Report - papahdd3.live/everton-vs-southampton

Report Overview

Visited public
2025-05-18 10:48:15
Tags
Submit Tags
URL
papahdd3.live/everton-vs-southampton
Finishing URL
papahdd3.live/everton-vs-southampton/
IP / ASN
104.21.35.223
#13335 CLOUDFLARENET
Title
Everton vs Southampton – PAPAHDD3.LIVE

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c.adsco.re	16577	2017-02-14	2017-11-29	2025-05-15	510 B	80 kB	104.17.166.186
adsco.re	8541	2017-02-14	2017-04-03	2025-05-15	446 B	1.8 kB	162.252.214.5
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-05-14	446 B	88 kB	172.217.21.170
piratcast.tv	unknown	unknown	2025-04-17	2025-05-11	952 B	190 kB	104.21.34.208
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-05-14	449 B	38 kB	104.18.11.207
acscdn.com	93608	2020-05-05	2020-05-06	2025-05-15	416 B	142 kB	104.18.17.201
www.cdn4ads.com	105393	2020-04-18	2020-04-19	2025-05-18	448 B	38 kB	95.173.205.14
papahdd3.live	unknown	2025-04-06	2025-05-18	2025-05-18	5.4 kB	331 kB	188.114.96.1
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-05-14	1.0 kB	211 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2025-05-14	1.3 kB	388 kB	151.101.2.137
x3os.com	unknown	2021-03-18	2025-04-24	2025-05-15	555 B	808 B	139.45.196.64
oxv5vicimd9f.l4.adsco.re	unknown	2017-02-14	2025-05-18	2025-05-18	458 B	463 B	185.200.118.62
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-05-14	1.3 kB	846 kB	151.101.193.229
oxv5vicimd9f.s4.adsco.re	unknown	2017-02-14	2025-05-18	2025-05-18	458 B	463 B	185.200.116.60
cdn4ads.com	46207	2020-04-18	2020-04-19	2025-05-18	1.7 kB	257 B	216.59.63.128
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-14	434 B	385 kB	142.250.74.168
processbigger.com	unknown	2024-05-28	2024-10-30	2025-05-11	2.4 kB	91 kB	188.114.97.1
youradexchange.com	273384	2012-11-09	2013-02-04	2025-05-15	800 B	1.7 kB	104.21.91.188
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-05-12	481 B	530 B	172.67.188.110
4.adsco.re	19179	2017-02-14	2021-01-04	2025-05-15	853 B	431 B	0.0.0.0
6.adsco.re	17812	2017-02-14	2018-01-15	2025-05-15	853 B	995 B	104.17.167.186
oxv5vicimd9f.n4.adsco.re	unknown	2017-02-14	2025-05-18	2025-05-18	458 B	463 B	38.132.109.126
gekeebsirs.com	unknown	2024-08-13	2024-08-13	2025-05-08	411 B	104 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-18 10:47:58	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:58	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:47:59	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:01	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:01	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:01	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:04	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:04	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-05-18 10:48:04	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-18	medium	gekeebsirs.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (34)

	URL	From	Size	First Seen	Last Seen
	processbigger.com/maestrohd2.js	ScriptElement	1.0 kB	2025-04-07	2025-06-14
Pretty URL processbigger.com/maestrohd2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 22:50 Last Seen2025-06-14 20:47 Times Seen13 Hash d625e733b7547dcdd415c4b27c4bc527 7f00e2b8792948ae625499c06ae590515250f2b9 83487ba31c45dfaa270e93aca0e5327f12b8a763d2c0822650f65d3d0989388b Loading...

	cdn4ads.com/drweealhymwnukjfnc?VvozmuyQ=BQOCAAAAAAAACZUAAl-Z0YFwB25v29hFe501LNFTBK4qHJhpNDbr-e4M3RvJBTlhueZ8j0yZ2w3mnfpFr6XOcun9sKBeiMyRUoY2NhdT0tCiyhl5rp2egL8d_KRZNpV2Eh24ukO4eq0Q8EiMc7-L8GNrPdrLPi6PboPgs0AR8OgPciip1L6BB1JQ3mvzt2Yl8cYwWFRD7vmywaKZ5bftX_DzEpuP98h43H-xzJiPoqDVVampMe4ug69Q-Ae85ldqqEpJqfjOaXRhfLsxByLmF1WzxiUTHJpMM9LGQkgqTf6n4KQ7BeMoPMeRbZC9HiUHTv9kGIwokcPYhUGjNqITGTEGH9eqWNKANhnxdPOLoT0aZIFdOxQDKFOXLiPrblvzJYjVmmaXXUxccPWpntijc1iR4qK7F_mAzMGX0FIWn-e4nmQh9wBxGxd6RrOUyHT1uYmp1IIiEnNcCeAQX_csUwbgLTTc3-24Cd7rCs7Gkt_sj-nXdkvP67H7HrOe5rvwIqcYbCzJSV0P2Yq64UtHPnGSSpMhe-EaI3qLctvB1l0TwBH6g9JKyRLy8UYvtLyx9T1UsMMkuw1JiUZkkFYCjBFTP7aTO8VZ8lu27jPkJzbcrdteKKRAy3bm9jXp18PHiHqXPjVBNm4XolTAYb2vq8aLLOw2OcxodL6S36iV-7X9xeu1BmpOwIS5luZWrc4jftIktvpazCmRM6QpYlcz8MLlIslShid_GtEiaRvPDSZMDRZ7R13XXZkSp_Yp-XEFQ21xDQj4KeoTlP-nHnwR09EwEGxcvjn3fIBWi4sKXQFHYU39wp1yXqZrqxLoiSrzXfdAHHgXafMsCEWE2t20JdDvhilQu9LzjpsTAvaa5sOhYFv50ygibp-0uNC3QdAaINFi6aEuL0Fxb-S0U46C6sNmx3X9yGfAylYr9e_lVMFkRyPbJcoiOAJNlfS-sfXRdLs1FLH-VSwAEzrnP11i43ozayb81K96dybbfvhArWkfu1Px2XP9_APXqhHONdTK-9PPBk2_QF-b9pOxUgK2ztcUBKv0QEr6-G582Ck62hKEw5b5GaD9TNUN95RB2lxhAHz796-bDcbHPSdtPQ-OjehpZOqC9U8RzBiowJ41trSt7olDCXT1yaPEDZb4n6IXnYdqLPWTrAVoFnITw6zLRgbQnekHgSGvtqgODc7zAjCuuHkwJoiCdK7v7pUg&FHtVSgEN=4&uCpsNAen=5193577&UEZmOfto=0.001&LqWiOueY=0,0&zdQbZNBC=&CSbYykPT=&s=1280,1024,1,1280,1024,0	ScriptElement	44 B	2023-03-07	2025-07-21
Pretty URL cdn4ads.com/drweealhymwnukjfnc?VvozmuyQ=BQOCAAAAAAAACZUAAl-Z0YFwB25v29hFe501LNFTBK4qHJhpNDbr-e4M3RvJBTlhueZ8j0yZ2w3mnfpFr6XOcun9sKBeiMyRUoY2NhdT0tCiyhl5rp2egL8d_KRZNpV2Eh24ukO4eq0Q8EiMc7-L8GNrPdrLPi6PboPgs0AR8OgPciip1L6BB1JQ3mvzt2Yl8cYwWFRD7vmywaKZ5bftX_DzEpuP98h43H-xzJiPoqDVVampMe4ug69Q-Ae85ldqqEpJqfjOaXRhfLsxByLmF1WzxiUTHJpMM9LGQkgqTf6n4KQ7BeMoPMeRbZC9HiUHTv9kGIwokcPYhUGjNqITGTEGH9eqWNKANhnxdPOLoT0aZIFdOxQDKFOXLiPrblvzJYjVmmaXXUxccPWpntijc1iR4qK7F_mAzMGX0FIWn-e4nmQh9wBxGxd6RrOUyHT1uYmp1IIiEnNcCeAQX_csUwbgLTTc3-24Cd7rCs7Gkt_sj-nXdkvP67H7HrOe5rvwIqcYbCzJSV0P2Yq64UtHPnGSSpMhe-EaI3qLctvB1l0TwBH6g9JKyRLy8UYvtLyx9T1UsMMkuw1JiUZkkFYCjBFTP7aTO8VZ8lu27jPkJzbcrdteKKRAy3bm9jXp18PHiHqXPjVBNm4XolTAYb2vq8aLLOw2OcxodL6S36iV-7X9xeu1BmpOwIS5luZWrc4jftIktvpazCmRM6QpYlcz8MLlIslShid_GtEiaRvPDSZMDRZ7R13XXZkSp_Yp-XEFQ21xDQj4KeoTlP-nHnwR09EwEGxcvjn3fIBWi4sKXQFHYU39wp1yXqZrqxLoiSrzXfdAHHgXafMsCEWE2t20JdDvhilQu9LzjpsTAvaa5sOhYFv50ygibp-0uNC3QdAaINFi6aEuL0Fxb-S0U46C6sNmx3X9yGfAylYr9e_lVMFkRyPbJcoiOAJNlfS-sfXRdLs1FLH-VSwAEzrnP11i43ozayb81K96dybbfvhArWkfu1Px2XP9_APXqhHONdTK-9PPBk2_QF-b9pOxUgK2ztcUBKv0QEr6-G582Ck62hKEw5b5GaD9TNUN95RB2lxhAHz796-bDcbHPSdtPQ-OjehpZOqC9U8RzBiowJ41trSt7olDCXT1yaPEDZb4n6IXnYdqLPWTrAVoFnITw6zLRgbQnekHgSGvtqgODc7zAjCuuHkwJoiCdK7v7pUg&FHtVSgEN=4&uCpsNAen=5193577&UEZmOfto=0.001&LqWiOueY=0,0&zdQbZNBC=&CSbYykPT=&s=1280,1024,1,1280,1024,0 IP 216.59.63.128 ASN #53334 TUT-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-07-21 05:42 Times Seen11054 Hash d5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Loading...

	www.cdn4ads.com/pJOed/lload-min.js	ScriptElement	37 kB	2025-05-18	2025-05-18
Pretty URL www.cdn4ads.com/pJOed/lload-min.js IP 95.173.205.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 10:48 Last Seen2025-05-18 10:48 Times Seen1 Hash 71cadd5d8edd88b36c632774195f9602 d748e2041ca1efd6eff4ffa3c2e85bd39de517a0 95d49b30c173f862d00d7ab156cbe3b3fde86594750d3dc9cd99fe76533cf4aa Loading...

	papahdd3.live/everton-vs-southampton/	Eval	25 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 05:43 Times Seen13604 Hash 7f4b3d4fd96c7b2905fc6159df12e72c e69e46517de4d94408bd62ac9cb9e456570106f3 de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	29 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 09:37 Times Seen13473 Hash c0ba9b9f2e4aa0e1069ac927c8e11fb2 9719454c278127be396a0fb91194dea54323a3d6 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f Loading...

	papahdd3.live/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1	ScriptElement	19 kB	2025-04-03	2025-07-21
Pretty URL papahdd3.live/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-03 04:02 Last Seen2025-07-21 03:56 Times Seen32680 Hash 1dafa7fe14b33c26fef9b0e5ba0c8e72 62f67cdac55d89c43570bf0c338f4edf548b14e1 50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61 Loading...

	papahdd3.live/wp-content/themes/papahd/assets/js/custom.js?ver=1.0.0%27%20defer=%27defer	ScriptElement	1.1 kB	2024-12-14	2025-07-20
Pretty URL papahdd3.live/wp-content/themes/papahd/assets/js/custom.js?ver=1.0.0%27%20defer=%27defer IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 04:07 Last Seen2025-07-20 13:54 Times Seen46 Hash d51d4a94bbe3c0ba3e4a948861aabb54 186f0a5743b736877f0f67f03e31d864c4c71471 2c82ec8200720005cbd04b43e96bb0374892c8376214084b8085cbd465c54324 Loading...

	piratcast.tv/papa.php?hd=301	ScriptElement	46 B	2025-04-13	2025-06-14
Pretty URL piratcast.tv/papa.php?hd=301 IP 104.21.34.208 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-13 18:46 Last Seen2025-06-14 20:47 Times Seen3 Hash eeb25cc972d9a7eb767b8f5e339ae3dc 0c2983501ca8ded17019447510e2b05a0b4e5971 4cb0d81338ec1d95b8aaaf378e363f2489d698189bbe1fa758b2d4ef5c463c97 Loading...

	papahdd3.live/everton-vs-southampton/	ScriptElement	3.3 kB	2025-05-18	2025-06-25
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 10:48 Last Seen2025-06-25 19:05 Times Seen4 Hash 072f575fc925422f9253164f7cf866e7 86b09f8a1db4da7e6fa400394c06434b7a544df7 e3e836916f3650a431bf1f3b3311e3d90461ed5cb74bbbec6111518fe150e9ab Loading...

	processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1	ScriptElement	161 B	2025-04-07	2025-06-29
Pretty URL processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-07 22:50 Last Seen2025-06-29 02:09 Times Seen22 Hash 394cb18c6d237357d97ed54760b53961 cd5cb994fcec5cc21dfba23968799885dcb1d136 efe7b20e748c56c27e7f064b335209c7188115086215d6fa62aabe3fc3e5d1f6 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	34 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 20:49 Times Seen13619 Hash 2258ac38f7858a6ba4085691c3717eeb 945664d46f6c9c384c42733c3e651bc501211ba6 fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713 Loading...

	papahdd3.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-07-21
Pretty URL papahdd3.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-07-21 06:17 Times Seen155376 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	34 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 11:45 Times Seen13612 Hash ccdedb234bf47f6c4d65f6b8063441cc 71aa94689fb3d57349f8361d80794a5ce6b360b0 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab Loading...

	papahdd3.live/everton-vs-southampton/	Eval	36 B	2023-03-07	2025-07-20
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-20 11:40 Times Seen13474 Hash 1dad91e6bbfdd2880543a6cc9917ed67 fcf6961970ab15ab46d64171281af4ea1b21bf46 a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a Loading...

	papahdd3.live/everton-vs-southampton/	Eval	34 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 11:45 Times Seen13613 Hash 442f7e0ac53b0beeffb200677ff2ffa2 7fb17f685c8a652386c7341e39138ea6f4a0e928 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-07-21
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-21 05:42 Times Seen31636 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	papahdd3.live/everton-vs-southampton/	ScriptElement	153 B	2024-12-14	2025-07-20
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-14 04:07 Last Seen2025-07-20 13:54 Times Seen46 Hash 82226db91e0af538b1b3badc8cfbc898 8791981eb48cb72d1a626ca5cf78a1700c7afb06 08481d5e53ef346ba10582908f1ea5eee680362e4c0107b5886038d5f5cebdbb Loading...

	piratcast.tv/papa.php?hd=301	ScriptElement	71 B	2025-05-10	2025-07-19
Pretty URL piratcast.tv/papa.php?hd=301 IP 104.21.34.208 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 10:57 Last Seen2025-07-19 20:56 Times Seen20 Hash 4c9c1c11d53105761679a1f04d895eaa cc620083d6eeca60f5d98aec82cfc1a541bab32a ecce68045e694c190bec2e06766f64e5a02b59719644298f69fb39b153263dea Loading...

	c.adsco.re/#0.33848632220958197	ScriptElement	486 B	2023-03-07	2025-07-21
Pretty URL c.adsco.re/#0.33848632220958197 IP 104.17.166.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-07-21 05:42 Times Seen2175 Hash 77c8287be10ff4b66a8490ca4d999917 7fccb364c5e22958503bcd8b92cdb648d5c4c96e c2d43195d015b5856873b3b0c6e717ee21599ca3f03f820b7c325f27b9b6a31d Loading...

	papahdd3.live/everton-vs-southampton/	Eval	24 B	2023-03-07	2025-07-20
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-20 08:01 Times Seen13607 Hash 2b19ea35707610f2e939fe0df80fa6a4 af1901992f6bd740e2631c7c17c1e79634b894ee ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1 Loading...

	processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1	ScriptElement	873 B	2025-03-29	2025-06-29
Pretty URL processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-29 17:52 Last Seen2025-06-29 02:09 Times Seen24 Hash 53bce2e2c731b2d9ece31848c4458f22 4074d4a7c985095c892c2dfa30063e46dbd66c8c c51408f00ddd00db560369e25d6695e158c4143cb2b4e1a517d7cac467ba7e68 Loading...

	papahdd3.live/everton-vs-southampton/	ScriptElement	978 B	2025-05-18	2025-06-25
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-18 10:48 Last Seen2025-06-25 19:05 Times Seen4 Hash f874a80bb63c480f4049e9b1225b6c4f d7725ecce1c6f3f0941a60100976204314f8bfb6 75ab63647808428bc7110b36ba8a5fbab1a8debfc7eef356165b30aba55938ad Loading...

	papahdd3.live/everton-vs-southampton/	Eval	24 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 05:43 Times Seen18272 Hash cf8eb3a6281bbc5283df73117e15ee6b 555b973dafe65782e867452d16afa9fec784b020 ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	29 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 11:45 Times Seen13619 Hash 7c7c28bb0085df9c3854d48f199f532c 37788c8af75238141a9c9c7be51da5d6acc2c9c0 cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14 Loading...

	papahdd3.live/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-07-21
Pretty URL papahdd3.live/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-07-21 06:25 Times Seen149206 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	piratcast.tv/js/aclib.js	ScriptElement	188 kB	2025-05-18	2025-05-18
Pretty URL piratcast.tv/js/aclib.js IP 104.21.34.208 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 10:48 Last Seen2025-05-18 10:48 Times Seen1 Hash 8847e7be86f08fafe343d2ee8eaf9c6f 99022ae5c289baaa9052c35e591e25c730c563b8 ef74feb90affc04944d515f41b95c1156b93b2e5ede8c03f10325197cff6dd49 Loading...

	papahdd3.live/everton-vs-southampton/	ScriptElement	827 B	2024-12-14	2025-07-20
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-14 04:07 Last Seen2025-07-20 13:54 Times Seen46 Hash 24fb640f611f4a611b8487bf291971e2 b449a8ee263bd202141ce35b264b9f675401f1e0 349f3e80f40df2b7e26f0e64241ed25cdc96fb693e33e0a5d4abe8ed561d0030 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	34 B	2023-03-07	2025-07-19
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 09:37 Times Seen13461 Hash 5bf5c1517a568ec5d47c4ba76548a352 49e22e6c9a2a369df84f658a7fa61d175e9b729f de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60 Loading...

	piratcast.tv/papa.php?hd=301	ScriptElement	483 B	2025-05-10	2025-06-14
Pretty URL piratcast.tv/papa.php?hd=301 IP 104.21.34.208 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 10:57 Last Seen2025-06-14 20:47 Times Seen8 Hash c9995e385a3580b6eeed90ef0a66a613 f8539c282b05b9c99376cc3882a74f69294755a8 000e13db4a4dc3e90b837dcf250ef2aee2b22f8bbc384fd1069922dee19fd7c7 Loading...

	papahdd3.live/everton-vs-southampton/	Eval	30 B	2023-03-07	2025-07-18
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-18 05:35 Times Seen13466 Hash d1b9509cc80454ee99c718b36acc2452 20bcb5eda341b8835846ba0bdc38efb0691ccb2f 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb Loading...

	papahdd3.live/everton-vs-southampton/	ScriptElement	194 B	2024-11-25	2025-07-20
Pretty URL papahdd3.live/everton-vs-southampton/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-25 14:52 Last Seen2025-07-20 13:54 Times Seen40 Hash 0a9c66a5ae14d8219a5e614b9b335a12 269617878d54c09d753567318dcc956d48278dbf 6189a56c7e55a93800e7d083e41a333154ea9879367f7921b8884708df085652 Loading...

	www.googletagmanager.com/gtag/js?id=G-M10DF2ED56	ScriptElement	384 kB	2025-05-18	2025-05-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-M10DF2ED56 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-18 10:48 Last Seen2025-05-18 10:48 Times Seen1 Hash ab18dcc7d1e539dff86e8576a8987ddc 6a9c400107a3ac100dfacf9e5c96efc6ca7cbeab c27d23ffb3f7f46a78b816be25ea6ff3fed86ab9564f4ea8984c339946afcc70 Loading...

	gekeebsirs.com/tag.min.js	ScriptElement	1.0 kB	2025-04-12	2025-06-15
Pretty URL gekeebsirs.com/tag.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-12 18:24 Last Seen2025-06-15 07:29 Times Seen24 Hash 349087cb477ed8ff65f7a179d387e18c adc159df54545486cdd462aa7e8bf6af2d084703 b5356018dfd5236256f23d31c8d156d38ab8d4dacdb3ec82b716f93ce903ce73 Loading...

		Size	First Seen	Last Seen
	#1 Write - fb95ef1b529cb2b6f7c39c99f345df47	309 B	2025-04-13 18:46	2025-06-14 20:47
Pretty Observations First Seen2025-04-13 18:46 Last Seen2025-06-14 20:47 Times Seen3 Hash fb95ef1b529cb2b6f7c39c99f345df47 dfca55a648a2d72c811974807a02a2ab83bd720f be7ac021614019ff0d9e25d4172899d50b1e1d568f4de011218697317a441539 Loading...

HTTP Transactions (45)

URL IP Response Size

GET processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1

188.114.97.1

200 OK

8.1 kB

URL GET
processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piratcast.tv/papa.php?hd=301
Certificate
IssuerGoogle Trust Services
Subjectprocessbigger.com
Fingerprint40:FB:57:30:08:54:5E:08:E1:5D:E6:D1:BB:73:E6:F6:42:A6:2A:EE
ValidityMon, 07 Apr 2025 20:47:05 GMT - Sun, 06 Jul 2025 21:40:17 GMT

File type
JavaScript source, ASCII text, with very long lines (1092)
Size
8.1 kB (8071 bytes)
Hash
aedc346d1f60780558c16c91c0b74a16
5206bfc7a12faf9eb990b55f5b3b210e92d518a9
dc3c1816d195903154a923bff2b455e4c51f08549fbb6ad1f6802ee4dd1b56d9

HTTP Headers

GET /maestrohd2.php?player=desktop&live=bbtsp1 HTTP/1.1
Host: processbigger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piratcast.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.30
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dTRoMvdYPC0ZFajDvS949bLl%2FQ09U7im7Tnr5VcyjPc4eRw%2FtWTOH4xskmgVS5IcsFNpR8%2Bf0lgKbJrxSrqM3gMMbsLNRgVn0syPqXAVLQ%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 941ac779ad2cb503-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js

151.101.193.229

200 OK

203 kB

URL GET
cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
203 kB (203006 bytes)
Hash
f02e7f8141d967d236a918cc7d93394f
31457a85a50637e77f526b9ab396fd02f41b15f1
3f45647a0cf7ff700978e1efc4d956c4456494f6a01479b387af0095a95ceaf5

HTTP Headers

GET /npm/@swarmcloud/hls/p2p-engine.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.14.4
x-jsd-version-type: version
etag: W/"318fe-MUV6haUGN+d/Umuas5b9AvQbFfE"
content-encoding: br
accept-ranges: bytes
date: Sun, 18 May 2025 10:47:55 GMT
age: 42452
x-served-by: cache-fra-eddf8230149-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62949
X-Firefox-Spdy: h2

GET acscdn.com/script/aclib.js

104.18.17.201

200 OK

141 kB

URL GET
acscdn.com/script/aclib.js
IP
104.18.17.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
FingerprintE8:04:28:CD:40:56:EF:C8:19:07:48:1D:8F:83:82:58:38:D8:61:A1
ValidityTue, 13 May 2025 15:22:09 GMT - Mon, 11 Aug 2025 16:21:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
141 kB (141415 bytes)
Hash
8f8105e049e8586067d7dd2ee8043319
44b582dca2cc906137fbb6f5b1b9b68b41b8bb09
db44a91c57e0e5c8b6b9239f371feb4ad11c427f07e0efc662f3c27f62144434

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: text/javascript
x-guploader-uploadid: AAO2Vwq_NK57fukiSNR7uM6Tx5KpPQJ_3YmLVYjcO97bwItnWZ_G4Ui77FDl0ElMvVMClUyy
x-goog-generation: 1747151179744582
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 141415
x-goog-hash: crc32c=LGQWIg==, md5=j4EF4EnoWGBn190u6AQzGQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 18 May 2025 11:47:55 GMT
cache-control: public, max-age=3600
last-modified: Tue, 13 May 2025 15:46:19 GMT
etag: W/"8f8105e049e8586067d7dd2ee8043319"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1590
vary: Accept-Encoding
server: cloudflare
cf-ray: 941ac77cace4b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.cdn4ads.com/pJOed/lload-min.js

95.173.205.14

200 OK

37 kB

URL GET
www.cdn4ads.com/pJOed/lload-min.js
IP
95.173.205.14:443
ASN
#60068 Datacamp Limited

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerLet's Encrypt
Subject1037973644.rsc.cdn77.org
Fingerprint3E:78:25:35:58:62:66:11:F1:63:85:0F:74:F8:05:D7:28:7F:51:D1
ValidityWed, 16 Apr 2025 02:52:43 GMT - Tue, 15 Jul 2025 02:52:42 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37166 bytes)
Hash
71cadd5d8edd88b36c632774195f9602
d748e2041ca1efd6eff4ffa3c2e85bd39de517a0
95d49b30c173f862d00d7ab156cbe3b3fde86594750d3dc9cd99fe76533cf4aa

HTTP Headers

GET /pJOed/lload-min.js HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: application/x-javascript
popads-node: wb5
expires: Sun, 18 May 2025 10:57:09 GMT
access-control-allow-origin: https://papahdd3.live
link: <https://cdn4ads.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQHXFi4JAAwBuUwKDAH3PwoAAAwBisclxAGTljoJAA
x-77-nzt-ray: 2a494a15406f1f83ffba2968b82b752e
x-77-cache: HIT
vary: Accept-Encoding, Origin
content-encoding: gzip
x-77-age: 601622
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

GET papahdd3.live/wp-content/uploads/2024/06/android-chrome-192x192-1.png

188.114.96.1

200 OK

18 kB

URL GET
papahdd3.live/wp-content/uploads/2024/06/android-chrome-192x192-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
18 kB (18156 bytes)
Hash
6871d259fffdef14e46b5b98a618cc42
df191e794da66c25c3d9b9de5dc0040df3aa0d3a
320331e797313637ac55e0687b2940dc93156c3b060ac85039dd9f688e27ee9a

HTTP Headers

GET /wp-content/uploads/2024/06/android-chrome-192x192-1.png HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: image/png
content-length: 18156
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
cf-cache-status: HIT
age: 223317
priority: u=6,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JBprXnG5zF6rWWHAuZO0gnR3579XUUN3qSLvZMpUHI2U5ZhlBwTJ1mmVKA85mIs%2FQfB6bIjBYxzGunX62v6MTH7DkVJDMXWhEjjV"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac778d9d5b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET youradexchange.com/script/suurl5.php?r=8804222&cbur=0.48617471768173115&cbiframe=1&cbWidth=1180&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fpapahdd3.live%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747565275157&srs=cefae3eddc575e46e69ab412c4f19b9e&atv=60.1&abtg=1&adbv=3-cdn-js

104.21.91.188

200 OK

942 B

URL GET
youradexchange.com/script/suurl5.php?r=8804222&cbur=0.48617471768173115&cbiframe=1&cbWidth=1180&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fpapahdd3.live%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747565275157&srs=cefae3eddc575e46e69ab412c4f19b9e&atv=60.1&abtg=1&adbv=3-cdn-js
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piratcast.tv/papa.php?hd=301
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint15:B3:64:96:16:B0:F4:77:6F:50:C1:66:99:8E:A6:A8:90:64:AD:7E
ValidityThu, 03 Apr 2025 15:59:56 GMT - Wed, 02 Jul 2025 16:56:55 GMT

File type
JSON text data
Size
942 B (942 bytes)
Hash
270b6e872a8ae96dc2798720ddd205b6
f2e695f460d231b2a522fbdbfa03aa3771dbf202
0ba05125808ebe8f1393b38096fc581412317189cd3166bb58662ec10a78f812

HTTP Headers

GET /script/suurl5.php?r=8804222&cbur=0.48617471768173115&cbiframe=1&cbWidth=1180&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fpapahdd3.live%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jzwfaybzrhusx.tech&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1747565275157&srs=cefae3eddc575e46e69ab412c4f19b9e&atv=60.1&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://piratcast.tv/
Origin: https://piratcast.tv
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MdR7lWWKGJBWi4AfWe346qrZys2UUt81bXH6LQktkT3KaizDe65Z%2F4Ew%2BkLWddxA7djc5fjYXQTo1aE5gD2vk7Jqz85CeiAJ84ofJhra"}]}
cf-ray: 941ac77a1f055688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST pubtrky.com/ut/hb.php?cb=0.7073762975829956&v=1

172.67.188.110

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.7073762975829956&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piratcast.tv/papa.php?hd=301
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.7073762975829956&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 831
Origin: https://piratcast.tv
DNT: 1
Connection: keep-alive
Referer: https://piratcast.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 18 May 2025 10:47:55 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8YDBw13zklK63VbzLln3A8lOW%2BMLPYHEpvZchWQUrt3NVBVhZ%2B%2BqL9T1bSVcG518Wf3hssfDNrTEBKiDVeVW9dRjyAEVu2dMhA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac77b3b7056a3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js

151.101.193.229

200 OK

631 kB

URL GET
cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
631 kB (630856 bytes)
Hash
9f7ee162594292d8a7cd8c88a8e2318d
55413890dd74e180a2b2a04994c40876bd8b1769
f0243f6e2395c077f4ae46ae4b1d969090d64106387b45cb39a28bbdb07e6752

HTTP Headers

GET /npm/@clappr/player@0.8/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.8.0
x-jsd-version-type: version
etag: W/"9a048-VUE4kN104YCisqBJlMQIdr2LF2k"
content-encoding: br
accept-ranges: bytes
age: 14015
date: Sun, 18 May 2025 10:47:55 GMT
x-served-by: cache-fra-eddf8230058-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 162561
X-Firefox-Spdy: h2

GET c.adsco.re/#0.33848632220958197

104.17.166.186

200 OK

79 kB

URL GET
c.adsco.re/#0.33848632220958197
IP
104.17.166.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (689)
Size
79 kB (79103 bytes)
Hash
f0e71ebb1e2c90b307c171052ca517d0
1a1950b1868c0bfb8629f6f81b81439160727a79
adbce95b9ac0da66ea3a1d707494d9c74876e1c9186c446b4b5a22d15adc1ee5

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:57 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 18 Jun 2025 10:47:57 GMT
etag: W/"8Oceux4skLMHwXEFLKUX0A=="
content-encoding: gzip
cf-cache-status: HIT
age: 812335
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 941ac789b8695691-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST adsco.re/p

162.252.214.5

200 OK

1.2 kB

URL POST
adsco.re/p
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1212), with no line terminators
Size
1.2 kB (1212 bytes)
Hash
7efb7a1fadf647314a0db90f46babdfd
e1d68f8921239fa30ced3ab3e5ce4e470a3cdb4a
410014c5a8899bbec9a6d4a73e56261b70e8ba6ecebfa26ee75a8f3560237318

HTTP Headers

POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1610
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 18 May 2025 10:47:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK nyc123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://papahdd3.live
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

GET papahdd3.live/everton-vs-southampton/

188.114.96.1

200 OK

22 kB

URL User Request GET
papahdd3.live/everton-vs-southampton/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
HTML document, ASCII text, with very long lines (8856), with CRLF, LF line terminators
Size
22 kB (22324 bytes)
Hash
c81ed37a8f97a5dcf5a64903eda52266
4b000e7cf483d057904e12e248eeb4bcba4c0fe4
a06fa4ba8ebd58d5f2fef3c002b2d72a61283c1e65871e145028081133d3e24a

HTTP Headers

GET /everton-vs-southampton/ HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
link: <https://papahdd3.live/wp-json/>; rel="https://api.w.org/", <https://papahdd3.live/wp-json/wp/v2/pages/365916>; rel="alternate"; title="JSON"; type="application/json", <https://papahdd3.live/?p=365916>; rel=shortlink
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oDhtv6p%2BGS6IMNtNSbd87qZVBJ%2BZkAp8eC5VW92AFU%2FgIs5fJVcQIoomaDtqKokiT8WofkmsLWmRoktd%2FejaLw%2FQ8oRlpwIju6ai"}]}
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 941ac77109f95689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET papahdd3.live/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

188.114.96.1

200 OK

88 kB

URL GET
papahdd3.live/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/javascript
content-length: 29769
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
age: 2212619
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nBkOke6SyDhIt2ecFpwzNEfksBiETBwNmu0RM9pcEfSHSrlElZM1cPVXGrWzvsBk95mqb3SXk3cbSFpLqW%2BRt%2Br5ZNIJDiarBiSF"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c7fb4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET papahdd3.live/wp-content/themes/papahd/assets/css/header-footer.css?ver=1.0

188.114.96.1

200 OK

1.7 kB

URL GET
papahdd3.live/wp-content/themes/papahd/assets/css/header-footer.css?ver=1.0
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
ASCII text
Size
1.7 kB (1701 bytes)
Hash
7d614674884bedb4211fba69e473b602
66dddccd88f1d61600673358176bccd8492809d9
f615e908321816da6ffbf73852c4b27ef6a2f84292830b4ac1a87b697445bae7

HTTP Headers

GET /wp-content/themes/papahd/assets/css/header-footer.css?ver=1.0 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/css
content-length: 506
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 223334
priority: u=2,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5SkOa3PYyxAb09s6F%2Fw9BuUAboNxpdhhpyK7oW758qvsbgEjH3hyljiPpwR9mH0MjV6S3YZXUtlzTrUhhsfnu5dSS%2B7sHdszBAyH"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c7db4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

125 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 125064, version 768.67
Size
125 kB (125064 bytes)
Hash
57b380d27f14f16e737bcca7e849cf79
2e4280929d4d76fc0e31601c98f167f14630c209
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 125064
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 941ac7772e3e1c02-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "619c057b-1e888"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 235777
expires: Fri, 08 May 2026 10:47:54 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0D5BJcD4wg1eLgcZPKv68JHedai05GRf%2BDHN%2Fyin2jPZNdOus9fISOrpY6RADqEA85AtKuZuB5MnSWgaoeZHbVSbSQYdPznGXZ9KQ7c7XBk93uUwqpSyFfiWHwKeQr8m0a9Oy%2Btv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET code.jquery.com/jquery-1.11.0.min.js

151.101.2.137

200 OK

96 kB

URL GET
code.jquery.com/jquery-1.11.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32341)
Size
96 kB (96381 bytes)
Hash
8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

HTTP Headers

GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1787d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 18 May 2025 10:47:55 GMT
age: 3965928
x-served-by: cache-lga21931-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 7961, 138961
x-timer: S1747565276.669830,VS0,VE0
vary: Accept-Encoding
content-length: 33357
X-Firefox-Spdy: h2

GET papahdd3.live/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

188.114.96.1

200 OK

116 kB

URL GET
papahdd3.live/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
ASCII text, with very long lines (55654)
Size
116 kB (116363 bytes)
Hash
dfe67cbbac3da53fdbbaed71c91db428
8c82643ef63a8389c1b800b7c5d0af9d684b8b24
597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/css
content-length: 14200
server: cloudflare
last-modified: Tue, 15 Apr 2025 18:11:47 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
age: 1527604
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NjJH4SMnaMfF9DzsZXfNmpOHoHjajukB2Jxtp0TXWVwnFNNsJ9Htnlu84g7fPo7VWfhYXATkjG6ia88rJPARSLYE%2Fl7CS%2FmglY%2Bp"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c70b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.8.1

104.17.25.14

200 OK

84 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.8.1
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
ASCII text, with very long lines (65311)
Size
84 kB (83981 bytes)
Hash
3d5ef2bf867c4054a2f336cdbad9e1dc
07228d1fa3245ee156a27a353f45758a3207849f
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.8.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/css; charset=utf-8
content-length: 14850
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 941ac7759cc65691-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619c057b-3a02"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 314886
expires: Fri, 08 May 2026 10:47:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FBMW9anWIaYBvq3pTM6%2FnPNKNzJqeyxg3XxRpf%2FHywKi4DenDlWnYY3WFhIFjaDl2eSqIS1I8c131BVMB0Mhf6%2FlCT8IQnqFINRBg3c9BiuHIoro18IHH%2FuJ3r0V7POIpnnjPxD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET processbigger.com/maestrohd2.js

188.114.97.1

200 OK

1.0 kB

URL GET
processbigger.com/maestrohd2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piratcast.tv/papa.php?hd=301
Certificate
IssuerGoogle Trust Services
Subjectprocessbigger.com
Fingerprint40:FB:57:30:08:54:5E:08:E1:5D:E6:D1:BB:73:E6:F6:42:A6:2A:EE
ValidityMon, 07 Apr 2025 20:47:05 GMT - Sun, 06 Jul 2025 21:40:17 GMT

File type
ASCII text, with very long lines (310)
Size
1.0 kB (1014 bytes)
Hash
d625e733b7547dcdd415c4b27c4bc527
7f00e2b8792948ae625499c06ae590515250f2b9
83487ba31c45dfaa270e93aca0e5327f12b8a763d2c0822650f65d3d0989388b

HTTP Headers

GET /maestrohd2.js HTTP/1.1
Host: processbigger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piratcast.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sat, 08 Mar 2025 21:36:34 GMT
vary: Accept-Encoding
etag: W/"67ccb862-3f6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 254
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UR3EYPyvH2Aj1b6qCb8eAb4UqvWjSi5O1SQzgJt64RlMxF3OYpStXTi%2BHvMl%2BrHfWrHoTHeY7WhZToiQfdjv2y%2B9JqvubT18ht3A7U6Zgg%3D%3D"}]}
cf-ray: 941ac778be2a0b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST oxv5vicimd9f.s4.adsco.re/

185.200.116.60

200 OK

0 B

URL POST
oxv5vicimd9f.s4.adsco.re/
IP
185.200.116.60:443
ASN
#9009 M247 Europe SRL

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerLet's Encrypt
Subject*.s4.adsco.re
FingerprintAE:BB:65:20:B5:2F:2A:DA:30:73:84:C4:DC:5F:66:67:7C:1F:84:BB
ValiditySat, 19 Apr 2025 09:14:19 GMT - Fri, 18 Jul 2025 09:14:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: oxv5vicimd9f.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:58 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-migrate-1.2.1.min.js

151.101.2.137

200 OK

7.2 kB

URL GET
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7085)
Size
7.2 kB (7199 bytes)
Hash
eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 18 May 2025 10:47:55 GMT
age: 3965945
x-served-by: cache-lga21931-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 5, 151742
x-timer: S1747565276.642213,VS0,VE0
vary: Accept-Encoding
content-length: 3063
X-Firefox-Spdy: h2

POST x3os.com/5/5976126/?oo=1&js_build=iclick-v1.1136.1&dmn=gekeebsirs.com&tt=2&ix=0

139.45.196.64

204 No Content

0 B

URL POST
x3os.com/5/5976126/?oo=1&js_build=iclick-v1.1136.1&dmn=gekeebsirs.com&tt=2&ix=0
IP
139.45.196.64:443
ASN
#9002 RETN Limited

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerLet's Encrypt
Subjectx3os.com
Fingerprint50:C0:EA:5D:F8:E5:56:73:E2:8F:35:76:0A:C7:E0:08:49:F5:FD:AB
ValidityTue, 22 Apr 2025 14:19:12 GMT - Mon, 21 Jul 2025 14:19:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/5976126/?oo=1&js_build=iclick-v1.1136.1&dmn=gekeebsirs.com&tt=2&ix=0 HTTP/1.1
Host: x3os.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2573
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sun, 18 May 2025 10:47:57 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://papahdd3.live
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET cdn4ads.com/drweealhymwnukjfnc?VvozmuyQ=BQOCAAAAAAAACZUAAl-Z0YFwB25v29hFe501LNFTBK4qHJhpNDbr-e4M3RvJBTlhueZ8j0yZ2w3mnfpFr6XOcun9sKBeiMyRUoY2NhdT0tCiyhl5rp2egL8d_KRZNpV2Eh24ukO4eq0Q8EiMc7-L8GNrPdrLPi6PboPgs0AR8OgPciip1L6BB1JQ3mvzt2Yl8cYwWFRD7vmywaKZ5bftX_DzEpuP98h43H-xzJiPoqDVVampMe4ug69Q-Ae85ldqqEpJqfjOaXRhfLsxByLmF1WzxiUTHJpMM9LGQkgqTf6n4KQ7BeMoPMeRbZC9HiUHTv9kGIwokcPYhUGjNqITGTEGH9eqWNKANhnxdPOLoT0aZIFdOxQDKFOXLiPrblvzJYjVmmaXXUxccPWpntijc1iR4qK7F_mAzMGX0FIWn-e4nmQh9wBxGxd6RrOUyHT1uYmp1IIiEnNcCeAQX_csUwbgLTTc3-24Cd7rCs7Gkt_sj-nXdkvP67H7HrOe5rvwIqcYbCzJSV0P2Yq64UtHPnGSSpMhe-EaI3qLctvB1l0TwBH6g9JKyRLy8UYvtLyx9T1UsMMkuw1JiUZkkFYCjBFTP7aTO8VZ8lu27jPkJzbcrdteKKRAy3bm9jXp18PHiHqXPjVBNm4XolTAYb2vq8aLLOw2OcxodL6S36iV-7X9xeu1BmpOwIS5luZWrc4jftIktvpazCmRM6QpYlcz8MLlIslShid_GtEiaRvPDSZMDRZ7R13XXZkSp_Yp-XEFQ21xDQj4KeoTlP-nHnwR09EwEGxcvjn3fIBWi4sKXQFHYU39wp1yXqZrqxLoiSrzXfdAHHgXafMsCEWE2t20JdDvhilQu9LzjpsTAvaa5sOhYFv50ygibp-0uNC3QdAaINFi6aEuL0Fxb-S0U46C6sNmx3X9yGfAylYr9e_lVMFkRyPbJcoiOAJNlfS-sfXRdLs1FLH-VSwAEzrnP11i43ozayb81K96dybbfvhArWkfu1Px2XP9_APXqhHONdTK-9PPBk2_QF-b9pOxUgK2ztcUBKv0QEr6-G582Ck62hKEw5b5GaD9TNUN95RB2lxhAHz796-bDcbHPSdtPQ-OjehpZOqC9U8RzBiowJ41trSt7olDCXT1yaPEDZb4n6IXnYdqLPWTrAVoFnITw6zLRgbQnekHgSGvtqgODc7zAjCuuHkwJoiCdK7v7pUg&FHtVSgEN=4&uCpsNAen=5193577&UEZmOfto=0.001&LqWiOueY=0,0&zdQbZNBC=&CSbYykPT=&s=1280,1024,1,1280,1024,0

216.59.63.128

200 OK

44 B

URL GET
cdn4ads.com/drweealhymwnukjfnc?VvozmuyQ=BQOCAAAAAAAACZUAAl-Z0YFwB25v29hFe501LNFTBK4qHJhpNDbr-e4M3RvJBTlhueZ8j0yZ2w3mnfpFr6XOcun9sKBeiMyRUoY2NhdT0tCiyhl5rp2egL8d_KRZNpV2Eh24ukO4eq0Q8EiMc7-L8GNrPdrLPi6PboPgs0AR8OgPciip1L6BB1JQ3mvzt2Yl8cYwWFRD7vmywaKZ5bftX_DzEpuP98h43H-xzJiPoqDVVampMe4ug69Q-Ae85ldqqEpJqfjOaXRhfLsxByLmF1WzxiUTHJpMM9LGQkgqTf6n4KQ7BeMoPMeRbZC9HiUHTv9kGIwokcPYhUGjNqITGTEGH9eqWNKANhnxdPOLoT0aZIFdOxQDKFOXLiPrblvzJYjVmmaXXUxccPWpntijc1iR4qK7F_mAzMGX0FIWn-e4nmQh9wBxGxd6RrOUyHT1uYmp1IIiEnNcCeAQX_csUwbgLTTc3-24Cd7rCs7Gkt_sj-nXdkvP67H7HrOe5rvwIqcYbCzJSV0P2Yq64UtHPnGSSpMhe-EaI3qLctvB1l0TwBH6g9JKyRLy8UYvtLyx9T1UsMMkuw1JiUZkkFYCjBFTP7aTO8VZ8lu27jPkJzbcrdteKKRAy3bm9jXp18PHiHqXPjVBNm4XolTAYb2vq8aLLOw2OcxodL6S36iV-7X9xeu1BmpOwIS5luZWrc4jftIktvpazCmRM6QpYlcz8MLlIslShid_GtEiaRvPDSZMDRZ7R13XXZkSp_Yp-XEFQ21xDQj4KeoTlP-nHnwR09EwEGxcvjn3fIBWi4sKXQFHYU39wp1yXqZrqxLoiSrzXfdAHHgXafMsCEWE2t20JdDvhilQu9LzjpsTAvaa5sOhYFv50ygibp-0uNC3QdAaINFi6aEuL0Fxb-S0U46C6sNmx3X9yGfAylYr9e_lVMFkRyPbJcoiOAJNlfS-sfXRdLs1FLH-VSwAEzrnP11i43ozayb81K96dybbfvhArWkfu1Px2XP9_APXqhHONdTK-9PPBk2_QF-b9pOxUgK2ztcUBKv0QEr6-G582Ck62hKEw5b5GaD9TNUN95RB2lxhAHz796-bDcbHPSdtPQ-OjehpZOqC9U8RzBiowJ41trSt7olDCXT1yaPEDZb4n6IXnYdqLPWTrAVoFnITw6zLRgbQnekHgSGvtqgODc7zAjCuuHkwJoiCdK7v7pUg&FHtVSgEN=4&uCpsNAen=5193577&UEZmOfto=0.001&LqWiOueY=0,0&zdQbZNBC=&CSbYykPT=&s=1280,1024,1,1280,1024,0
IP
216.59.63.128:443
ASN
#53334 TUT-AS

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subjectcdn4ads.com
Fingerprint92:E8:5F:67:E6:26:22:D5:AD:B6:B6:67:7C:38:20:45:99:C6:B1:7F
ValidityFri, 04 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

HTTP Headers

GET /drweealhymwnukjfnc?VvozmuyQ=BQOCAAAAAAAACZUAAl-Z0YFwB25v29hFe501LNFTBK4qHJhpNDbr-e4M3RvJBTlhueZ8j0yZ2w3mnfpFr6XOcun9sKBeiMyRUoY2NhdT0tCiyhl5rp2egL8d_KRZNpV2Eh24ukO4eq0Q8EiMc7-L8GNrPdrLPi6PboPgs0AR8OgPciip1L6BB1JQ3mvzt2Yl8cYwWFRD7vmywaKZ5bftX_DzEpuP98h43H-xzJiPoqDVVampMe4ug69Q-Ae85ldqqEpJqfjOaXRhfLsxByLmF1WzxiUTHJpMM9LGQkgqTf6n4KQ7BeMoPMeRbZC9HiUHTv9kGIwokcPYhUGjNqITGTEGH9eqWNKANhnxdPOLoT0aZIFdOxQDKFOXLiPrblvzJYjVmmaXXUxccPWpntijc1iR4qK7F_mAzMGX0FIWn-e4nmQh9wBxGxd6RrOUyHT1uYmp1IIiEnNcCeAQX_csUwbgLTTc3-24Cd7rCs7Gkt_sj-nXdkvP67H7HrOe5rvwIqcYbCzJSV0P2Yq64UtHPnGSSpMhe-EaI3qLctvB1l0TwBH6g9JKyRLy8UYvtLyx9T1UsMMkuw1JiUZkkFYCjBFTP7aTO8VZ8lu27jPkJzbcrdteKKRAy3bm9jXp18PHiHqXPjVBNm4XolTAYb2vq8aLLOw2OcxodL6S36iV-7X9xeu1BmpOwIS5luZWrc4jftIktvpazCmRM6QpYlcz8MLlIslShid_GtEiaRvPDSZMDRZ7R13XXZkSp_Yp-XEFQ21xDQj4KeoTlP-nHnwR09EwEGxcvjn3fIBWi4sKXQFHYU39wp1yXqZrqxLoiSrzXfdAHHgXafMsCEWE2t20JdDvhilQu9LzjpsTAvaa5sOhYFv50ygibp-0uNC3QdAaINFi6aEuL0Fxb-S0U46C6sNmx3X9yGfAylYr9e_lVMFkRyPbJcoiOAJNlfS-sfXRdLs1FLH-VSwAEzrnP11i43ozayb81K96dybbfvhArWkfu1Px2XP9_APXqhHONdTK-9PPBk2_QF-b9pOxUgK2ztcUBKv0QEr6-G582Ck62hKEw5b5GaD9TNUN95RB2lxhAHz796-bDcbHPSdtPQ-OjehpZOqC9U8RzBiowJ41trSt7olDCXT1yaPEDZb4n6IXnYdqLPWTrAVoFnITw6zLRgbQnekHgSGvtqgODc7zAjCuuHkwJoiCdK7v7pUg&FHtVSgEN=4&uCpsNAen=5193577&UEZmOfto=0.001&LqWiOueY=0,0&zdQbZNBC=&CSbYykPT=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
popads-node: wb5
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 18 May 2025 10:47:59 GMT
X-Firefox-Spdy: h2

GET papahdd3.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.114.96.1

200 OK

14 kB

URL GET
papahdd3.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/javascript
content-length: 4685
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 915541
priority: u=2,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CReb3p86YTKwr%2F1tS7oSQextLth1reCIfdOzwZiTY2JIWIHk6YVnfA%2FfmRIahXTxZ2OkxGdL2VAtCQZcFpOkHv1l8PGb3zndzd6T"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c81b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET code.jquery.com/jquery-latest.js

151.101.2.137

200 OK

283 kB

URL GET
code.jquery.com/jquery-latest.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
283 kB (282766 bytes)
Hash
3d93b072d14f2bd1ede58f4847f537fd
73e5d044bd153dd912930e8be433059454ce19cd
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

HTTP Headers

GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-4508e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 18 May 2025 10:47:55 GMT
age: 4562598
x-served-by: cache-lga21958-LGA, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 14380, 1120342
x-timer: S1747565276.652476,VS0,VE0
vary: Accept-Encoding
content-length: 83875
X-Firefox-Spdy: h2

GET papahdd3.live/wp-content/uploads/2024/06/android-chrome-192x192-1-150x150.png

188.114.96.1

200 OK

14 kB

URL GET
papahdd3.live/wp-content/uploads/2024/06/android-chrome-192x192-1-150x150.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
14 kB (14058 bytes)
Hash
1321666198344e7cf935eac0b9f93e45
55b359098fb3f0b4233cdf404865773ba88884a9
fc589fed8446d9a19e00c1a1752f4463c08349486fb44f6c5edb0afa6da4d8cf

HTTP Headers

GET /wp-content/uploads/2024/06/android-chrome-192x192-1-150x150.png HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: image/png
content-length: 14058
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
cf-cache-status: HIT
age: 796261
priority: u=6,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=c9887gXEev9F0XLKJQIlupNtrOXU1NjxUqL6QB3sTX1rxiJA5CqAi4u42onWvfTVm6gOBZZXfKsu%2FtAIg5iEUDSNOEs%2FR5v64eCb"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac778d9dab4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js

172.217.21.170

200 OK

87 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
JavaScript source, ASCII text, with very long lines (32033)
Size
87 kB (86596 bytes)
Hash
d4162c9d7e520a5de05001be6e741899
0baf29230047c9cd896f14c59618c9948ea79451
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

HTTP Headers

GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 May 2025 20:53:23 GMT
expires: Fri, 15 May 2026 20:53:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 222872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 4.adsco.re:2087/

0.0.0.0

0 B

URL GET
4.adsco.re:2087/
IP
0.0.0.0:0
ASN
#0

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET 6.adsco.re/

104.17.167.186

200 OK

45 B

URL GET
6.adsco.re/
IP
104.17.167.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:57 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://papahdd3.live
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 941ac7887d0e56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET 6.adsco.re:2087/

104.17.167.186

200 OK

45 B

URL GET
6.adsco.re:2087/
IP
104.17.167.186:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:57 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://papahdd3.live
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 941ac7887ef05693-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2

POST oxv5vicimd9f.n4.adsco.re/

38.132.109.126

200 OK

0 B

URL POST
oxv5vicimd9f.n4.adsco.re/
IP
38.132.109.126:443
ASN
#9009 M247 Europe SRL

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintEB:C6:B8:97:D3:9D:38:6F:22:4B:ED:17:B4:B6:9C:E0:30:A8:06:1E
ValiditySat, 19 Apr 2025 09:14:20 GMT - Fri, 18 Jul 2025 09:14:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: oxv5vicimd9f.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:57 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET papahdd3.live/everton-vs-southampton

188.114.96.1

301 Moved Permanently

22 kB

URL User Request GET
papahdd3.live/everton-vs-southampton
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type

Size
22 kB (22324 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /everton-vs-southampton HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 18 May 2025 10:47:53 GMT
content-type: text/html; charset=UTF-8
location: https://papahdd3.live/everton-vs-southampton/
server: cloudflare
x-redirect-by: WordPress
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4IVtohAxpQe8dVHSEHT14plutOTtpU%2FKxfaZqeLah3oKx9FA0jVts8INfGfcmZcxHE7p8GwMZ5tgH2b7e2vPnur6Zw24uKN%2B922D"}]}
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac76bd9b95689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET papahdd3.live/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1

188.114.96.1

200 OK

19 kB

URL GET
papahdd3.live/wp-includes/js/wp-emoji-release.min.js?ver=6.8.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
JavaScript source, ASCII text, with very long lines (16290)
Size
19 kB (19264 bytes)
Hash
1dafa7fe14b33c26fef9b0e5ba0c8e72
62f67cdac55d89c43570bf0c338f4edf548b14e1
50cc1a0490008ec62ca8b581fa9cdcfb2eda2d36a08ccbeb1f004da599e9cc61

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.8.1 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/javascript
content-length: 4760
server: cloudflare
last-modified: Tue, 15 Apr 2025 18:11:47 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 223333
priority: u=3,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ew8TnGLpg5f8OhPkGvWFsQvH5mK4mi5MKppmECm73nqL5xOfabO%2BcGH09s0AhzoVguE%2BZOGazhZPDEOcalwll%2FBDO5r4zxwtThpW"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac776ff03b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET papahdd3.live/wp-content/themes/papahd/assets/js/custom.js?ver=1.0.0%27%20defer=%27defer

188.114.96.1

200 OK

1.1 kB

URL GET
papahdd3.live/wp-content/themes/papahd/assets/js/custom.js?ver=1.0.0%27%20defer=%27defer
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.1 kB (1095 bytes)
Hash
d51d4a94bbe3c0ba3e4a948861aabb54
186f0a5743b736877f0f67f03e31d864c4c71471
2c82ec8200720005cbd04b43e96bb0374892c8376214084b8085cbd465c54324

HTTP Headers

GET /wp-content/themes/papahd/assets/js/custom.js?ver=1.0.0%27%20defer=%27defer HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/javascript
content-length: 373
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 2414282
priority: u=3,i=?0
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JDJpy39LXUvigEUQzyVEwadLsg%2BtIAOZMa95%2BPed%2FGOzWrctMDdKVb5gkQsTobEnkiPC9AoRI7KECyGSP%2BiLtk3eA7lUxCT6Vhb7"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c86b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET gekeebsirs.com/tag.min.js

188.114.97.1

200 OK

103 kB

URL GET
gekeebsirs.com/tag.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectgekeebsirs.com
Fingerprint62:05:E4:1A:BD:00:57:39:23:18:02:9C:EA:74:80:18:AC:42:4D:88
ValiditySun, 06 Apr 2025 12:54:11 GMT - Sat, 05 Jul 2025 13:51:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102565 bytes)
Hash
ddc19ab0a69d5eedcce14aa435f8209f
6fe055a3ccf187da759a514a89c37f37db368682
6246e5559eba7b5f91b71a1e5f976ef939079312de24883f5540e0a2a02cb89e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: gekeebsirs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: 2277208b7678d8084c68658b5cf369a5
cache-control: public, max-age=3600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 216
cf-cache-status: HIT
last-modified: Sun, 18 May 2025 10:44:18 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RF2Siqx8frly78rjzv5yZDhzKLgQtHrXcSobQzyQGc3h2erebZhtkqk142sBb5fP7bfhOVKll90r6avilmXYVvBl68V%2Fl9pNXyUUTQ%3D%3D"}]}
cf-ray: 941ac7775f915697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET piratcast.tv/papa.php?hd=301

104.21.34.208

200 OK

1.1 kB

URL GET
piratcast.tv/papa.php?hd=301
IP
104.21.34.208:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpiratcast.tv
FingerprintA6:B2:67:F1:C4:0F:9F:6C:02:09:DD:76:42:67:D4:B5:38:BF:5F:4A
ValidityFri, 25 Apr 2025 22:44:17 GMT - Thu, 24 Jul 2025 23:41:53 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.1 kB (1139 bytes)
Hash
62fd1d1e92d1d2440040aadbe53d22ac
789f2eaaec716fe8bef5d6880df1fb80e5ea6b1f
4d706c4e8f00b94bff80a09a9a6a2109f41c4643ce65456d35dbc19a3410499a

HTTP Headers

GET /papa.php?hd=301 HTTP/1.1
Host: piratcast.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
x-powered-by: PHP/8.1.32
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wi5R8PqyTrQYWpmRfqCXGZYv8u9sAUBMl7u3B4qo2low8OmalfumREE1AFPLf95%2B3AYLjc840ybNm5sqzxnOEKqjx86J4W%2Bhzeo%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 941ac777295c568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET piratcast.tv/js/aclib.js

104.21.34.208

200 OK

188 kB

URL GET
piratcast.tv/js/aclib.js
IP
104.21.34.208:443
ASN
#13335 CLOUDFLARENET

Requested by
https://piratcast.tv/papa.php?hd=301
Certificate
IssuerGoogle Trust Services
Subjectpiratcast.tv
FingerprintA6:B2:67:F1:C4:0F:9F:6C:02:09:DD:76:42:67:D4:B5:38:BF:5F:4A
ValidityFri, 25 Apr 2025 22:44:17 GMT - Thu, 24 Jul 2025 23:41:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (46402), with NEL line terminators
Size
188 kB (187677 bytes)
Hash
8847e7be86f08fafe343d2ee8eaf9c6f
99022ae5c289baaa9052c35e591e25c730c563b8
ef74feb90affc04944d515f41b95c1156b93b2e5ede8c03f10325197cff6dd49

HTTP Headers

GET /js/aclib.js HTTP/1.1
Host: piratcast.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piratcast.tv/papa.php?hd=301
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BdaHDay51hIPKdyAivNHqxcyTSBG%2B3rwTojsr4UD6v3h0edC%2FCRvCnSkCaUo2L1JvaGPWSe%2F16lnK7IDdAbRW88YdDy6sIvoFwM7PKDn6sfFtW80lY44xrqjssVQsE%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 15 May 2025 21:00:01 GMT
vary: Accept-Encoding
etag: W/"682655d1-2dd1d"
expires: Sat, 14 Jun 2025 21:12:02 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 221752
cf-cache-status: HIT
cf-ray: 941ac7786caf1c06-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4851&min_rtt=4103&rtt_var=2639&sent=26&recv=35&lost=0&retrans=0&sent_bytes=4504&recv_bytes=2569&delivery_rate=2268&cwnd=12000&unsent_bytes=0&cid=dc596362eb13ef59&ts=146&x=16"

GET processbigger.com/css/embed.css?ver=1.4.4

188.114.97.1

200 OK

537 B

URL GET
processbigger.com/css/embed.css?ver=1.4.4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectprocessbigger.com
Fingerprint40:FB:57:30:08:54:5E:08:E1:5D:E6:D1:BB:73:E6:F6:42:A6:2A:EE
ValidityMon, 07 Apr 2025 20:47:05 GMT - Sun, 06 Jul 2025 21:40:17 GMT

File type
ASCII text
Size
537 B (537 bytes)
Hash
5d1a4982bf5af51f75154543a5c87dcb
041b9fa8a7c04cd0be4771c2cfb0dcd11092a042
b6d02adae86bbc34515c89f74666d2837fc87d6046e204de27258c279fa47fcf

HTTP Headers

GET /css/embed.css?ver=1.4.4 HTTP/1.1
Host: processbigger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 29 Oct 2021 09:08:53 GMT
vary: Accept-Encoding
etag: W/"617bba25-219"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2494
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lWncZsloAbrLKoL89BEeVXFF82vOfoDDSABHGMItmZAgbaCtayxbN32VogDyLy9xRCoT%2FD6PGfMpVnJp4kh50%2F1AFUgs7ITeCrppV2i7Hg%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac77bb86ab503-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET papahdd3.live/wp-content/themes/papahd/assets/css/main.css?ver=1.0.1

188.114.96.1

200 OK

7.1 kB

URL GET
papahdd3.live/wp-content/themes/papahd/assets/css/main.css?ver=1.0.1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subjectpapahdd3.live
FingerprintC7:95:88:75:81:BE:4A:01:BB:C6:D0:30:59:AA:E7:E7:1E:83:7D:AA
ValiditySun, 06 Apr 2025 15:10:17 GMT - Sat, 05 Jul 2025 16:09:01 GMT

File type
ASCII text
Size
7.1 kB (7143 bytes)
Hash
55e03f078c06308fbdd12f4678b441c8
6e2fcab00c4b2e8533563dba7d50bd98062d2502
5bd55cf201306dcbcf0a53a57409f1a32d53165bc4911e8cf1414d3d952cc31a

HTTP Headers

GET /wp-content/themes/papahd/assets/css/main.css?ver=1.0.1 HTTP/1.1
Host: papahdd3.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/everton-vs-southampton/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:54 GMT
content-type: text/css
content-length: 1550
server: cloudflare
last-modified: Tue, 15 Apr 2025 17:24:35 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000,
vary: Accept-Encoding
content-encoding: br
age: 2212619
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DTKURBGCClC8R9scTAhqLMsGSqxPDY4qkdpgNvS0vNSLSfgz7DGJxqGS1p8wx416UdU7KS4UfhmihFExTrxuyghBSskL7ResK6D5"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac7755c78b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET www.googletagmanager.com/gtag/js?id=G-M10DF2ED56

142.250.74.168

200 OK

384 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-M10DF2ED56
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT

File type
JavaScript source, ASCII text, with very long lines (6125)
Size
384 kB (384118 bytes)
Hash
ab18dcc7d1e539dff86e8576a8987ddc
6a9c400107a3ac100dfacf9e5c96efc6ca7cbeab
c27d23ffb3f7f46a78b816be25ea6ff3fed86ab9564f4ea8984c339946afcc70

HTTP Headers

GET /gtag/js?id=G-M10DF2ED56 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 May 2025 10:47:54 GMT
expires: Sun, 18 May 2025 10:47:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 128543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

151.101.193.229

200 OK

9.5 kB

URL GET
cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (6153)
Size
9.5 kB (9508 bytes)
Hash
166bbe11bb8dd332f6fbcf8fe9ec30cf
f42c73e6e89201ccf5ad513915bb4182ec3a410c
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

HTTP Headers

GET /clappr.level-selector/latest/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
content-encoding: br
accept-ranges: bytes
date: Sun, 18 May 2025 10:47:55 GMT
age: 1634181
x-served-by: cache-fra-eddf8230115-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3219
X-Firefox-Spdy: h2

GET 4.adsco.re/

162.252.214.5

200 OK

45 B

URL GET
4.adsco.re/
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 18 May 2025 10:47:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://papahdd3.live
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

POST oxv5vicimd9f.l4.adsco.re/

185.200.118.62

200 OK

0 B

URL POST
oxv5vicimd9f.l4.adsco.re/
IP
185.200.118.62:443
ASN
#9009 M247 Europe SRL

Requested by
https://papahdd3.live/everton-vs-southampton/
Certificate
IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint76:AD:98:EA:A8:8F:6F:6D:58:92:36:07:6D:91:B6:67:41:97:C1:4E
ValiditySat, 19 Apr 2025 09:14:33 GMT - Fri, 18 Jul 2025 09:14:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: oxv5vicimd9f.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://papahdd3.live
DNT: 1
Connection: keep-alive
Referer: https://papahdd3.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:57 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET processbigger.com/css/site.css

188.114.97.1

200 OK

199 B

URL GET
processbigger.com/css/site.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectprocessbigger.com
Fingerprint40:FB:57:30:08:54:5E:08:E1:5D:E6:D1:BB:73:E6:F6:42:A6:2A:EE
ValidityMon, 07 Apr 2025 20:47:05 GMT - Sun, 06 Jul 2025 21:40:17 GMT

File type
ASCII text
Size
199 B (199 bytes)
Hash
1885af8db9c4146e96aa1096f748151c
36f66795c3d8a969ff1e75866db00b727c9f8c26
2e7930ddd6ef35ae7416215de492de89a3518769259c1606b9f719c44236c5ae

HTTP Headers

GET /css/site.css HTTP/1.1
Host: processbigger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 29 Oct 2021 09:54:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 2494
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7hQC4W3Og0QvYdpTUFL66ARWhU6RS88Db8Z0REz2RRtitEeBIy7RpQtS2KM7VJObnHAuDg3gpS26zfbm%2BfdPCRAHMrVme%2BgktznapfM2tQ%3D%3D"}]}
etag: W/"617bc4e2-c7"
content-encoding: br
cf-ray: 941ac77bb876b503-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET processbigger.com/blast.js

188.114.97.1

200 OK

78 kB

URL GET
processbigger.com/blast.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectprocessbigger.com
Fingerprint40:FB:57:30:08:54:5E:08:E1:5D:E6:D1:BB:73:E6:F6:42:A6:2A:EE
ValidityMon, 07 Apr 2025 20:47:05 GMT - Sun, 06 Jul 2025 21:40:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
78 kB (77888 bytes)
Hash
091faec928970e76d37a3601c19fcf8a
6441e8eebe90eb8d4a40e7c25440ff99caba3520
eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12

HTTP Headers

GET /blast.js HTTP/1.1
Host: processbigger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Sat, 08 Oct 2022 23:56:20 GMT
vary: Accept-Encoding
etag: "63420e24-13040"
content-encoding: gzip
age: 253
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RHBElxK0ZVYw6TtAzUCi7tPlRI1Q%2FxyvHcSDk1VAnUOUY4S1HXOWZ3W39nJTaJxK%2Fbba4m2cJF%2F3%2BL1aRjUdxSfKAOjFqWrNMf4FzvNyLQ%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 941ac77bb879b503-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

37 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://processbigger.com/maestrohd2.php?player=desktop&live=bbtsp1
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
JavaScript source, ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://processbigger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 18 May 2025 10:47:55 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 03/18/2024 12:13:26
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: f51db51e1812ec3681add6a3dbbf5420
cdn-cache: HIT
cf-cache-status: HIT
age: 801061
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 941ac77c48d6b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML