1:6A:5E:96","sha256":"BB:3F:24:90:54:1B:10:56:FE:CC:4A:D6:3A:8A:2A:38:23:8F:F3:C5:D2:0C:D9:92:B1:8B:51:25:A8:DA:0F:F1"}}},"request":{"raw":"GET /clappr/hlsjs-playback.min.js?ssss HTTP/1.1\r\nHost: epicplayplay.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/premiumtv/daddylive.php?id=940\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 29 Nov 2025 17:16:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"692b2a79-9ec9b\"\r\nexpires: Sun, 27 Dec 2026 15:13:17 GMT\r\ncache-control: public, max-age=31536000, immutable\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 615108\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=07%2FOiQTo%2B22Au6cIUjflBww%2FP7487EqYmBWkpwCTsmfOVxpsCL6YFqefKf0RnOO7Vc5YXeI2aMa2%2BdQVaW1JzUZBDMTW5EirHEdPHAXHX%2BM%3D\"}]}\r\ncf-ray: 9b846c207a45120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":650395,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"df4f7c3429df55166fb49a1671742521","sha1":"370ef8807736dcc58cf5d79d4cbac1ee02df4cd8","sha256":"488713d3fc944220c9e8bd61bf84e5e41324045a6b86ef356e46bf0729021fdd","sha512":"4dee10ccd94be4f2ef4834186f6283459950407eb348c9c60ce8cb4ef9e028caaa5d74918eafdf7d386e3c285c589b1629be1d4adc923ab55a4748b3363fa14f","ssdeep":"12288:1cYa6S5MfGwtvhtnmuQNkLf0gKD0sPJCLAqKs9:1cj6S5WGwtvhtnmuukLf0gKDNQLA3s9","tlshash":"c3d44ce932d6a02687d1a5da543a4212b3397d0b3408c09cf93efddb2d69949b07bf74","first_seen":"2025-10-24T18:53:04.551122Z","last_seen":"2026-05-31T22:19:56.421401Z","times_seen":325,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:32 GMT","end":"Wed, 25 Feb 2026 15:57:31 GMT"},"fingerprint":{"sha1":"F5:06:14:04:6B:D5:32:C9:BA:A9:B4:13:02:C3:F0:62:2A:24:BC:90","sha256":"D8:34:74:17:27:E1:E2:E3:A9:BB:5D:58:F5:DB:40:51:4E:6C:34:33:BF:88:83:62:03:97:DC:4B:FB:67:B5:45"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:qJCIljen8BVtxNOQ1-DNBFc9TL3DMw:C4JkQVLJ5A1tsBvw; Expires=Mon, 03-Jan-2028 18:05:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026dsh=S1207991125:1767463506412057\u0026ifkv=Ac2yZaVpzkxk7d-b0dgp0Ymc4NDBDgSSJYwFcDW4XHO9ppAPo3GTURjdYKRx7roeTTPDlG6qXxm6Xw\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: script-src 'nonce-izSg0NPMBsYev0HnRtu4cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: unsafe-none\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":56,"dns":0,"connect":18,"send":0,"wait":25,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kzt2afc1rp52.com/9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js","fqdn":"kzt2afc1rp52.com","domain":"kzt2afc1rp52.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kzt2afc1rp52.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 22:13:37 GMT","end":"Mon, 02 Mar 2026 22:13:36 GMT"},"fingerprint":{"sha1":"50:C7:67:7D:BA:F1:12:EB:1F:AA:1B:F8:B9:E8:03:5A:12:3C:84:D2","sha256":"CD:CB:DE:73:B2:E7:C9:1D:5C:9E:A3:37:51:9B:9D:45:00:A0:0B:BE:29:AD:B7:58:98:90:1B:63:E7:39:40:EC"}}},"request":{"raw":"GET /9f/f3/5b/9ff35b0cd63b95f2925204c4dd0a79c3.js HTTP/1.1\r\nHost: kzt2afc1rp52.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38119\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: kzt2afc1rp52.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a0bcdc4ab90f33d8e13ddc3492d22cfc\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106830,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"57f4b109276130a100c6feb3c82ca4a2","sha1":"8d881955992fa0ee1fb8e230a8183570292b5294","sha256":"c23d7a815e5dbbd8fa37ffdb9672cb316388daa36a057e44a5148c58f9cf7796","sha512":"af3e6bc7d899ab2866ce9ea03e7aa44a75b6d41f3484c0d9d21c10238b372d07e15a8c46c09eb88e2a6684529a851a4355fcb8b27ccdf56947e7978af43f0278","ssdeep":"3072:EHR17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGews5:EHRw194Lws5","tlshash":"2ea3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2025-12-27T14:47:22.823658Z","last_seen":"2026-01-03T18:05:38.792716Z","times_seen":3,"resource_available":true,"data":null}},"time_used":779,"timings":{"blocked":290,"dns":14,"connect":93,"send":0,"wait":100,"receive":92,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"kzt2afc1rp52.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\nage: 2192560\r\nx-served-by: cache-lga21931-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 71, 641702\r\nx-timer: S1767463506.160228,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-01T18:08:30.905138Z","times_seen":476505,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":65,"connect":27,"send":0,"wait":26,"receive":15,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ltszhyysre9h.l4.adsco.re/","fqdn":"ltszhyysre9h.l4.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"185.200.118.62","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.l4.adsco.re","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 09:14:30 GMT","end":"Wed, 11 Feb 2026 09:14:29 GMT"},"fingerprint":{"sha1":"44:4A:2D:C5:7F:AC:E8:4E:70:9B:91:5D:F6:AE:99:5F:66:18:51:46","sha256":"3B:1C:F2:20:1E:BC:6C:00:04:8F:3E:30:B9:AC:DE:26:B1:D4:73:CB:C2:6F:2F:F4:1C:E8:C4:A5:FD:38:8D:68"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ltszhyysre9h.l4.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlast-modified: Fri, 02 Jun 2023 14:03:32 GMT\r\netag: \"6479f6b4-0\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":143,"dns":67,"connect":27,"send":0,"wait":28,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adsco.re/p","fqdn":"adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"162.252.214.5","port":443,"asn":53334,"as":"TUT-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:07.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_256_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"POST /p HTTP/1.1\r\nHost: adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 2406\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 18:05:08 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAS-P-1: OK lon123\r\nAS-P-2: OK\r\nAS-P-3: OK\r\nAccess-Control-Max-Age: 2592000\r\nCache-Control: no-transform\r\nAccept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR\r\nAccess-Control-Allow-Origin: https://daddylive4.click\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1170,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (1170), with no line terminators","md5":"47c1c86f104e0455184b942de98dbdf3","sha1":"2867d3ae933c66212169b23f981e77f067212560","sha256":"749dedee05bac7042ba611c755de8b75189efcfa346155c59949d03adf88f470","sha512":"120ae7c0f8224a832096e9c7e5add1a1406ec226926a7ad967909fee55de2385ee9b6fe35952ce2721d883ed7ca3167e156c3c5719d5283476170ffd1030636f","ssdeep":"","tlshash":"c32106ba300e8618a575fe332cc3809c8edff44acd8e4ec9f17098421017a2629b204e","first_seen":"2026-01-03T18:05:38.797289Z","last_seen":"2026-01-03T18:05:38.797289Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":72,"dns":1,"connect":25,"send":0,"wait":51,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.5455836194782087\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 12:57:52 GMT","end":"Tue, 10 Mar 2026 13:56:16 GMT"},"fingerprint":{"sha1":"77:2A:71:0C:1C:F9:2B:14:04:DB:13:5F:A6:57:67:6D:B3:A9:A0:95","sha256":"E0:53:FF:DF:EC:31:75:79:08:DF:B9:B1:56:18:5A:48:15:62:EF:8B:BB:4C:1B:05:1C:E8:DD:3F:0C:A4:80:41"}}},"request":{"raw":"POST /ut/hb.php?cb=0.5455836194782087\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 1411\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1411,"data":"{\"clientHints\":{},\"isScrollable\":0,\"totalClicks\":0,\"sessionLength\":1,\"ippMissclicks\":0,\"visible\":1,\"caught\":0,\"lastevent\":0,\"isFullscreen\":0,\"isTabFocused\":1,\"eventImps\":0,\"retryCounts\":0,\"isScrolled\":1,\"isMouseMoved\":0,\"pagePercentageSeen\":99,\"belowTheFoldSeen\":0,\"touchEnd\":0,\"touchMove\":0,\"clicksByType\":{\"idle\":0,\"input\":0,\"video\":0,\"button\":0,\"link\":0,\"img\":0},\"browsingTopics\":[],\"ufp\":\"Win32/Mozilla/Netscape/true/false/1280x10240en-USunknown4824 bits\",\"sessionStartTime\":1767463505,\"sessionId\":\"b6c697c3d06cc6468a39faf563cc1ead\",\"timeZoneOffset\":0,\"zones\":[],\"pUrl\":\"https%3A%2F%2Fdaddylive4.click%2Flive%2Fstream-940.php\",\"pReferrer\":\"\",\"pTitle\":\"\",\"pDescription\":\"\",\"pKeywords\":\"\",\"pHasIframes\":5,\"pWidth\":1280,\"pHeight\":994,\"vWidth\":1280,\"vHeight\":983,\"inIframe\":0,\"bsd\":\"eyJwcm9iYWJpbGl0eSI6MC4wMSwicGVyU2lnbmFsIjp7ImlzV2ViRHJpdmVyUHJlc2VudCI6MCwiaXNDRFBEZXRlY3RlZCI6MCwiYXV0b21hdGVkQnJvd3Nlckdsb2JhbHMiOjAsImlzV2luZG93Q0RDIjowLCJkb2VzVUFDb250YWluSGVhZGxlc3NLZXl3b3JkIjowLCJpc0ZpcmVmb3hNaXNtYXRjaCI6MCwiaW5jb25zaXN0ZW5jaWVzIjowLCJpc0Nocm9tZUZvclRlc3RpbmciOjAsImRldGVjdENTU0Fub21hbGllcyI6MCwiaXNIZWFkbGVzc1Blcm1pc3Npb25NYXRjaGVkIjowLCJkZXRlY3RMb2NhbFN0b3JhZ2UiOjAsIm5vUGx1Z2luc1ByZXNlbnQiOjAsIm1pc3NpbmdXZWJSVEMiOjAsIm1pc3NpbmdBdWRpb1ZpZGVvIjowLCJtaXNzaW5nQ2FudmFzIjowLCJtb3VzZU1vdmVTY29yZSI6MCwiY2VudGVyZWRDbGlja1BlcmNlbnRhZ2UiOjAsInNjcm9sbFN1c3BpY2lvdXNTY29yZSI6MH19\",\"sentTimestamp\":1767463505739}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gXeyNLVncijJ9jjdY9Y4O1PCsrvZ6yoNFlKA%2BpoBrJamNVTujt2I%2Bz46CvOEic9HvFuY0YRCGyHHtbU3rnbbD1qHZ6%2FN%2BWA2fdJ5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b846c2158bfb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":174,"dns":181,"connect":1,"send":0,"wait":153,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Dec 2025 17:37:04 GMT","end":"Tue, 24 Mar 2026 18:37:01 GMT"},"fingerprint":{"sha1":"05:4F:CA:93:1E:46:6C:B4:A4:49:3A:2A:0C:AD:DB:CA:8C:CF:BC:9C","sha256":"81:B0:0B:B9:30:D8:5D:FE:11:36:CE:28:36:04:4F:41:74:05:00:57:EE:04:F0:1D:44:B3:B4:6F:A6:4F:D8:FD"}}},"request":{"raw":"GET /gid.js HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://daddylive4.click\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0802b39e13bb4ef3f1576e1487223b94; expires=Sun, 03 Jan 2027 18:05:06 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9b846c2109e35695-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3601f136ba41338b0b23548cdfac9c55","sha1":"30c4f53d94113c19a2f1d075f24a020fbd9b2dd2","sha256":"334bc78fbd462e0ab59c74f7ad993cc80e0bed23d7eb2079b150a2e545908887","sha512":"62ab27b60e96a8a02b3bbdb3b9574f788d57dcc5fd49b102afaf0b77756c98a1e946b4048f0a985d28f9237e87aaad195ea297e1ce8940297f4faeadd83629c4","ssdeep":"","tlshash":"51a022032b8802c22080222e2c8bc200800000023030a3c022ecc002e28fa0c03c2ac3","first_seen":"2026-01-03T18:05:38.800149Z","last_seen":"2026-01-03T18:05:38.800149Z","times_seen":1,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":56,"dns":121,"connect":1,"send":0,"wait":39,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/favicon.ico","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylive4.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Dec 2025 17:13:27 GMT","end":"Thu, 12 Mar 2026 18:10:35 GMT"},"fingerprint":{"sha1":"40:9A:3B:34:D8:6B:50:D4:BB:13:FA:5C:2D:E2:A6:7F:CE:C2:4D:40","sha256":"BA:0F:DB:6E:8C:95:45:C0:C5:67:90:43:87:0F:25:5F:EF:2D:CF:9B:30:1B:01:70:A2:36:48:5C:8E:26:AF:AE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: daddylive4.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/live/stream-940.php\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f4a98d4c-85c3-4c3a-8446-1726df90a135%3A2%3A1; pp_main_9ff35b0cd63b95f2925204c4dd0a79c3=1; pp_sub_9ff35b0cd63b95f2925204c4dd0a79c3=1; pp_delay_9ff35b0cd63b95f2925204c4dd0a79c3=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1BmO%2BeMGK1MkpxTH0OTw2AQnCNgWERVGMenGCQ4Rb765LVHcYWp8vuJSzsDzQMIPtKVuk1nCuokPCZJ%2BWKJ%2FwWWwd0wASx%2Fp57X7oOT37yk%3D\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b846c22ac513181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-01T18:02:07.266325Z","times_seen":519857,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1123\u0026rd=1123\u0026fd=776\u0026bv=25.12.4806\u0026tmpl=70","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1123\u0026rd=1123\u0026fd=776\u0026bv=25.12.4806\u0026tmpl=70 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":655,"timings":{"blocked":275,"dns":1,"connect":92,"send":0,"wait":94,"receive":1,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://epicplayplay.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nCookie: uid_id2=f4a98d4c-85c3-4c3a-8446-1726df90a135:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://epicplayplay.cfd\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"320c069d6bf388a0d508e6331aa978f0","sha1":"b73d0587dd4a1a171c4c79485d6c0a000efb7831","sha256":"b57e5c3f7dcbe39a7a6e3a377b5dc3b4411b7184fd044be6e156ce26efcce8fe","sha512":"02c9a66141fd8bb3a3608cb8cabe0ee89237dba4548bef43e88780c7a95473e57bf1104f474e0cb14dc762197b382ea00aa9c8dc100ff61e7cdd1905c7dabcb6","ssdeep":"","tlshash":"709004404354004073d005f10d454dd0d43c515dcd4500575544d5d5311301c1035c00","first_seen":"2026-01-03T18:05:38.804687Z","last_seen":"2026-01-03T18:05:38.804687Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=6707202\u0026cbur=0.22887560394939754\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylive4.click%2Flive%2Fstream-940.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=bklihaatruags.website\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1767463505007\u0026srs=b6c697c3d06cc6468a39faf563cc1ead\u0026atv=74.0\u0026btp=0.01\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/suurl5.php?r=6707202\u0026cbur=0.22887560394939754\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=\u0026cbpage=https%3A%2F%2Fdaddylive4.click%2Flive%2Fstream-940.php\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=bklihaatruags.website\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1767463505007\u0026srs=b6c697c3d06cc6468a39faf563cc1ead\u0026atv=74.0\u0026btp=0.01\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HMtMV5kzHik6ArOK3gmWx7cLxfWgghE07SveNc0q4lLcHLGoQrRJohD6BM%2Bu8awUscaftRsyCZavnqfNjs82ahXUiHS0%2FDzwy%2BPwIjEZFEQyzJw%3D\"}]}\r\ncf-ray: 9b846c1d8fc45a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":974,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7237874cb9fb735fc3be4044abb64951","sha1":"9159628b61d74ca6b427d4c7596022b1843d3c1f","sha256":"f0a73143a7c52ad00f9986007acd27e78df9a68b208f528bf5321a207ff35bc2","sha512":"fe7c6c14b3c015f76cde676899ea8317d1e28e3f939398db3d3ca32be78d9182223f3ae835a69753bc451fbe38fa15d26fd96edc9bb690a161fe00bd529dafd6","ssdeep":"","tlshash":"2211c8657fc8cc79a0991fcc015d5069cc5126474c645b9747851523439e6abae3c51b","first_seen":"2026-01-03T18:05:38.812427Z","last_seen":"2026-01-03T18:05:38.812427Z","times_seen":1,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":46,"dns":44,"connect":1,"send":0,"wait":193,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torealiukzemydr.org/bG9qd0ZDUAkEew8EEjQcBiEvER4iOSgyNlQLLEMBP1waQRALJkwDLwhSW0Z/W15TQGAcBg5Kd0ocHhYyGRxXRGAFAQwYew8DAxQtShlXRmhfW0REcEJYTAJ7XUkeBycLUltRNhgbBkp3W1ldQ3BfWlpCcF1f","fqdn":"torealiukzemydr.org","domain":"torealiukzemydr.org","tld":"org"},"ip":{"addr":"104.21.3.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torealiukzemydr.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Dec 2025 16:32:37 GMT","end":"Wed, 04 Mar 2026 17:29:41 GMT"},"fingerprint":{"sha1":"E4:88:98:0C:79:8A:86:67:9B:27:C3:69:5F:77:A4:65:E6:18:C9:F3","sha256":"6F:A1:4B:E2:F8:C7:BF:1C:EE:EA:6D:4F:44:EA:A3:8C:6C:8B:11:75:C8:28:F1:EA:BF:9D:32:1A:85:10:12:55"}}},"request":{"raw":"POST /bG9qd0ZDUAkEew8EEjQcBiEvER4iOSgyNlQLLEMBP1waQRALJkwDLwhSW0Z/W15TQGAcBg5Kd0ocHhYyGRxXRGAFAQwYew8DAxQtShlXRmhfW0REcEJYTAJ7XUkeBycLUltRNhgbBkp3W1ldQ3BfWlpCcF1f HTTP/1.1\r\nHost: torealiukzemydr.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bju8%2BspLLj8Fn%2BRprKblfT9Rz8ux7gxicZ3gikHHt2%2F%2FtZ6WCY9DxNGrByusjyPVDsyUi9e%2Fn9egpddfowA957%2FvSoqiF%2F4mjRSgeXsqlqWk\"}]}\r\ncf-ray: 9b846c1f7e590b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"torealiukzemydr.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:51:40 GMT","end":"Sun, 29 Mar 2026 00:51:39 GMT"},"fingerprint":{"sha1":"F3:CE:FF:C9:F8:70:23:18:40:13:70:96:1A:D1:FD:34:D3:CD:66:FC","sha256":"07:8C:A3:3F:1D:F1:E0:75:3D:26:20:F5:D5:75:64:CE:F7:40:6E:B7:BB:B9:EC:79:33:27:5F:51:2E:B0:12:E7"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aeccd11f90b78a609742607b470b9352\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torealiukzemydr.org/ZDBZd0tLDzoEdj51AxwaDmIKE3oySBhGM1ZlNxgJPGgbFCgDZX8DIgANaEZyUwFgQG0UWT1KekJDLRY/EUNkRHtUAX8eJQJfZEd7VAF/AXZVHmpDZVcGd0BtEQ1oT39UBGxOfFUGYUR4UQhtUT8UUT5KekJALQMnWQFuQXxQBmpCe1wFYUY","fqdn":"torealiukzemydr.org","domain":"torealiukzemydr.org","tld":"org"},"ip":{"addr":"104.21.3.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:08.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"torealiukzemydr.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Dec 2025 16:32:37 GMT","end":"Wed, 04 Mar 2026 17:29:41 GMT"},"fingerprint":{"sha1":"E4:88:98:0C:79:8A:86:67:9B:27:C3:69:5F:77:A4:65:E6:18:C9:F3","sha256":"6F:A1:4B:E2:F8:C7:BF:1C:EE:EA:6D:4F:44:EA:A3:8C:6C:8B:11:75:C8:28:F1:EA:BF:9D:32:1A:85:10:12:55"}}},"request":{"raw":"POST /ZDBZd0tLDzoEdj51AxwaDmIKE3oySBhGM1ZlNxgJPGgbFCgDZX8DIgANaEZyUwFgQG0UWT1KekJDLRY/EUNkRHtUAX8eJQJfZEd7VAF/AXZVHmpDZVcGd0BtEQ1oT39UBGxOfFUGYUR4UQhtUT8UUT5KekJALQMnWQFuQXxQBmpCe1wFYUY HTTP/1.1\r\nHost: torealiukzemydr.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ndate: Sat, 03 Jan 2026 18:05:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IWlhY%2BtAzV5w%2B2VQECgPxqJlPyB%2FIBZVHgnGLUHPo42Keq1e%2FNxc5eEKWwdsQ2HrdEI4%2Bbz3e%2BBZuXWyco7K41bKdk63fGuRCNr4jH7Ik7G2\"}]}\r\ncf-ray: 9b846c314fb10b51-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"torealiukzemydr.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hv.encystkokil.com/ri0nEDbUj67nZK/69521","fqdn":"hv.encystkokil.com","domain":"encystkokil.com","tld":"com"},"ip":{"addr":"172.255.106.53","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hv.encystkokil.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 17:18:19 GMT","end":"Fri, 13 Feb 2026 17:18:18 GMT"},"fingerprint":{"sha1":"E6:84:92:3D:AB:9B:24:2A:44:18:C0:6E:1B:5B:73:1F:7C:79:EC:5A","sha256":"50:23:AA:63:EC:1C:9F:A2:3B:D4:A5:59:70:87:F8:55:9E:45:B6:AD:79:5D:52:2A:42:C0:3D:1F:06:48:2F:DB"}}},"request":{"raw":"GET /ri0nEDbUj67nZK/69521 HTTP/1.1\r\nHost: hv.encystkokil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 18:05:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://daddylive4.click\r\naccess-control-allow-headers: content-type, gyfr29qt4j80vdr0zhsj, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nset-cookie: GL_UI4=eJw9jc1OhDAcB%2FkGddnkl%2FAA%2BwgtUtKrF1%2FBI2npn7UKdFMqq28v8eBtDjOZKIqSpka8FyekX0rgwrnsZSdaybpRqlZr2feCaSEZb8U0CTzYbQhKzxQyVNuifBjCniHXXq2mRr44Q3ONUnt338g3KbJVLYTy1Xqa3PdhqA%2FnkfLn7mC7HhwzJG5r0nOF8s2u5ijPj0g4O5%2BKCE%2B3WYXJ%2BWWwpoiRX70yhPgF1agCXZ3%2FQWlo%2BwzuBrjZDP%2F%2B3zi9c4bC0G5HQu7CO%2FlfoWNCFg%3D%3D; expires=Sun, 04-Jan-2026 18:05:04 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJxjYGBgEuEXZMosEOSxNNSzNNAzMdIzNDURZEwXZPLzF2RKzhNk88svKk%2BsFGQsEmQyMBZkKsoT5PYvzslXcM4vzSsBiicLsoD4goyZgnxOOZkVCsH5OaUlmfl5xYJMQMzpnJiUk6rvEuwjyFjAxijIVJIPIotTRBgEGcvYJASZchJ5HHw%2Fv9qcvuAnkJPP46BavzE63G61IFNBsSCLgaGpIQCHOyne; expires=Sun, 04-Jan-2026 18:05:04 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"848667c49f5d3aef59cd65ed276cd7ae","sha1":"bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763","sha256":"cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8","sha512":"4248ad0e684224ba8503b1e73517aae6ffe4431cd16b7633d2ccbf4b96f845e318dbee175d19cd4676ca37353f53add2231ed167ad6c4aa0d9fe185f7359238c","ssdeep":"","tlshash":"f23000000000000000cc00000000000000000000c000000000000000000000003c0000","first_seen":"2025-04-24T10:17:49.831301Z","last_seen":"2026-06-01T18:13:56.741792Z","times_seen":17325,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":114,"dns":75,"connect":17,"send":0,"wait":20,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"hv.encystkokil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://daddylive4.click\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=f4a98d4c-85c3-4c3a-8446-1726df90a135:2:1; expires=Tue, 01 Jan 2036 18:05:04 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"320c069d6bf388a0d508e6331aa978f0","sha1":"b73d0587dd4a1a171c4c79485d6c0a000efb7831","sha256":"b57e5c3f7dcbe39a7a6e3a377b5dc3b4411b7184fd044be6e156ce26efcce8fe","sha512":"02c9a66141fd8bb3a3608cb8cabe0ee89237dba4548bef43e88780c7a95473e57bf1104f474e0cb14dc762197b382ea00aa9c8dc100ff61e7cdd1905c7dabcb6","ssdeep":"","tlshash":"709004404354004073d005f10d454dd0d43c515dcd4500575544d5d5311301c1035c00","first_seen":"2026-01-03T18:05:38.804687Z","last_seen":"2026-01-03T18:05:38.804687Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":103,"dns":29,"connect":21,"send":0,"wait":21,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"epicplayplay.cfd/clappr/clappr.min.js?ssss","fqdn":"epicplayplay.cfd","domain":"epicplayplay.cfd","tld":"cfd"},"ip":{"addr":"104.21.0.173","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"epicplayplay.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 31 Dec 2025 15:01:18 GMT","end":"Tue, 31 Mar 2026 15:59:53 GMT"},"fingerprint":{"sha1":"7E:97:56:F0:47:2F:8F:51:78:6E:38:ED:A0:72:AA:10:A1:6A:5E:96","sha256":"BB:3F:24:90:54:1B:10:56:FE:CC:4A:D6:3A:8A:2A:38:23:8F:F3:C5:D2:0C:D9:92:B1:8B:51:25:A8:DA:0F:F1"}}},"request":{"raw":"GET /clappr/clappr.min.js?ssss HTTP/1.1\r\nHost: epicplayplay.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/premiumtv/daddylive.php?id=940\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 29 Nov 2025 17:16:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"692b2a74-80319\"\r\nexpires: Sun, 27 Dec 2026 15:13:17 GMT\r\ncache-control: public, max-age=31536000, immutable\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nage: 615108\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1PS8bXv4WjS%2B8sHLiYG5CzAHC%2FY7XwpDgVgKWJqx%2F0gAVGNXvPtj2YtqJwBoOyQ8XSldUWK3utEfrDCscbXQFIW3Eus65wYdOQzwRyOJE6s%3D\"}]}\r\ncf-ray: 9b846c20ba54120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":525081,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f55c6c796275a41ce7d97bd160e648ff","sha1":"936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89","sha256":"db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c","sha512":"3b01da86fa5b757041d7c03a186faad290c34f12fea78cc5ec53e4396491b16393c03e794bbead5a726f21c49f80894824eb65a87122c68a22cb2043ec6eda0e","ssdeep":"6144:q2ffwZI3wKqMSxeUKn5+q4Qc7vije4RDgv7VTG:qSoKqM9Upbz6R","tlshash":"c5b41b9876e5b0654393a0b8503f020b723bad6e7005a1ecf76de9e95db884d6037f78","first_seen":"2023-03-07T01:14:45Z","last_seen":"2026-05-31T22:19:56.423809Z","times_seen":2466,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:32 GMT","end":"Wed, 25 Feb 2026 15:57:31 GMT"},"fingerprint":{"sha1":"F5:06:14:04:6B:D5:32:C9:BA:A9:B4:13:02:C3:F0:62:2A:24:BC:90","sha256":"D8:34:74:17:27:E1:E2:E3:A9:BB:5D:58:F5:DB:40:51:4E:6C:34:33:BF:88:83:62:03:97:DC:4B:FB:67:B5:45"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:hFxN5j3VmL2aXun0vMzddYH6SsfXXA:4MTXZVDE6Fg0sOGZ; Expires=Mon, 03-Jan-2028 18:05:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1493785765:1767463506494290\u0026ifkv=Ac2yZaVJxO4b0N3_wd3hk7WNq5rKQbIcFXQQ1dOO_UVRE_0pWjJzL7359K72k4uqP4MjBo3Rll9Yow\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-3se2SQ-sSik2vtTzhxDyqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":140,"dns":0,"connect":17,"send":0,"wait":27,"receive":0,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/XNTh2UVRWVxg3a0FREmxlBwhDZ2MAHgYjMVMFEjAwUUEaOCJQDFgyOFxbHXc+RlcYIWlDfzlmGwJMFwVlflxQJS5RBUZ3OFRWEWxyUFYVbGUTWRIzaQUeAzBpWFcMODhZWVNjEgAWRnRmBRABODpRVwEicQcIGCVxBwhHYXoFHUUTcQcIATg6AwxTYhYQCk-YpYgEdRRNxBwgEJ3EGeUdiYBsIX3RmBV8TMj9aHUQXZgUJRmFlBQlTY2RTUQQ0MlpAU2MSBAtCf2QTTUtg","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /XNTh2UVRWVxg3a0FREmxlBwhDZ2MAHgYjMVMFEjAwUUEaOCJQDFgyOFxbHXc+RlcYIWlDfzlmGwJMFwVlflxQJS5RBUZ3OFRWEWxyUFYVbGUTWRIzaQUeAzBpWFcMODhZWVNjEgAWRnRmBRABODpRVwEicQcIGCVxBwhHYXoFHUUTcQcIATg6AwxTYhYQCk-YpYgEdRRNxBwgEJ3EGeUdiYBsIX3RmBV8TMj9aHUQXZgUJRmFlBQlTY2RTUQQ0MlpAU2MSBAtCf2QTTUtg HTTP/1.1\r\nHost: d3m6crjuedf6o.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 198\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 6a7eeeb375db56eafe74d447721ccbb8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: jxAiVoNG7gx80SBQOiuUXe_mZt7IBVHy1AvMzpHdN5f0NENlE891Ng==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":208,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"698dfc650e27873c2e368996efb36464","sha1":"a76758ca8d062d9c050c9d069decac01a7e0c2bc","sha256":"2d32b5961616da3159d8532ba935dec68e5ec54b0c1299c42329060d8e59d95a","sha512":"69ded3ada1ac1a951937f9de1fabef1bbede7ec2050481351aad41e8cc070b672ed0731b909529e54c10928e36ac46df7efc7a99a16046ec2c487b0925550ff5","ssdeep":"","tlshash":"78d0a73d2308ca034cf611567115b80083cbb14f136487446a8a1e93168a4495c60335","first_seen":"2026-01-03T18:05:38.822884Z","last_seen":"2026-01-03T18:05:38.822884Z","times_seen":1,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"d3m6crjuedf6o.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1493785765:1767463506494290\u0026ifkv=Ac2yZaVJxO4b0N3_wd3hk7WNq5rKQbIcFXQQ1dOO_UVRE_0pWjJzL7359K72k4uqP4MjBo3Rll9Yow","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.150.84","port":443,"asn":15169,"as":"GOOGLE","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:07.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:50:09 GMT","end":"Wed, 25 Feb 2026 15:50:08 GMT"},"fingerprint":{"sha1":"70:35:5F:58:F3:50:B0:2A:0E:11:9A:FD:D4:67:00:94:17:0E:03:EF","sha256":"01:93:34:8C:59:AC:52:25:54:81:E8:50:E1:E9:8A:11:1F:3C:82:81:00:B2:90:35:17:5F:25:9C:C2:2D:D2:E2"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026dsh=S1493785765:1767463506494290\u0026ifkv=Ac2yZaVJxO4b0N3_wd3hk7WNq5rKQbIcFXQQ1dOO_UVRE_0pWjJzL7359K72k4uqP4MjBo3Rll9Yow HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:18oywpNA7IUxeWjGs24Q6yfRFqE-1Q:WBqkxqqvFPMk62BQ;Path=/;Expires=Mon, 03-Jan-2028 18:05:07 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 03 Jan 2026 18:05:07 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026dsh=S1493785765%3A1767463506494290\u0026hl=en\u0026ifkv=Ac2yZaX8DiRA7CTV2GMBYnrr-CwVY4X8s-287potwKRgEf5s5bJbR3dc4dDTFjBzoPOmUCw0AlYM1Q\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: script-src 'nonce-W6HugFCTSZEzmwHu8MAmhg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 417\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1000\u0026rd=1000\u0026fd=528\u0026bv=25.12.4806\u0026tmpl=70","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:50:13 GMT","end":"Sun, 29 Mar 2026 00:50:12 GMT"},"fingerprint":{"sha1":"B6:89:38:EE:EF:1E:F1:A0:93:51:BB:7A:F2:13:F5:DF:8C:9B:8F:F7","sha256":"74:22:2C:3F:1E:A6:04:C8:AD:7C:D8:B4:13:57:A5:95:EF:83:FA:28:18:BC:F3:BD:38:93:CB:DA:4B:30:3F:8A"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1000\u0026rd=1000\u0026fd=528\u0026bv=25.12.4806\u0026tmpl=70 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:05 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":317,"dns":32,"connect":92,"send":0,"wait":95,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:04.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:04 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 44581e6a958c1c6fb8c4466418d64d17\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-01T18:11:21.591683Z","times_seen":17633,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":87,"dns":31,"connect":17,"send":0,"wait":24,"receive":18,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"daddylive4.click/live/stream-940.php","fqdn":"daddylive4.click","domain":"daddylive4.click","tld":"click"},"ip":{"addr":"104.21.42.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"daddylive4.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Dec 2025 17:13:27 GMT","end":"Thu, 12 Mar 2026 18:10:35 GMT"},"fingerprint":{"sha1":"40:9A:3B:34:D8:6B:50:D4:BB:13:FA:5C:2D:E2:A6:7F:CE:C2:4D:40","sha256":"BA:0F:DB:6E:8C:95:45:C0:C5:67:90:43:87:0F:25:5F:EF:2D:CF:9B:30:1B:01:70:A2:36:48:5C:8E:26:AF:AE"}}},"request":{"raw":"HEAD /live/stream-940.php HTTP/1.1\r\nHost: daddylive4.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/live/stream-940.php\r\nCookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f4a98d4c-85c3-4c3a-8446-1726df90a135%3A2%3A1; pp_main_9ff35b0cd63b95f2925204c4dd0a79c3=1; pp_sub_9ff35b0cd63b95f2925204c4dd0a79c3=1; pp_delay_9ff35b0cd63b95f2925204c4dd0a79c3=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CS281s4Np6Nk6MRXA27YmW586ChZBo8biwIpbUy%2BhVNjTEA%2FZyqp9CX3uklKF478y7b43%2Bxx%2F40HFN4oh4DCHSJCP5MaFlxiDupzWURR4hs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b846c1f1b873181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 54a2010c1f5cb2448841fd27a42099c2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-01T18:11:21.591683Z","times_seen":17633,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"d3m6crjuedf6o.cloudfront.net/8VGtjTEo3BA0qdSACB3F7ZVJUfXNjTRM+LzJWBy0uMBIPJTwxX00vJj0ICGogJwQNPHchLBR1EjIdAg8QAk0XNi5pW0UgKzoMXmovOghefWw1DwFxenIfEyMhaQISKycuExo+JC1NFi13OQQZJSY4CkZ+DGFFU2l4ZEMUJSQwBBQ/b2ZbDThvZltSfGRkTl-AOb2ZbFCUkYl9GfwhxWVM0fGBOUA5vZlsROm9nKlJ/fnpbSml4ZAwGLyE7TlEKeGRaU3x7ZFpGfnoyAhEpLDsTRn4MZVhXYnpyHl59","fqdn":"d3m6crjuedf6o.cloudfront.net","domain":"d3m6crjuedf6o.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"54.192.209.69","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /8VGtjTEo3BA0qdSACB3F7ZVJUfXNjTRM+LzJWBy0uMBIPJTwxX00vJj0ICGogJwQNPHchLBR1EjIdAg8QAk0XNi5pW0UgKzoMXmovOghefWw1DwFxenIfEyMhaQISKycuExo+JC1NFi13OQQZJSY4CkZ+DGFFU2l4ZEMUJSQwBBQ/b2ZbDThvZltSfGRkTl-AOb2ZbFCUkYl9GfwhxWVM0fGBOUA5vZlsROm9nKlJ/fnpbSml4ZAwGLyE7TlEKeGRaU3x7ZFpGfnoyAhEpLDsTRn4MZVhXYnpyHl59 HTTP/1.1\r\nHost: d3m6crjuedf6o.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 523\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 6a7eeeb375db56eafe74d447721ccbb8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 7JlYG3b5L0yCRg3pIh7hGaNwuflfIhpqqq8SNLfqcka5Q5XC6a4iiA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":747,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with very long lines (747), with no line terminators","md5":"f436606d1752a6cab340635a2eb1e068","sha1":"88a172dbf3d310888d00a1d8cd4bae42b69bea29","sha256":"0b2d3226532905a1e562b2d350c41c809a832a6d90bfd563eeecc43cc24d39af","sha512":"d34c710a8233b6233af454e0f17c77ec5ce99f89ee644c3f96f3ac0ef0e806942b648e8d9e23e021861d2877e55ef251017c0e9a4c437d97c8e92f15ad83799c","ssdeep":"","tlshash":"e201705a2ac08a6204baa0271af2b445638af4cd5ab6125934110b7bba0da4bca6052b","first_seen":"2026-01-03T18:05:38.827509Z","last_seen":"2026-01-03T18:05:38.827509Z","times_seen":1,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"d3m6crjuedf6o.cloudfront.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"oyo4d.com/5/6712285/?oo=1\u0026js_build=iclick-v1.1670.0\u0026userId=0802b39e13bb4ef3f1576e1487223b94\u0026dmn=x7i0.com\u0026tt=2\u0026ix=0","fqdn":"oyo4d.com","domain":"oyo4d.com","tld":"com"},"ip":{"addr":"139.45.197.118","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:07.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"oyo4d.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 05:07:35 GMT","end":"Sun, 18 Jan 2026 05:07:34 GMT"},"fingerprint":{"sha1":"7E:66:A3:16:7D:47:BC:6E:0F:31:AE:FA:65:A3:03:19:9B:0B:42:93","sha256":"49:F7:10:A4:75:B7:7C:34:65:80:9D:77:29:42:C6:F5:F9:80:CA:7B:2B:A7:5B:D6:12:3A:D7:1C:39:16:7F:65"}}},"request":{"raw":"POST /5/6712285/?oo=1\u0026js_build=iclick-v1.1670.0\u0026userId=0802b39e13bb4ef3f1576e1487223b94\u0026dmn=x7i0.com\u0026tt=2\u0026ix=0 HTTP/1.1\r\nHost: oyo4d.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3423\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3423,"data":"{\"sync\":\"TBtSUh8cJhwUBWcfHEsSAwEFUA5MXwMBbAIlKz9KWUBcHAtKQ1AVSQZbGgxbGwkFVkYLASoQTktDDFdGTBkCRExXBAEfFA4eFkpPUhRLDk4+HQY0BV0ZMkBQW2kNHCYfDD1RESZOBwkxGBNcMR5fZkBBJRcYHyoBTzYaUUNQX0dQQB0yU1xHUxkQHAxXWAhFW1MSHw9JSARCT1lJbEYeRkNaWUBQABUbW1hCSQddCk8NCR8UHhYfSk9TFEsJVUNQXkdQWglPDQkfFA4eW1JHUBRLF1tDUF5HUFoPHRUDAhpYFA1KT1IUSxxPAAZMUUMYTAVUGwkGVkYdBVdYCUVbSxUeTFFCGEwOX2ZcVBBGQ1hZQFYeJk4FSFRaXhYBHlRJRhRAVFVKHQtcDRxXQ1BeR1BXBjJYW1lpEwodDQ1AAlhVGxYDADQZURceaFVWWB0QEUpPUxRLGlYNBRw0FlEeGV8bCQZWRg8NGwZXG1sDUEZMDBNZCx1WXUAUQFVVShsOZwcVSkNQXkdQVwEBWEtsURsJDBxXWAlFW0kHBkxRQxhMDkRQEQxKSFsLGRYaU0kVQwAdG1AOXkEVSV1CWF5IRFcSVhsaG1tbQkkCWA8ZUVZBWyUAHBwQAUwGCxtbXEJJHFEdTw0NA0tWRgsBV1gaBRVPDBoHGxcWQk9FTxEMWCkcGxRAFEsLSRFIVFheFhoXWBsJBlZGDh9XWAlbQQlNSBkDUA5fXQUNHxQNDQ5KT1MKUUkVQx0HA1AOV1UGFRFBAkZDWFlATxBbA1FGTAIKFlRdGxtEUBlGQ11ZQEsIERtbW15ZRhhMHl8bCQdKVk1EVxFPS0MIU1JeR1BHDxoVAwIEQlRVSgERZw0cTQQJGg4WFlRdGxtZRQ8FW1JXL1cTEFUNC0FeXARORWBQXVIVEwpIOzYYWEkXUVFOPBtaWFkMGUsATl9ZGgNYCVpNF1FDTiwXVwUCGAsDB0pUSFhEQn4AC1wHBRZEQwdaQwcbHxQUFFtSRE4aGR0bW0gHBQZRHANWVR5GHgJUHhwHTwwLAwgZPiJJXQAZUktdVxZJCQwTT04AHE4EGFQCAWQnVl5XR1MIChgEWBJcD1RPCA8ZDgAOBx5ncAhfFBAcGhsDVEQJXQdHGAIXQwsfDVBAZjNfEAYBB0oHGFVMGgoNX0IHCEBcQQwTFykhTkAUSxFQDUhUWl4WGwRTGwlYDwgVRFcGSg9bA0NIQkkCWExXFVFHQgoXQ0daBlkNHUANAxgORhoNAV5aWBkWDQ8NWhFMGxxYDEdXX0IaHgVHGx8UFANbUkVOGh0DG1tIOz8xFkJPWVsRDEtIWwYUEhpTW24IBF1ZUBhMHUMbCQZWRhweFA4aU0oOTUgGCFAOWlUbG1dbWF5UWVlASh0NG1tHX0dQVwYyWFtZFEBUVUobFRpTSBVDHQpJSFIPAURcHxQVFxoYAEACSzVQDx8WSwoMWDIBDREaWAwQDBEHVktDXwAGHQ5eFg0FaFZRXCUNFwwQGhpTVAhNSBkCHGsFCE5KbFofCh4cHUACW0wATUgNBB5bHDJTXENCEkZDWkFOGh8cVwUFHElIFkxBFV5SWx8UGAwGQAJZVRsPBkxRUFEAQGJqERpYChUbV1gaDBcUNDlCDhwWQk9UVl9ZCDseCRgXTEtDGxIYCQlQGEwdUVURDFhGVUoWDkxLQ0IcRkwBAURMVwYVEUYUEFtSRU4aGRdLAkhUW14WHgFWTVVZCAkmDBAWXQoNVhNIVBBQXR0yVldXRBUNHUpPBFkFClxNSAcYLUAcBFNcXUJYXh8JGRFdRVtQEjUNAwBbAwRCVGwOTDsWGioMXR4cS0NQCAoeRwtBFVBAaRkMCwcYC00EWwMHCwIYFxhMBERmVlIdAVtSEwNUGhwVQwMdNBVRDQZYGwlCCBEcRFcLSzYOXAM1BQIGFlQLVlVAU1ZGEBsqFV0LJlIIHjFdQgIxAkVmXVMNAQtKTwRZBQpcTUgHGC1QCx5cTVxGJRcYDhQQUUtDXwAGHQ5eFgceaFpbRBUJEB0YPVcZHEsASFQNE1gdCEoVEVgfF1tSV1AMUE0LV15dWEMWQk9UVVpTFBAmARFAAksMVwoEARwcFkJPVl9VXxYNGBwQPVENWwNDSEJJBkYPC1FQUGkJCwwaFgdnAB0bW0hMR1BVChtSS0dfCQELNxwGGlNbG01IDQofRA8EUFdsXx5GQ0pXThoKDEoVBQM0G1AxXBUDERRWRhodBhZXBCZQBTVcSUgWTEEVWl9fGQ8mARFAAktbFUMJARgGFlRPFRURWx8QEQcRQAJLE0oVCwlJXhYcMkJQVxRARltEVw1ZNhBdQ1BMSV4WDwlTUEdfFQoYBCoLXBpbAzo3Ew==\",\"async\":\"TBtXQwgXW1IOQFoIDRtbWUJJGl0AGUQbCQRWRhsEAQoaU0sVQwIHDxZRADJeX0FXFwFbUkRRFEsNVhULAklIBVsQGxtRVw5GQxNXC0s2G1gVSFRbXhYNBVZLVF8UA1tSRU4aChFYEw0HBRVrGgRaXBEMSkhbDBwRWwEYSwYDAAwtQAcAUhsJBlZGFQ0DB1RLQwkcRkwDG1oaHhUDSEtWRhsEAQoaUwIbEh8eGx1GGghTGwlQGwgKDVlAWR8YUA0LDAcXFlQLVlVAU1ZGCw0UEVcHWwNDBAFGHFUYBFBYR1kISRsEAAdMBhZNCUgTR1BcBwlTXF1pEwILCRgHGlNJFUMJAgIXWhoyXl0RDFgRFwMbDU8HWxVDCwgNG1gHDENcbF8eRkNKV04aHQtYBwwHCC1HARhFWlZpEwBbUldAFEsYXRcPHB8bRwsfaFBXFEBGW0RXAVkECVgIDQA0G1BMVxUbHxQZEQocGg9nAB1mUEhUSVAYTA5CSkdZFzsQDCpQGlNbG01IDQcbVwUyXl0RDFhGVUoWDUsdWwNDSEJJH1EaBVhdEQxYDgocFAUaRVtLPh8HD1AOTE8bG1xXJQ0dSk9AGkVbWAUOBx8bWwAMW2ZaUglGQzMoHw==\",\"quality_options\":{\"hil\":1,\"jsp\":1,\"ng\":false,\"ix\":false,\"pt\":false,\"np\":false,\"nw\":true,\"nb\":true,\"sw\":1280,\"sh\":1024,\"pl\":\"https://daddylive4.click/live/stream-940.php\",\"wy\":0,\"wx\":0,\"ww\":1280,\"wh\":1024,\"cw\":1280,\"wiw\":1280,\"wih\":981,\"wfc\":5,\"sah\":1024,\"navlng\":\"en-US\",\"drf\":\"\",\"wgl\":\"llvmpipe\",\"tb\":false,\"btz\":\"UTC\",\"bto\":0,\"pnt\":0,\"pnrc\":0,\"bml\":0,\"bmi\":false,\"vsbl\":true},\"client_hints\":{}}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 18:05:07 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://daddylive4.click\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T18:10:49.760673Z","times_seen":16013365,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":61,"dns":13,"connect":26,"send":0,"wait":29,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xadsmart.com/ele.min.css","fqdn":"www.xadsmart.com","domain":"xadsmart.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:05.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1376341044.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 12 Nov 2025 14:38:12 GMT","end":"Tue, 10 Feb 2026 14:38:11 GMT"},"fingerprint":{"sha1":"18:C3:E8:61:55:94:8F:24:D2:80:A5:76:EB:0C:0B:B4:1A:0A:E3:D0","sha256":"35:99:B2:7C:FB:18:A2:BE:A9:1F:2B:3D:DC:D5:9E:58:9B:8E:27:ED:8E:C1:F0:B6:6B:0C:66:E4:7E:90:E2:99"}}},"request":{"raw":"GET /ele.min.css HTTP/1.1\r\nHost: www.xadsmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:05 GMT\r\ncontent-type: application/x-javascript\r\npopads-node: wb2\r\nexpires: Mon, 05 Jan 2026 02:01:47 GMT\r\naccess-control-allow-origin: https://daddylive4.click\r\nlink: \u003chttps://xadsmart.com/\u003e;rel=preconnect\r\ncache-control: public, max-age=604800\r\nx-77-nzt: EwgBX63NDQFBDAG5TAoBAff/0AAADAFZ3n0uAbdHqAYA\r\nx-77-nzt-ray: 2a494a150e5fb72d765a59692fcd890e\r\nx-77-cache: HIT\r\nx-77-age: 53503\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":41925,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1568)","md5":"804d1dcbf12d2a8a16f6bc71556e2a49","sha1":"f2af0634d16ed634408c4b9e353d29f6f1d5aed8","sha256":"9e6f1c55e7ad9d343bf28fa16cfa780b612dc51b8923a1022e4e9a52da84c777","sha512":"438e9d1f496d681e6095ffbe896cbf341b42926ba908f40a2b716cea36268416a178dc50ec33cbe3602ed415653206910916ffc87f24d91e05b8e5816210d35d","ssdeep":"768:bt9rqAYKK2ZzFQ9JsQU+YDngZGihfzmMzhYrTsAysncCWcf5k5sigC0/+CntlqoD:bbdZzFQ9JsTgZvfzmMzhYrTscpjZd","tlshash":"5f132aaab286282601e741b9503eb316b23305167812d458fcb9cdf96e3ddc611bb7fc","first_seen":"2026-01-03T17:47:11.974012Z","last_seen":"2026-01-03T18:05:38.82987Z","times_seen":2,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":37,"dns":19,"connect":1,"send":0,"wait":24,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/interstitial.php?r=9830542\u0026srs=b6c697c3d06cc6468a39faf563cc1ead\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fdaddylive4.click%2Flive%2Fstream-940.php\u0026atv=74.0\u0026cbref=\u0026btp=0.01\u0026pblcz=6707202\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/interstitial.php?r=9830542\u0026srs=b6c697c3d06cc6468a39faf563cc1ead\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Fdaddylive4.click%2Flive%2Fstream-940.php\u0026atv=74.0\u0026cbref=\u0026btp=0.01\u0026pblcz=6707202\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://daddylive4.click/\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0ClGBkFpz8BTXJG7Nf1RwcYcVu4%2FnGHwM3NV6k%2BhPErDRBRaIMfM5%2BMHDBZ8Kp7jPRrOwysQ5nZA3eytATasvGd4op0TrdoNij9m2374MjaYhAs%3D\"}]}\r\ncf-ray: 9b846c20d9005a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1389,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"dc6cf65deb49d22c53cfe4bba071e45a","sha1":"c4a835a8a98168642b8aa40e52bff6a6c4d08096","sha256":"917ce16b7990840fa3e39c448660113c20f60834ee967d499956453f8fb1dc8e","sha512":"4509b90a983359e1fba55904ccc7685e74da226a0eb63ba8b44a51304ef1488d7d6d4b199afc27a74b257fd86fafd85e143fb8bb270ac8d096aa55608816ec0d","ssdeep":"","tlshash":"6c21b86f49e5dc55224760f8c84f966507a724927f147d8648d6adca64bdcc8051c4c3","first_seen":"2026-01-03T18:05:38.832055Z","last_seen":"2026-01-03T18:05:38.832055Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6.adsco.re/","fqdn":"6.adsco.re","domain":"adsco.re","tld":"re"},"ip":{"addr":"104.16.83.77","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://daddylive4.click/live/stream-940.php","date":"2026-01-03T18:05:06.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adsco.re","organization":"Adscore Technologies DMCC"},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 15 Sep 2025 00:00:00 GMT","end":"Thu, 01 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"EC:13:B4:EC:A8:B2:CD:2E:12:E1:84:0E:E5:64:5D:88:D5:CA:3A:59","sha256":"C9:35:54:5E:EF:18:4E:21:62:7D:1D:23:55:D2:B9:CC:68:48:01:7B:AC:A5:8B:D9:3D:71:85:DC:07:17:02:2F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6.adsco.re\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://daddylive4.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://daddylive4.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\ncf-ray: 9b846c240c260731-OSL\r\naccess-control-allow-origin: https://daddylive4.click\r\ncache-control: private, max-age=300, immutable, stale-if-error=300, stale-while-revalidate=300\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\naccess-control-max-age: 2592000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5b41cb22f84f645a103acc7bfbf084ff","sha1":"bac3967b26d5ec4a0d09a580714e8219796816bd","sha256":"709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc","sha512":"772066ed1119519a19884fc94de2c9f2cc538b4528d9e2651a89b93d65bd4000b18297bfbdd8903b65146858935d33cac048c321dad2ea4f1f84ca6dd9b7d98f","ssdeep":"","tlshash":"7990041154441d34dc45470c4f0d0f0553dc5153df377374ddc50f0414531344141d00","first_seen":"2023-04-05T06:05:36Z","last_seen":"2026-03-30T19:07:46.969854Z","times_seen":25700,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":60,"dns":22,"connect":5,"send":0,"wait":11,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quasicurrant.com/3d/71/24/3d712439b634feba69e3e22374c27420.js","fqdn":"quasicurrant.com","domain":"quasicurrant.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"quasicurrant.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 02 Jan 2026 09:40:13 GMT","end":"Thu, 02 Apr 2026 09:40:12 GMT"},"fingerprint":{"sha1":"2F:55:33:9E:B7:18:08:E8:DD:34:F9:41:1A:36:62:BA:B9:5A:DE:9C","sha256":"79:58:0A:7A:06:B3:B3:E9:7A:CC:18:B5:BF:1B:CA:9C:18:70:58:1A:48:ED:0A:5C:CB:66:4B:5C:A9:FD:99:FE"}}},"request":{"raw":"GET /3d/71/24/3d712439b634feba69e3e22374c27420.js HTTP/1.1\r\nHost: quasicurrant.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://epicplayplay.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 03 Jan 2026 18:05:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38054\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: quasicurrant.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4b1c13f2fcf13b6a9ffee14a4f9a5c3b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106828,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7bef584cc1d9347de41cc3bc075ff6c8","sha1":"976be5ee953bb0d2d321751ca55e63a86d36e1bb","sha256":"c48a08b9ea6da64c40a628974a2fbd5f795a2a9e027435cdf8322beb7132ad73","sha512":"181bcfe7b11877f77f537b6df0546ad89e7c22091ae89695275f3678d61e95306f1684a3e18e751e870603b251462a9f8efec378a791f6005764a15ddc2becad","ssdeep":"3072:Ede17aMWZ44SXdVY4lDKVVbZ4i3/9j9y1UglGewsO:Edew194LwsO","tlshash":"36a3c788bfd0f06d129a6473223f950ff11a4e42505ce558e907f8e66abc32af47db64","first_seen":"2026-01-03T18:05:38.836255Z","last_seen":"2026-01-03T21:24:09.691745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":345,"dns":123,"connect":101,"send":0,"wait":132,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chevy.giokko.ru/server_lookup?channel_id=premium940","fqdn":"chevy.giokko.ru","domain":"giokko.ru","tld":"ru"},"ip":{"addr":"172.67.149.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://epicplayplay.cfd/premiumtv/daddylive.php?id=940","date":"2026-01-03T18:05:06.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"giokko.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 06:24:12 GMT","end":"Tue, 24 Feb 2026 07:24:09 GMT"},"fingerprint":{"sha1":"40:B1:8F:04:2E:18:63:CA:98:EC:4F:15:A1:16:1E:F4:DF:45:06:10","sha256":"83:3A:67:C1:1C:10:D3:BC:07:1C:FB:86:E8:FA:74:FF:C2:CE:B1:E9:49:88:AF:B2:7F:F9:20:EB:36:D3:BB:EF"}}},"request":{"raw":"GET /server_lookup?channel_id=premium940 HTTP/1.1\r\nHost: chevy.giokko.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://epicplayplay.cfd/\r\nOrigin: https://epicplayplay.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 18:05:06 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, no-store, must-revalidate\r\nx-cache: HIT\r\nvary: origin, access-control-request-method, access-control-request-headers, accept-encoding\r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 03 Jan 2026 05:21:09 GMT\r\nno-cache: no-cache\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GIQ7yrX%2Fyt%2BwWjub3sJTMx3YrDHp9wQY%2BmbtQpnO0RG9kRBDxdZ8g%2FEjzPU6z6Ib7355kjG5QTrWO7pCvq2YQqpu9uONgPFvAAAOsyc%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9b846c264ee056b1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f77abd456c5238d9fa1a54609c9c7b43","sha1":"edb2a397d8f21aea258da763431c5b51383b4b74","sha256":"9f3f430c088271e6bce6e9e1ca098db5a7583a1c96851127ae62529984041c41","sha512":"1df7bf0913ab1d35748646fe39b1422762a3d89afcd4fd09466e9bb79b4c4fe90cdf924237ceb46fd760c7a8a86d0ca88374480e28bd552cad55f1808aa7ff05","ssdeep":"","tlshash":"8870000c28a020aa088808380880200223082030808c2a8002000c0280032000000000","first_seen":"2025-04-08T02:16:43.282011Z","last_seen":"2026-03-04T20:20:55.805147Z","times_seen":46,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":58,"dns":34,"connect":2,"send":0,"wait":34,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}