urlscan.io logo urlscan.io
SecurityTrails logo

daddylive.fun Open in urlscan Pro
2a06:98c1:3120::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://daddylive.click/embed/stream-5.php
Effective URL: https://daddylive.fun/embed/stream-5.php
Submission: On February 17 via manual from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 7 countries across 14 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is daddylive.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 3rd 2022. Valid for: a year.
This is the only time daddylive.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 46.105.201.240 16276 (OVH)
1 158.69.251.190 16276 (OVH)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.190.41.116 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 104.153.197.251 53334 (TUT-AS)
31 18
1    2606:4700:3036::ac43:decf (United States)

ASN13335 (CLOUDFLARENET, US)
daddylive.click
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
daddylive.fun
rkc.primetubsub.xyz
2    2606:4700::6810:a610 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnondemand.org
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl16164575.trustedcpmrevenue.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
www.xadsmart.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.videocdn.click
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
reductionjogvast.com
3    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
2    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
aez2hvzgd1gb.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
aez2hvzgd1gb.n4.adsco.re
1    185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
aez2hvzgd1gb.s4.adsco.re
1    104.153.197.251 (United States)

ASN53334 (TUT-AS, US)
PTR: 104-153-197-251.customer.totaluptime.net
xadsmart.com
Apex Domain
Subdomains		 Transfer
13 adsco.re
c.adsco.re — Cisco Umbrella Rank: 20231
6.adsco.re — Cisco Umbrella Rank: 21740
4.adsco.re — Cisco Umbrella Rank: 23529
adsco.re — Cisco Umbrella Rank: 18089
aez2hvzgd1gb.l4.adsco.re
aez2hvzgd1gb.n4.adsco.re
aez2hvzgd1gb.s4.adsco.re
49 KB
2 primetubsub.xyz
rkc.primetubsub.xyz
29 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 236
17 KB
2 xadsmart.com
www.xadsmart.com — Cisco Umbrella Rank: 187797
xadsmart.com — Cisco Umbrella Rank: 149279
10 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17271
s4.histats.com — Cisco Umbrella Rank: 14990
5 KB
2 cdnondemand.org
cdnondemand.org — Cisco Umbrella Rank: 475259
13 KB
1 reductionjogvast.com
reductionjogvast.com
1 videocdn.click
www.videocdn.click — Cisco Umbrella Rank: 625887
629 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 546
30 KB
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 53428
890 B
1 trustedcpmrevenue.com
pl16164575.trustedcpmrevenue.com
1 daddylive.fun
daddylive.fun
6 KB
1 daddylive.click
daddylive.click
551 B
0 licenses4.me Failed
widevine.licenses4.me Failed
31 14
Domain Requested by
3 4.adsco.re daddylive.fun
c.adsco.re
3 c.adsco.re www.xadsmart.com
c.adsco.re
2 adsco.re c.adsco.re
2 6.adsco.re daddylive.fun
c.adsco.re
2 rkc.primetubsub.xyz daddylive.fun
rkc.primetubsub.xyz
2 ssl.google-analytics.com daddylive.fun
2 cdnondemand.org daddylive.fun
cdnondemand.org
1 xadsmart.com www.xadsmart.com
1 aez2hvzgd1gb.s4.adsco.re c.adsco.re
1 aez2hvzgd1gb.n4.adsco.re c.adsco.re
1 aez2hvzgd1gb.l4.adsco.re c.adsco.re
1 reductionjogvast.com rkc.primetubsub.xyz
1 www.videocdn.click 1 redirects
1 code.jquery.com rkc.primetubsub.xyz
1 youradexchange.com cdnondemand.org
1 www.xadsmart.com daddylive.fun
1 s4.histats.com s10.histats.com
1 s10.histats.com daddylive.fun
1 pl16164575.trustedcpmrevenue.com daddylive.fun
1 daddylive.fun
1 daddylive.click 1 redirects
0 widevine.licenses4.me Failed rkc.primetubsub.xyz
31 22

This site contains links to these domains. Also see Links.

Domain
adsco.re
youradexchange.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-03 -
2023-02-02		 a year crt.sh
trustedcpmrevenue.com
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
1376341044.rsc.cdn77.org
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-01		 2 years crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.l4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.n4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.s4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
xadsmart.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://daddylive.fun/embed/stream-5.php
Frame ID: 68F64CA0DD6001529AE5407FCE7EFEBA
Requests: 21 HTTP requests in this frame

Frame: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
Frame ID: BA6C74A01955AFFD7165D61A8FED3FD8
Requests: 4 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: C5454E49909E99DA3C3A32004062C346
Requests: 5 HTTP requests in this frame

Frame: https://widevine.licenses4.me/mdl.p2p.php?id=premium5&test=true
Frame ID: 15D9C38B3AF37047CB654CBACF3F692B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://daddylive.click/embed/stream-5.php HTTP 301
    https://daddylive.fun/embed/stream-5.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

87 %
HTTPS

47 %
IPv6

14
Domains

22
Subdomains

18
IPs

7
Countries

161 kB
Transfer

465 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://daddylive.click/embed/stream-5.php HTTP 301
    https://daddylive.fun/embed/stream-5.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.videocdn.click/zzht.php?id=/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js HTTP 301
  • https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request stream-5.php
daddylive.fun/embed/
Redirect Chain
  • https://daddylive.click/embed/stream-5.php
  • https://daddylive.fun/embed/stream-5.php
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88411b3613ad51140fb8240187b594f325a5ee344435eafa3ca82a32b484cae4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Feb 2022 13:01:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
greyf
STALE
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEG8Cou46dH7OmitN0Ky%2BvVRu6RvpJYXc5s2a6PAwzYQ9tEgRIsWSc3IkDvv%2Ffk1cD2esvBNTQD66yyvobR0ZppahZORapx4lEv9iJsiIjC4ZwhXp3%2FBGWC%2FaX88tiMxeY4Ykf1r5w2O%2BG%2FY"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6def346b39a28fe6-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 17 Feb 2022 13:01:30 GMT
location
https://daddylive.fun/embed/stream-5.php
cache-control
max-age=3600
expires
Thu, 17 Feb 2022 14:01:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Fw7zLj3FhtshMFb1bxQTRM5k8YjRztD3yRH1PZj4lACCzb2N2tcAmtt8TqfbamH%2BE7UxsniKMtI18BlMNHTqWOqB5o1QwgfNu9BPOoPvtBNd5GcXbjsIHOtYRJgSFkayxqh7kDzNppyxQxoIA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6def346abe8790e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
su.js
cdnondemand.org/script/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/su.js
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1525
x-guploader-uploadid
ADPycdtWZ03GcX5H1hz2laIpW1VY_ijQQuGx38eE7eJpRQ80YjgwRY8I_Tlez3HhfyJ16mvvQrlKNCM9DQrTBDI7bEo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 07 Feb 2022 13:27:32 GMT
server
cloudflare
etag
W/"52355fb1698469eed7632a46e8a4f23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EVjXSA==, md5=UjVfsWmEae7XYypG6KTyOg==
x-goog-generation
1644240452215465
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
25170
cf-ray
6def346c1f956967-FRA
expires
Thu, 17 Feb 2022 17:01:30 GMT
ddd430767cdbddd8ac0726a842abd6c0.js
pl16164575.trustedcpmrevenue.com/dd/d4/30/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl16164575.trustedcpmrevenue.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Feb 2022 13:01:31 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 12:55:13 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
538739319
ut.js
cdnondemand.org/script/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnondemand.org/script/ut.js?cb=1645102890935
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/su.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
900
x-guploader-uploadid
ADPycdtJs7aA77jb9h2SZtczLdMpBOkBinRizldp_CwZAFLgx2kie-q7VuhxycJ99buurkHhmSuMbBDr3tV6YLEel1H-ng0L0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Thu, 03 Feb 2022 12:22:51 GMT
server
cloudflare
etag
W/"1e3e1b7d88d8f85d315c97184a256f79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
x-goog-generation
1643890971548728
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
15378
cf-ray
6def346c98d06967-FRA
expires
Thu, 17 Feb 2022 17:01:30 GMT
0.php
s4.histats.com/stats/ 		53 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?2162676&@f16&@g1&@h1&@i1&@j1645102890969&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-69254430&@b3:1645102891&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdaddylive.fun%2Fembed%2Fstream-5.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns546644.ip-158-69-251.net
Software
/
Resource Hash
340560ff954085ed464fe18603f928e9be1302c87444a98ddcf51108059049f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 13:01:31 GMT
Connection
close
Content-Length
53
Content-Type
text/html;charset=UTF-8
lightbox.min.js
www.xadsmart.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xadsmart.com/lightbox.min.js
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4ddc12cebf32bf58c0d3a4eed662918df46a2de91d4012fb6c8f99d28133de5c

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Origin
https://daddylive.fun
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
147080
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1ry8myiH/iD4CAA
x-accel-expires
@1645560611
server
CDN77-Turbo
x-77-nzt-ray
yXLe48RrP9w
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Tue, 22 Feb 2022 20:10:11 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2248
date
Thu, 17 Feb 2022 12:24:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 17 Feb 2022 14:24:03 GMT
daddylive.php
rkc.primetubsub.xyz/premiumtv/ Frame BA6C 		78 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d62d75162034db1fcb2c050295df4cb90ccb93fe27b94e18f7be45bdcf2e429

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-type
text/html; charset=UTF-8
last-modified
Fri, 11 Feb 2022 08:12:26 GMT
cache-control
max-age=14400
cf-cache-status
HIT
age
1807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8p2RXAIf%2BZSb9JPyzhlMFcQ86%2BSEO9pLary9tjiu%2BoS9ksgRHK%2BFacq%2FMcy4d7Ej3bAdcNB5JVK46AHaXUfwgeRjGhYLz6jyEgSFcOuQA8CQEpwDUatOEaWk0SiwUxqCUVHAEgGjtu606Egh%2BlKvqmO"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6def347019719112-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suurl4.php
youradexchange.com/script/ 		967 B
890 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=4202623&excluded_countries=RU%2CUA&cbur=0.2884353238098236&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fdaddylive.fun%2Fembed%2Fstream-5.php&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0
Requested by
Host: cdnondemand.org
URL: https://cdnondemand.org/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
743631f5299b9d4de32eaecc88cb235c9d2e468c040564a4571d557375e7a818

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/json; charset=utf-8
FZiFGzasX1bUEEpuyyx3qR2Xnxc.js
rkc.primetubsub.xyz/cdn-cgi/apps/head/ Frame BA6C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rkc.primetubsub.xyz/cdn-cgi/apps/head/FZiFGzasX1bUEEpuyyx3qR2Xnxc.js
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf0UCCV0BNL1YODqWsT40dj9wj2JVZDrzJPoK%2FxR3Cwo3aUHBPHISJmSC%2B2FSGINN6sXlg36XwPAqZG%2BrL7tx21ijkxhVnb3qL1ZnyxOrVBdzB1iq2rV5BarTBLr2NmOgGnRYca4HACWDNWUBYUDXWd2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6def34706a899112-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery-3.5.1.min.js
code.jquery.com/ Frame BA6C 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1645102891.dop140.am5.t,1645102891.cds294.am5.hn,1645102891.cds203.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bb18a1b8543b35921df608a0b3ae100d.js
reductionjogvast.com//bb/18/a1/ Frame BA6C
Redirect Chain
  • https://www.videocdn.click/zzht.php?id=/bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
  • https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
Requested by
Host: rkc.primetubsub.xyz
URL: https://rkc.primetubsub.xyz/premiumtv/daddylive.php?id=5
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rkc.primetubsub.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Feb 2022 13:01:32 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Thu, 17 Feb 2022 13:01:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
max-age
50s
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44t6Sxe8WRzYAQDjhlyZ6XL7REOK3bsTuXFokfeV5wfpgNV5Qg5NT1bzz3gmWPHCqIVe%2Buo9CZUb9EVWu83R%2Bhz4fGC7VOBPzTXVDZSRXon77xy4eTVYaNGcorc9wLvLOdu8kX97mlvy7Y9%2FxgqqVns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
cache-control
max-age=5
cf-ray
6def3470b8899186-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expires
Thu, 17 Feb 2022 13:01:36 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=643702651&utmhn=daddylive.fun&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=503412313&utmr=-&utmp=%2Fembed%2Fstream-5.php&utmht=1645102891595&utmac=UA-133782126-8&utmcc=__utma%3D182507571.2071983012.1645102892.1645102892.1645102892.1%3B%2B__utmz%3D182507571.1645102892.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=92392400&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Feb 2022 13:01:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.xadsmart.com
URL: https://www.xadsmart.com/lightbox.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1999158
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6def3470de649255-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 20 Mar 2022 13:01:31 GMT
/
6.adsco.re/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Origin
https://daddylive.fun
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://daddylive.fun
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6def34720da09235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
461 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Origin
https://daddylive.fun
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 13:01:31 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://daddylive.fun
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 17 Feb 2022 13:01:31 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon124
Access-Control-Allow-Origin
https://daddylive.fun
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		48 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
b46ebf55dc42bc65949e024f513c408abf8bec12b717be3c5fa31c2dc46961b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 13:01:31 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://daddylive.fun
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		53 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5410e754ac88e59a728904f4e6d3deb186d389f93be735bbfc7d9f6f0e363c0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://daddylive.fun
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6def34720d9f9235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
aez2hvzgd1gb.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aez2hvzgd1gb.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 17 Feb 2022 13:01:31 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
aez2hvzgd1gb.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aez2hvzgd1gb.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 17 Feb 2022 13:01:32 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
aez2hvzgd1gb.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aez2hvzgd1gb.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daddylive.fun/embed/stream-5.php
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 17 Feb 2022 13:01:33 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame C545 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php

Response headers

date
Thu, 17 Feb 2022 13:01:31 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Sun, 20 Mar 2022 13:01:31 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
2660907
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6def34724989690a-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
6.adsco.re/ Frame C545 		0
0
/
4.adsco.re/ Frame C545 		0
458 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: daddylive.fun
URL: https://daddylive.fun/embed/stream-5.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 17 Feb 2022 13:01:32 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ Frame C545 		34 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 13:01:32 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2660908
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6def34743dcd690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 20 Mar 2022 13:01:32 GMT
/
4.adsco.re/ Frame C545 		0
0
p
adsco.re/ 		362 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
7cce68a504c7bd7399c448344e2adf28008ae61b0c0650d01b4c63351618ad54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

AS-P-G
OK
Date
Thu, 17 Feb 2022 13:01:32 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon124
Access-Control-Allow-Origin
https://daddylive.fun
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
cYV.htm
xadsmart.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xadsmart.com/cYV.htm?_=BAoAYg5HLAFiDkcsgAGBAsAAIF76jDUAfu9Wlk_KFGXypfrNcyyvQV1VSX6mS8mD7wPDwQBGMEQCIBYp9XGw0cECKx_kbRiSTZO5kyr32tAC8SjOUkTgXlrQAiAEjSDoN_QdbCIZvmmW3XjiIkzifdx5zqjMMFPArGiEycIAIC3LzWBkccgDdKzgK2vDZoUm3vazSZaT7pefrl0v3xG-xAAQKgMbIAAG8BEAAAAAAAAALsUAEEvnBTc7pNlrzmkE8bGmQ-XDAEcwRQIhAO0OLod3IPwkEQHAAMjSvj_Ty6TfebZf1_oxzXml6R6TAiARi8iE2D-TLm5fjLsj_PqjYcglgN6uBxdxSwMcnvAdgw&v=4&kSAUFGXj=4734866&minBid=&MsDNkTLH=0,0&EcQXwsFd=&DaoMvzqZ=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.xadsmart.com
URL: https://www.xadsmart.com/lightbox.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.153.197.251 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
104-153-197-251.customer.totaluptime.net
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daddylive.fun/embed/stream-5.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Feb 2022 13:01:32 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
mdl.p2p.php
widevine.licenses4.me/ Frame 15D9 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
widevine.licenses4.me
URL
https://widevine.licenses4.me/mdl.p2p.php?id=premium5&test=true

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| _Hasync object| a6_0x7dfa function| a6_0x5308 function| s2ss217ff boolean| s2ss217 function| chfh function| chfh2 string| _HST_cntval object| Histats object| a9_0x1e2e function| a9_0x23bd boolean| utm217 string| utsid-send object| _HistatsCounterGraphics_0_setValues object| u_cfg object| emulateStorage object| afStorage object| _pop object| _gaq object| detectZoom object| iframe object| where object| win object| _pao object| _gat object| gaGlobal object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt

15 Cookies

Domain/Path Name / Value
daddylive.fun/ Name: HstCfa2162676
Value: 1645102890969
daddylive.fun/ Name: HstCla2162676
Value: 1645102890969
daddylive.fun/ Name: HstCmu2162676
Value: 1645102890969
daddylive.fun/ Name: HstPn2162676
Value: 1
daddylive.fun/ Name: HstPt2162676
Value: 1
daddylive.fun/ Name: HstCnv2162676
Value: 1
daddylive.fun/ Name: HstCns2162676
Value: 1
.daddylive.fun/ Name: __utma
Value: 182507571.2071983012.1645102892.1645102892.1645102892.1
.daddylive.fun/ Name: __utmc
Value: 182507571
.daddylive.fun/ Name: __utmz
Value: 182507571.1645102892.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.daddylive.fun/ Name: __utmt
Value: 1
.daddylive.fun/ Name: __utmb
Value: 182507571.1.10.1645102892
daddylive.fun/ Name: a
Value: m9vgRDsfqkGoy6RHiSihqOQmyD4HxTlx
daddylive.fun/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYg5HLAFiDkcsgAGBAsAAIF76jDUAfu9Wlk_KFGXypfrNcyyvQV1VSX6mS8mD7wPDwQBGMEQCIBYp9XGw0cECKx_kbRiSTZO5kyr32tAC8SjOUkTgXlrQAiAEjSDoN_QdbCIZvmmW3XjiIkzifdx5zqjMMFPArGiEycIAIC3LzWBkccgDdKzgK2vDZoUm3vazSZaT7pefrl0v3xG-xAAQKgMbIAAG8BEAAAAAAAAALsUAEEvnBTc7pNlrzmkE8bGmQ-XDAEcwRQIhAO0OLod3IPwkEQHAAMjSvj_Ty6TfebZf1_oxzXml6R6TAiARi8iE2D-TLm5fjLsj_PqjYcglgN6uBxdxSwMcnvAdgw
daddylive.fun/ Name: _popprepop
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://pl16164575.trustedcpmrevenue.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://rkc.primetubsub.xyz/cdn-cgi/apps/head/FZiFGzasX1bUEEpuyyx3qR2Xnxc.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://reductionjogvast.com//bb/18/a1/bb18a1b8543b35921df608a0b3ae100d.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
aez2hvzgd1gb.l4.adsco.re
aez2hvzgd1gb.n4.adsco.re
aez2hvzgd1gb.s4.adsco.re
c.adsco.re
cdnondemand.org
code.jquery.com
daddylive.click
daddylive.fun
pl16164575.trustedcpmrevenue.com
reductionjogvast.com
rkc.primetubsub.xyz
s10.histats.com
s4.histats.com
ssl.google-analytics.com
widevine.licenses4.me
www.videocdn.click
www.xadsmart.com
xadsmart.com
youradexchange.com
4.adsco.re
6.adsco.re
widevine.licenses4.me
104.153.197.251
158.69.251.190
162.252.214.5
185.200.116.90
185.200.118.90
192.243.59.12
192.243.59.20
2001:4de0:ac18::1:a:3a
2606:4700:3036::ac43:decf
2606:4700::6810:a610
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:829::2008
2a02:6ea0:c700::2
2a06:98c1:3120::7
2a06:98c1:3121::7
35.190.41.116
38.132.109.186
46.105.201.240
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b
340560ff954085ed464fe18603f928e9be1302c87444a98ddcf51108059049f4
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
4ddc12cebf32bf58c0d3a4eed662918df46a2de91d4012fb6c8f99d28133de5c
5410e754ac88e59a728904f4e6d3deb186d389f93be735bbfc7d9f6f0e363c0e
743631f5299b9d4de32eaecc88cb235c9d2e468c040564a4571d557375e7a818
7cce68a504c7bd7399c448344e2adf28008ae61b0c0650d01b4c63351618ad54
7d62d75162034db1fcb2c050295df4cb90ccb93fe27b94e18f7be45bdcf2e429
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88411b3613ad51140fb8240187b594f325a5ee344435eafa3ca82a32b484cae4
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
b46ebf55dc42bc65949e024f513c408abf8bec12b717be3c5fa31c2dc46961b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d