Report - bigwarp.io/m4pd6vdrgaj3

Report Overview

Visited public
2025-06-14 21:43:21
Tags
Submit Tags
URL
bigwarp.io/m4pd6vdrgaj3
Finishing URL
bigwarp.cc/m4pd6vdrgaj3
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Title
Watch Free Yoga Class wet, 7on1, Jolee Love, BBC, ATM, DAP, Big Gapes

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2025-06-13	1.6 kB	4.6 kB	172.67.174.51
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-06-11	961 B	236 kB	151.101.193.229
s.optvz.com	unknown	2020-03-25	2024-10-14	2025-06-13	1.5 kB	9.6 kB	95.211.229.245
6a60528789.b70a8e5392.com	unknown	2025-05-15	2025-06-14	2025-06-14	2.5 kB	1.1 kB	45.133.44.52
bvtpk.com	unknown	2019-03-16	2025-05-21	2025-06-13	1.2 kB	327 kB	104.21.5.190
dd8add5afa.3c0448ff06.com	unknown	2025-05-15	2025-06-14	2025-06-14	20 kB	129 kB	116.202.249.56
fs54.bigwarp.io	unknown	2024-10-27	2025-05-28	2025-05-28	2.3 kB	16 MB	109.202.99.162
metricswpsh.com	unknown	2021-10-29	2021-11-02	2025-06-08	2.5 kB	966 B	88.198.204.166
kit.fontawesome.com	1868	2012-10-18	2019-03-29	2025-06-11	882 B	1.0 kB	172.64.147.188
js.capndr.com	316718	2021-08-30	2021-08-30	2025-06-12	1.7 kB	117 kB	45.133.44.52
js.wpushsdk.com	36947	2021-05-07	2021-05-07	2025-06-08	1.3 kB	1.3 MB	45.133.44.53
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-11	1.6 kB	26 kB	142.250.74.35
afrdtech.com	unknown	2024-04-19	2024-05-10	2025-06-13	426 B	550 B	31.220.27.154
na.nawpush.com	38563	2020-12-21	2020-12-23	2025-06-08	1.4 kB	5.1 kB	45.133.44.24
accounts.google.com	81	1997-09-15	2012-05-23	2025-06-11	1.8 kB	6.8 kB	142.251.9.84
static.bookmsg.com	47495	2020-09-15	2020-11-24	2025-06-13	1.9 kB	4.5 kB	45.133.44.24
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2025-06-08	2.5 kB	384 kB	45.133.44.52
nereserv.com	40015	2020-12-21	2020-12-21	2025-06-14	2.3 kB	1.3 kB	116.202.249.56
cdn.tapioni.com	167297	2021-05-27	2021-07-01	2025-06-13	818 B	251 kB	104.22.39.71
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-11	568 B	22 kB	142.250.74.10
s3t3d2y9.afcdn.net	unknown	2022-06-27	2025-05-07	2025-06-12	452 B	9.7 kB	185.76.9.11
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2025-06-12	3.1 kB	2.4 kB	157.90.84.242
a.labadena.com	296554	2020-01-21	2020-05-24	2025-06-10	1.8 kB	1.5 kB	37.27.230.125
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-11	431 B	401 kB	142.250.74.136
us.vastilymoid.com	unknown	2025-03-21	2025-03-30	2025-06-14	421 B	1.6 kB	23.109.170.189
p2yn.com	unknown	2022-03-18	2025-04-23	2025-06-09	2.2 kB	3.2 kB	139.45.195.12
fv.yotedroumy.com	unknown	2025-04-07	2025-06-10	2025-06-10	422 B	1.4 kB	23.109.170.227
bigwarp.cc	unknown	2025-02-03	2025-05-27	2025-06-09	6.8 kB	264 kB	104.22.57.130
bigwarp.io	unknown	2024-10-27	2024-12-06	2025-06-14	4.7 kB	872 kB	104.21.32.1
iv.youdloaners.com	unknown	2025-04-07	2025-04-10	2025-06-10	423 B	1.4 kB	23.109.170.29
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-06-11	467 B	50 kB	104.18.10.207
enrtx.com	unknown	2024-10-07	2024-11-04	2025-06-08	484 B	6.3 kB	94.130.197.239
paupsoborofoow.net	unknown	2024-12-03	2025-03-19	2025-06-08	412 B	109 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-14	medium	youdloaners.com	Sinkholed
2025-06-14	medium	vastilymoid.com	Sinkholed
2025-06-14	medium	yotedroumy.com	Sinkholed
2025-06-14	medium	paupsoborofoow.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (48)

	URL	From	Size	First Seen	Last Seen
	bigwarp.io/js/tabber.js	ScriptElement	6.1 kB	2023-03-07	2025-07-01
Pretty URL bigwarp.io/js/tabber.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-07-01 00:45 Times Seen212 Hash f6be5160018c4101fa76b42650b5a1a6 d8d3efdadf32bb4fd6daac619575969b241d2864 c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a Loading...

	cdn.tapioni.com/adgpt.js	ScriptElement	2.4 kB	2025-06-06	2025-06-23
Pretty URL cdn.tapioni.com/adgpt.js IP 104.22.39.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-06 20:55 Last Seen2025-06-23 09:58 Times Seen618 Hash c8353a641602ac900bafa496ff76e18c 3ac832327c6f7e906d569b0f19180171f6da53ba 03f32871a596ccf145436c0c232c51ea74b2267a747edcd0f7a1eeb5828ca676 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	126 kB	2025-06-11	2025-06-18
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 17:10 Last Seen2025-06-18 08:29 Times Seen58 Hash 9b471c965261c33628f414b8a4b62306 a86ea9fba3f3215484d84330fb4fc0f46570ab0f 9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	153 B	2025-02-10	2025-07-01
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 18:58 Last Seen2025-07-01 07:42 Times Seen18 Hash 711b3a015be9180fe7b72b65d3e1e90b 56881d3277ac473ddb40bcb8ae734aed0109f396 613c1c590acc7371c5916e83a42efe082f1cc022301f64b3c34f1e5655c5f4f6 Loading...

	bigwarp.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	10 kB	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 21:39 Last Seen2025-06-14 22:01 Times Seen3 Hash 3c09312de1ff4b5110232a012b54376a f56b116e6dbb71a061ebd9e0c3eed308b003a284 18fd45be0dca7c5f4569315cd75602fdef001c1b76ef9facf635226bbecdedb9 Loading...

	storage.multstorage.com/log/count.html	ScriptElement	693 B	2025-03-03	2025-07-02
Pretty URL storage.multstorage.com/log/count.html IP 172.67.174.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 17:07 Last Seen2025-07-02 07:04 Times Seen4604 Hash 16e1f9022fa537a6a2ec170949397376 341d27b7ac1bb5f22f032ab4c14f7589e452bea9 440204bc5125e5ffb0fa553c188a3640f1d0f6779bd0a11076133b1d20f1926b Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	604 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash 69ff3ce1c8d64bb426a72e220e919482 fc66d8dcc3f9abbf54d0d0d440b6059d370b818b ee4bf064f2fe0207c7446c76f923db6b97f063571c9dfa54da6d54fe4081bc7e Loading...

	about:blank	ScriptElement	236 B	2025-06-14	2025-06-14
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash 72fec4bd9d3d3040513cd3f7abd5b9c8 9c42335055525683203e8d12548bd41bb0585097 0ff964ff61378496a348c6b5dbf366f9c50a716e45d6bdf9ada040611a30c57c Loading...

	bigwarp.cc/js/localstorage-slim.js	ScriptElement	2.1 kB	2023-03-07	2025-07-02
Pretty URL bigwarp.cc/js/localstorage-slim.js IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52 Last Seen2025-07-02 06:53 Times Seen639 Hash ba6facacb00551830393d637195804cf 77d2d2802ee44767b33a2d679945cc3efa3619cc 41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	394 B	2025-05-26	2025-06-18
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-26 17:35 Last Seen2025-06-18 05:51 Times Seen5 Hash 0e96434993f2bc2fcf5b4c9a006be27d e2bec11823c6bed595621f6222c8ab01ee390d75 be945d53d835eb098a25189a40a9655c012ea3d4edf95568c6fd290fbfe0147b Loading...

	a.labadena.com/api/users/485939?host=bigwarp.cc&ev=220&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=1&kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3	ScriptElement	741 B	2025-06-14	2025-06-14
Pretty URL a.labadena.com/api/users/485939?host=bigwarp.cc&ev=220&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=1&kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3 IP 37.27.230.125 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash 1ad8ec1c0ab8625e1682f68f54c215b5 9b6279ed70ee48e3d73b38479c6cf21e5e97e7b1 340bea9f43a4b9728ee19b320fdfd4a4d6accbab6c7f2f5d154a53270d8688bc Loading...

	bigwarp.io/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-02
Pretty URL bigwarp.io/js/jquery.min.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-02 07:11 Times Seen229231 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-07-02
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-07-02 06:17 Times Seen3669 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	js.wpushsdk.com/skins/nmain.m.js	ScriptElement	563 kB	2025-06-04	2025-06-17
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 12:00 Last Seen2025-06-17 08:02 Times Seen111 Hash 3d4ee325f19c0951e0ab86f5cd9118b8 ce0adbde45021d0f3c59cbda3baecb002e322212 f394d1d0e141183d0de5f7a931f2640f275f5e39a4c5728f9ec1722abe8351f7 Loading...

	www.googletagmanager.com/gtag/js?id=G-90ZFH1V4FM	ScriptElement	400 kB	2025-06-14	2025-06-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-90ZFH1V4FM IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash 9852ccd53593829cc362446e3dc5c095 6db9628133266e831a17041de67ff2fef8f3117c d3d6917eadaa2d931ab422234382a3ae941ea0f2b027a34f8154d3590d2c57dc Loading...

	bigwarp.io/js/xupload.js?	ScriptElement	11 kB	2023-08-16	2025-07-01
Pretty URL bigwarp.io/js/xupload.js? IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-16 14:17 Last Seen2025-07-01 09:06 Times Seen219 Hash e7cb7dae1da48c74b41563b936111f97 bda176bc9fd4060d50006cd31d8c25453362db70 590c624e3400ed1e344d5c44f184356937d2704917289340ec5b099d35d5b9e8 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	198 B	2025-05-26	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-26 17:35 Last Seen2025-06-14 21:43 Times Seen4 Hash 2b5e897290431e80947052ba5f7c4c38 eaae2f96613f263d5f12266a1b93614a32042650 f42c6b854a533290a4e3bbb481f94d48be7af69c419ab8f0f7bf8dfb3273113f Loading...

	cdn.tapioni.com/asg_embed.js	ScriptElement	248 kB	2025-05-20	2025-06-23
Pretty URL cdn.tapioni.com/asg_embed.js IP 104.22.39.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-20 22:49 Last Seen2025-06-23 06:37 Times Seen111 Hash d21cc54c55f74c347f0e22ea516d1594 d997d3b1583de52b0f116419679e17d8d53bcac3 6ea5019aa17b8666e68c050669100296404df8f2b1e21defe01ed284c10901d2 Loading...

	paupsoborofoow.net/tag.min.js	ScriptElement	108 kB	2025-06-11	2025-06-16
Pretty URL paupsoborofoow.net/tag.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:18 Last Seen2025-06-16 06:35 Times Seen24 Hash ac22f7fe3727ed8c58365efeb7b79ca8 d9553961a8d9f7f790e8514837ef12cca9e54a68 42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682 Loading...

	bigwarp.io/player/jw8/jwplayer.core.controls.html5.js	ScriptElement	364 kB	2024-12-30	2025-06-28
Pretty URL bigwarp.io/player/jw8/jwplayer.core.controls.html5.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 00:00 Last Seen2025-06-28 22:09 Times Seen25 Hash be53d86112d04ee5f1f34dfabed0195b 667a3b0defb17ad5c5ed6a479226e11747759e49 dd79b7cdfc4df8251bb9df3ddf9833a6b71b72108012fe804dce45530cb2cc1f Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	126 kB	2025-06-11	2025-06-18
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 17:10 Last Seen2025-06-18 08:29 Times Seen58 Hash 9b471c965261c33628f414b8a4b62306 a86ea9fba3f3215484d84330fb4fc0f46570ab0f 9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292 Loading...

	js.capndr.com/popunder-admanager/build.m.js	ScriptElement	116 kB	2025-06-04	2025-06-19
Pretty URL js.capndr.com/popunder-admanager/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 18:12 Last Seen2025-06-19 22:57 Times Seen62 Hash 642fd0829c87a4f706cd35f3847ea507 6f1d828be4af0608aa3ea4464afef45a61c1bf55 6338e1bfeed427a8cea32e5dbab8471c3c9b1a6a91856d31d41949e4a9f05a57 Loading...

	fv.yotedroumy.com/rXiQghXYYZVhXX/113763	ScriptElement	5 B	2025-04-24	2025-07-02
Pretty URL fv.yotedroumy.com/rXiQghXYYZVhXX/113763 IP 23.109.170.227 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-07-02 06:03 Times Seen1085 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	bigwarp.cc/js/bgwp.js	ScriptElement	96 kB	2025-02-10	2025-06-28
Pretty URL bigwarp.cc/js/bgwp.js IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 18:58 Last Seen2025-06-28 22:09 Times Seen18 Hash 4b4b2f561fb56c24a2e47ec07832ec3f 299f1aeca476369487e63f03687191764c618130 a58060cc304b1dc7d898f639b9c8e9b8ed7aea8365e6d6ed51c7a31fa5f4eae9 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	97 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash f2e5786b0c461360c286e348de6d1bde 15fd2e64f12c2cd6e187ef8075bc4d6c2a25abff 93f2627da4ec44faac0d0ca13a6b8ac34502e313390d748ab97b099f167daf6f Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	16 B	2023-03-07	2025-07-01
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-07-01 09:06 Times Seen278 Hash 03292dbefe3982b4ca9adb0b588ada31 a1ae7ac9b18c166bf0137d4919d9b912a8c74765 af6ecc52877435b9766189077c344e7ef00e6c4e5617097c63b5b8756505dc69 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	2.9 kB	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash b63eb311907880f0dd58906c55efcc91 dfb7b4e0d6e15a39a0e15ac4852d32ecfbdeff4b 7f45b9195909348fb6aa60c025fc61db9949dec6417bc4fb64f81cf10a32abc2 Loading...

	bigwarp.io/player/jw8/jwplayer.js?v=	ScriptElement	111 kB	2024-12-30	2025-06-28
Pretty URL bigwarp.io/player/jw8/jwplayer.js?v= IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 00:00 Last Seen2025-06-28 22:09 Times Seen31 Hash fab72a04bc5627827387920f8233e0ed ce828999c9c484b695453d20288c60bf4d4656f3 8aff839038af9a3af6377929713746739fbd2b7b8d72120f9424eb2d33f83b0e Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	645 B	2024-12-30	2025-06-20
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-30 00:00 Last Seen2025-06-20 16:20 Times Seen11 Hash 72722f3247dcde4e887e2d6e6148ae90 4a671e0289c87765487466aa370946b6a5f6b52e 4710196934ab46d5a94c0a2b6884cc25ee67d700a454f37083bc64a4aede3225 Loading...

	bvtpk.com/tag.min.js	ScriptElement	108 kB	2025-06-11	2025-06-16
Pretty URL bvtpk.com/tag.min.js IP 104.21.5.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:18 Last Seen2025-06-16 06:35 Times Seen24 Hash ac22f7fe3727ed8c58365efeb7b79ca8 d9553961a8d9f7f790e8514837ef12cca9e54a68 42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682 Loading...

	us.vastilymoid.com/stsr5AW9ySNm/117476	ScriptElement	6 B	2023-03-07	2025-07-02
Pretty URL us.vastilymoid.com/stsr5AW9ySNm/117476 IP 23.109.170.189 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-02 05:03 Times Seen8806 Hash 4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-07-02
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-07-02 06:17 Times Seen3669 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	bvtpk.com/tag.min.js	ScriptElement	108 kB	2025-06-11	2025-06-16
Pretty URL bvtpk.com/tag.min.js IP 104.21.5.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:18 Last Seen2025-06-16 06:35 Times Seen24 Hash ac22f7fe3727ed8c58365efeb7b79ca8 d9553961a8d9f7f790e8514837ef12cca9e54a68 42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-07-02
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-02 05:23 Times Seen12653 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	1.1 kB	2025-03-03	2025-06-20
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 21:53 Last Seen2025-06-20 16:20 Times Seen9 Hash 8a264faf204136b210b4e290cd9097bd c145834320a35819632ee34e9ae9b514556b6df3 e8906117e6f84abd8e1053b846937a6311ead5d5ac295287cb1758f611a257cf Loading...

	iv.youdloaners.com/r5RhPysSencAoE/115653	ScriptElement	5 B	2025-04-24	2025-07-02
Pretty URL iv.youdloaners.com/r5RhPysSencAoE/115653 IP 23.109.170.29 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-07-02 06:03 Times Seen1085 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	189 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 16:07 Last Seen2025-06-14 21:43 Times Seen2 Hash 2b0647af8bbf5199e5d04f8378e49207 34fc19e79f7d7a18334b01476dddc90f653188a0 9325f717375c223b7d6c049e0e8743d8ae5b6788f2136476360184a43f2c9736 Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-07-02
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-07-02 06:17 Times Seen3669 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	ScriptElement	208 kB	2025-06-06	2025-06-17
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-06 09:52 Last Seen2025-06-17 08:02 Times Seen104 Hash b9aba566d0445eab3f1552b6d64898ec 1ff18babf66a5345c16d626ce7708bf7849e16ea e146dd1ced6e8adc75d22fb7efcacb5c6eebf7dc86fbeb79037f7b76d5d84b8c Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	189 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 16:07 Last Seen2025-06-14 21:43 Times Seen2 Hash c267acff015413149b47f056d8d02f56 669add89c24c9277051eb2ff17bbb4417daa5bd8 8a51679bf71c99d32621430910183e2f624401054e1169369a005564da1e1ea4 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	189 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 16:07 Last Seen2025-06-14 21:43 Times Seen2 Hash a7f103ede564cdca250650e3beca9e86 137b158af693392347eb259ddd4e57b6362b1efa 50f8cdf67e0dd1ee7ac45536c084d035e1fbb46eedf5fc6f018476f24773fa21 Loading...

	bvtpk.com/tag.min.js	ScriptElement	108 kB	2025-06-11	2025-06-16
Pretty URL bvtpk.com/tag.min.js IP 104.21.5.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 18:18 Last Seen2025-06-16 06:35 Times Seen24 Hash ac22f7fe3727ed8c58365efeb7b79ca8 d9553961a8d9f7f790e8514837ef12cca9e54a68 42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682 Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	126 kB	2025-06-11	2025-06-18
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 17:10 Last Seen2025-06-18 08:29 Times Seen58 Hash 9b471c965261c33628f414b8a4b62306 a86ea9fba3f3215484d84330fb4fc0f46570ab0f 9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-07-02
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-02 07:15 Times Seen81773 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	bigwarp.io/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http	ScriptElement	38 B	2023-03-07	2025-07-01
Pretty URL bigwarp.io/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-07-01 09:06 Times Seen909 Hash 99eccae6afa72c589ae54b5c3890282a 0f102f8f5b556635de65d16cf70fa8269c6761b4 b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3 Loading...

	bigwarp.cc/m4pd6vdrgaj3	ScriptElement	921 B	2025-06-14	2025-06-14
Pretty URL bigwarp.cc/m4pd6vdrgaj3 IP 104.22.57.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-14 21:43 Last Seen2025-06-14 21:43 Times Seen1 Hash 9c882081bdfd65092c4ca1cfa574d2cd 6e453f03bbc67e3c7dd1f3698043c3174fe21494 715a7b0fb498c22689aed1d46c256d584edf13f2706b0109404c43bbd22e6c14 Loading...

	bigwarp.io/js/jquery.cookie.js	ScriptElement	4.3 kB	2023-03-07	2025-07-02
Pretty URL bigwarp.io/js/jquery.cookie.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-02 06:53 Times Seen1819 Hash ae0c2c5d8f01f7d35bb698bb618a62f7 63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Loading...

	js.wpushsdk.com/skins/nmain.m.js	ScriptElement	563 kB	2025-06-04	2025-06-17
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 12:00 Last Seen2025-06-17 08:02 Times Seen111 Hash 3d4ee325f19c0951e0ab86f5cd9118b8 ce0adbde45021d0f3c59cbda3baecb002e322212 f394d1d0e141183d0de5f7a931f2640f275f5e39a4c5728f9ec1722abe8351f7 Loading...

HTTP Transactions (108)

URL IP Response Size

GET fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

22 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT

File type
ASCII text
Size
22 kB (21659 bytes)
Hash
f8b6d1f6c077ecbdaba0183c9b8fa3cf
86c68f1a57f90d2013988d6e4ee9f4784ddc0efb
1ab555f803063374ff56fc4b6bf339a3076a8b82d9c4a6c3dc1b0c52a176affd

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jun 2025 21:42:55 GMT
date: Sat, 14 Jun 2025 21:42:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bigwarp.cc/js/bgwp.js

104.22.57.130

200 OK

96 kB

URL GET
bigwarp.cc/js/bgwp.js
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65514)
Size
96 kB (95912 bytes)
Hash
4b4b2f561fb56c24a2e47ec07832ec3f
299f1aeca476369487e63f03687191764c618130
a58060cc304b1dc7d898f639b9c8e9b8ed7aea8365e6d6ed51c7a31fa5f4eae9

HTTP Headers

GET /js/bgwp.js HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
content-encoding: br
last-modified: Tue, 18 Feb 2025 05:47:10 GMT
etag: W/"176a8-62e642c06a52e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4795
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd001279a0568f-OSL
X-Firefox-Spdy: h2

GET bigwarp.io/js/tabber.js

104.21.32.1

200 OK

6.1 kB

URL GET
bigwarp.io/js/tabber.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
ASCII text, with very long lines (538)
Size
6.1 kB (6147 bytes)
Hash
f6be5160018c4101fa76b42650b5a1a6
d8d3efdadf32bb4fd6daac619575969b241d2864
c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a

HTTP Headers

GET /js/tabber.js HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 06 Jul 2010 16:48:14 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FkeDEanNAtaFeoTWpuWXd9NXXqUniBVqR79f2likJXENN%2Fd4sVOxg5mnFAJ4ZvWjXO7t7aisWi2Rd%2BjvhB5RevwRq3jIwFz%2B"}]}
age: 4214
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
etag: W/"1803-48abad1b9af80"
content-encoding: br
cf-ray: 94fd0012d83cb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bvtpk.com/tag.min.js

104.21.5.190

200 OK

108 kB

URL GET
bvtpk.com/tag.min.js
IP
104.21.5.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbvtpk.com
Fingerprint80:D6:91:C2:8E:83:24:9B:4F:8D:6D:D8:9F:ED:C8:E8:4F:95:41:F8
ValidityWed, 14 May 2025 10:17:51 GMT - Tue, 12 Aug 2025 11:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107698 bytes)
Hash
ac22f7fe3727ed8c58365efeb7b79ca8
d9553961a8d9f7f790e8514837ef12cca9e54a68
42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: bvtpk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: b1225e7147a7209821b8353279c9d6a0
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 1459
cf-cache-status: HIT
last-modified: Sat, 14 Jun 2025 21:18:36 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=P2evv6cZ3h0XjjRC7vo0dV0mLLKpRmx1RuZLgpSsbveNsf7uVC2fnFdZ1BWrisFjIy3w43zK6HFeo0zRnTDKlMRKbgkH18Y%3D"}]}
cf-ray: 94fd0019fd2056c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET na.nawpush.com/tags/316247?version_name=b&domain=bigwarp.cc

45.133.44.24

200 OK

1.5 kB

URL GET
na.nawpush.com/tags/316247?version_name=b&domain=bigwarp.cc
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint95:17:E8:76:46:3F:BE:D1:B1:49:03:3B:B8:E3:15:5A:8B:FB:00:41
ValidityThu, 22 May 2025 02:31:52 GMT - Wed, 20 Aug 2025 02:31:51 GMT

File type
JSON text data
Size
1.5 kB (1542 bytes)
Hash
4557e9866dedb2d8d59382a824df66aa
4b6bc46b1fedea89289ed12150d5a0e1fd514337
7ac5a523dcf1aa964849286ade137fea1b51515aab7961926445dd42572fd90d

HTTP Headers

GET /tags/316247?version_name=b&domain=bigwarp.cc HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 14 Jun 2025 21:47:57 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

OPTIONS fp.metricswpsh.com/fp?tag_id=316247

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=316247
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=316247 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://bigwarp.cc
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.251.9.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:AhufDy8iMgWzr9GNLhpowhrbX2xGcw:UV0-dV3Zv7LG7kH6; Expires=Mon, 14-Jun-2027 21:43:03 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jun 2025 21:43:03 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiO4UVLfbB4v9xobdSbyDDlhF9i4ESMnRFB6aTeArIpJF5UjWRYjv6CJEEyLL2KvR-xHkMtVPA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-q13tRhk0ygHWkN2Msx_k6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET na.nawpush.com/tags/311007?version_name=b&domain=bigwarp.cc

45.133.44.24

200 OK

1.5 kB

URL GET
na.nawpush.com/tags/311007?version_name=b&domain=bigwarp.cc
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint95:17:E8:76:46:3F:BE:D1:B1:49:03:3B:B8:E3:15:5A:8B:FB:00:41
ValidityThu, 22 May 2025 02:31:52 GMT - Wed, 20 Aug 2025 02:31:51 GMT

File type
JSON text data
Size
1.5 kB (1540 bytes)
Hash
6187899770fcacffc81790d7c8c69388
8592f46f5a182937d965e0432607a7c82caa269c
636794119c96ce393ed3c476af4c4920cb5bb9a11f8426a5a8f2e4cad8d076b8

HTTP Headers

GET /tags/311007?version_name=b&domain=bigwarp.cc HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

OPTIONS dd8add5afa.3c0448ff06.com/in/multy

116.202.249.56

204 No Content

0 B

URL OPTIONS
dd8add5afa.3c0448ff06.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint81:A4:C6:88:C3:3E:D5:D5:E5:AB:E3:D3:AC:1A:1F:DE:B8:17:28:C6
ValidityFri, 30 May 2025 02:32:38 GMT - Thu, 28 Aug 2025 02:32:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Sun, 14 Jun 2026 21:43:04 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET iv.youdloaners.com/r5RhPysSencAoE/115653

23.109.170.29

200 OK

5 B

URL GET
iv.youdloaners.com/r5RhPysSencAoE/115653
IP
23.109.170.29:443
ASN
#7979 SERVERS-COM

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectiv.youdloaners.com
Fingerprint15:8A:50:84:A6:43:22:9F:29:13:D3:72:CE:BC:96:98:51:3A:98:70
ValidityThu, 12 Jun 2025 07:36:53 GMT - Wed, 10 Sep 2025 07:36:52 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /r5RhPysSencAoE/115653 HTTP/1.1
Host: iv.youdloaners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jun 2025 21:42:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bigwarp.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 15-Jun-2025 21:42:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 15-Jun-2025 21:42:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET nereserv.com/in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3

116.202.249.56

200 OK

0 B

URL GET
nereserv.com/in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET js.wpushsdk.com/skins/nmain.m.js

45.133.44.53

200 OK

563 kB

URL GET
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint0A:DC:0B:A8:1A:A8:C8:90:9C:96:FF:5B:B2:8B:1F:6D:1A:05:B2:B7
ValidityTue, 06 May 2025 02:34:10 GMT - Mon, 04 Aug 2025 02:34:09 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
563 kB (563174 bytes)
Hash
3d4ee325f19c0951e0ab86f5cd9118b8
ce0adbde45021d0f3c59cbda3baecb002e322212
f394d1d0e141183d0de5f7a931f2640f275f5e39a4c5728f9ec1722abe8351f7

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 06 Jun 2025 08:22:47 GMT
etag: W/"6842a557-897e6"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:48:03 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

49 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/22/2025 12:19:15
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: 1cf0b8cb85132211506e66970c0f97c2
cdn-cache: HIT
cf-cache-status: HIT
age: 764535
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 94fd00135b0656a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bigwarp.io/js/jquery.cookie.js

104.21.32.1

200 OK

4.3 kB

URL GET
bigwarp.io/js/jquery.cookie.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
ASCII text
Size
4.3 kB (4331 bytes)
Hash
ae0c2c5d8f01f7d35bb698bb618a62f7
63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 18 Feb 2025 05:47:10 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M7ZOOlhZO7OqRFIu5coo3sAWW%2BU2qqS0dGlUJCsgA2LgMi%2BKN87WUMx3ytVH8Tl60QsKkTAf53hmKmanujavpn1PD8BHfY%2Fr"}]}
age: 566
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"10eb-62e642c0535fe"
content-encoding: br
cf-ray: 94fd0012d836b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fs54.bigwarp.io/i/01/00552/m4pd6vdrgaj3.jpg

109.202.99.162

200 OK

31 kB

URL GET
fs54.bigwarp.io/i/01/00552/m4pd6vdrgaj3.jpg
IP
109.202.99.162:443
ASN
#49453 Global Layer B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subject*.bigwarp.io
FingerprintEC:99:21:1B:92:CE:90:96:2D:67:60:8B:EF:10:DC:48:73:FA:65:44
ValidityFri, 01 Nov 2024 08:00:08 GMT - Wed, 03 Dec 2025 08:00:07 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc61.26.100", baseline, precision 8, 720x405, components 3
Size
31 kB (31066 bytes)
Hash
696184f4a7fd812c9e5eaa4295cd3d60
890697b8786e333c94ef870f366866f2ada34152
c172cd9f33082ab903f1e4b2bd79e5b5a2181dd9be500cbf270b7538b1d3fd21

HTTP Headers

GET /i/01/00552/m4pd6vdrgaj3.jpg HTTP/1.1
Host: fs54.bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jun 2025 21:40:22 GMT
Content-Type: image/jpeg
Content-Length: 31066
Last-Modified: Fri, 13 Jun 2025 21:59:57 GMT
Connection: keep-alive
ETag: "684c9f5d-795a"
Expires: Sat, 21 Jun 2025 21:40:22 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

GET bigwarp.io/player/jw8/jwplayer.core.controls.html5.js

104.21.32.1

200 OK

364 kB

URL GET
bigwarp.io/player/jw8/jwplayer.core.controls.html5.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
364 kB (364372 bytes)
Hash
be53d86112d04ee5f1f34dfabed0195b
667a3b0defb17ad5c5ed6a479226e11747759e49
dd79b7cdfc4df8251bb9df3ddf9833a6b71b72108012fe804dce45530cb2cc1f

HTTP Headers

GET /player/jw8/jwplayer.core.controls.html5.js HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtRXNDcG61uECGelBkb%2BT3%2Bz0a0YC2QeLkOsVfn%2BztGM%2BETj5YMF2FdjbV%2FWMGcgIcgg%2FL3LEYX0eGsNOPp%2Fg0TvTy4VI9TlrACd0Yk1A17%2Bva%2Bm0rF9S26NW6vA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Mon, 04 Mar 2024 16:38:54 GMT
etag: W/"58f54-612d85c7a0380"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 94fd0018beae56c5-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12800&min_rtt=9332&rtt_var=7347&sent=12&recv=10&lost=0&retrans=0&sent_bytes=3742&recv_bytes=1270&delivery_rate=251648&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=773e6f207e6dd5cb&ts=1025&inflight_dur=45&x=80"

GET dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=&crid=141372_82091100&crtid=6bc270bae35cd8f11485518843129254&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01R24rcMAz9lXnJY4Jky5b92GVYKIUutB8w.JKZDbOTDEl2sy36.DrJQJdjm6OjIxnZhj2TVQLyOs_3qdLfKvVc1rIszdSm97G9nG.qScOtiIlMy4HaWgOamiDq2lsONSGgio4oxnOln39_P1b62NZjfX.vlC2hKnHFT9OYTq_DNPfh1lZ83HN6z_0d.vbU5V2.Lrs4h8u0K6mkNikN_Uc7Tt3QT6d5DOna9ZdikTIBMnmvWTuS25_Y5aYbxGPjoSHVoCFxCjwigBhN2nol3okQihYCWYFefZYtWCDJQg7MIYJKmTFSpjPY5BJFjEhOVGlDEm1MnrPDmFiRchzKu5ydgcTRa6dLK5DYXZYw3puUZL_pUJQwTYfQh7dDDveDbL4VGq0mtzODVrFsw4GSh2GF.8LWQlEkWheyfqXIz5dfX8z_QasFGgDcTvPg.Cgc59i0n0N669J1_fOtV_Gglw8F8vJDIEcDDOwjRDDZnhVrjhbazGCz9v8AV2gELlACAAA-%26cb%3De2e_684dece822f155.22839130&icons=lDO7RnjKLlGE5CukYOUF7DBI5JMH9XPyjMhW_peG7mIQn3UH3mnq4uHAlmuqdsArGtH-4i7JFuGbbpAAShh9RltzSfVAFiPwp6qTjFSHi8zzM6XRG3KPNNqFwP_MTusfl1zYvEIoCZCU3oSyrHfTdyz0arRpz8XXfSdAqTLsg_-QAOagnBQtiZMXatdGshb1_cQei60_TYi_9eRTt_mayb2t0wtrk3NKT8u5Qpz8VJ_lrquZQkunqm3QuPqKnjidLvA2tTZlmx_9DK4uWKwhApNhsaq9Qbr7awCoD_vig6jUjHyL9vEC6NX9pA0CNrJvPLaTqzUU43LX9dYpOQFOFD2DD5E09CbIcb0ea_vZXgWOkKwlxszxe6oOh65PnyHOPP18Bsz1YAaz2PF2RZe9Te7u-_LAtyS5ARh0h0DfxNUIoT5A6ZBOIxtyQKNQmScOk_Toycfag16Hm_MjjisGXYzmQFLBxtqYYrPLvuOc16DYuMykgYY33m7pigVc1tfkAH1MswVKv8GkTrR27y2bGXLhZW80cObmasJ98K9qFH9mdr-4V8w-LEQ5oSmftkApS9wpD4SFI2wfz4VwpUTrY-E-Mh1BzpkewhiAw-NRP4NXP_7G8KS0GjTWxOkX2IZcJh2oooboO8gMgkh4jb7yPWQpv9OoMi73mSeuGATtrl7D2HLzDlrbF5QkvomGMTCkLliYz_jhBRdJqksXmGrEanAJK2wB2FYgRyX-o6g9iizZFfEHf4jE3Y33PQbslgujG-zO1HDSWw6q2-isc1Mq67JKYoTZF5DX64di0ESVYg-Zq62KRGFuz_c8iqGm_4Kn1GMeHtWIwnWFPlyE7ynsSKKWZKUJIEEMMira1GB2E9B2HvJCfgzoV-uD4jHVNF8exZItPreBx4S-oGCO2HcTZQER6NDosetD2STUWK16kCHLqKDQj3Zye3SuFPcCKo8cg96x0pR7U-q4NgtGhCBkEiwthGycPr9qVsks4XcRIJI4Sc9KJ6uEP-fpuIHvpPM0bc8jQhRE8Lj2OIc40XD3lleT3oiwS3Rp4Od48svTRlaOzRTBKOw0JyewQnNs6kzVgq20Qxny5UaaPQeyAn_d0AI0p3DHV72FwCvo1VnhbqBfL_h109D6-vQk7jqCl0xxQxqFJzpNvINwU_289G1KmGG2O1wdlJcdmpeNn5zqVxpX5iCuB7fErKQ-eLQkVuXSLlcCT7V7yMxZLOpq8C4G6ZEtwcnuElaXoVVh__Wr4ks24XaeDNcWz0aSFU771Zw2Up_jY7zJ2_hMxJRmpRNptdThgssO2d1wGKnRzo8poBTFIJ11fZeThZsj5AXOaHbUBYSjJ3VrCuchiP8ZqrVNKtgrzzU4uHWcvhF0JnFyy6PaBV5HIgfLm8LyE4F_IOKifDH1sQPmgVupoHj4jE9emBT2JyPpiMeXuxs8R5eVw_H_Iu77KMPLmXNN1paJfmPcZitwyxpywiDGkg9ncfH93bhU_MHd5rPGAdkV1VZj6WkRcuJiQwTNiC2SSFuuMZyUVHCDlyE&ext_cid=5797462&px_id=731445320&min_cpm=3.515883463274518e-05&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=8&skin_test=0&from_cache=0&ecpm=0.0007000000000000001&cpm=0.0007000000000000001&verify_hash=0c6bab36e9273cdb630faf7a728d2d96&verify_hash_v2=c2d568ff51e6e87ffc8fdc27ebea8f8d010e5bc0eade84e185e262f013a4df4d&is_native=1&real_bid=0.0007000000000000001&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,95,148,70,8&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750023784&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=5797462&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&cpa=fc74dfee-1c5f-498a-8931-93f0c30ce672&prev_step_diff=331&st=0.12

116.202.249.56

200 OK

0 B

URL GET
dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=&crid=141372_82091100&crtid=6bc270bae35cd8f11485518843129254&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01R24rcMAz9lXnJY4Jky5b92GVYKIUutB8w.JKZDbOTDEl2sy36.DrJQJdjm6OjIxnZhj2TVQLyOs_3qdLfKvVc1rIszdSm97G9nG.qScOtiIlMy4HaWgOamiDq2lsONSGgio4oxnOln39_P1b62NZjfX.vlC2hKnHFT9OYTq_DNPfh1lZ83HN6z_0d.vbU5V2.Lrs4h8u0K6mkNikN_Uc7Tt3QT6d5DOna9ZdikTIBMnmvWTuS25_Y5aYbxGPjoSHVoCFxCjwigBhN2nol3okQihYCWYFefZYtWCDJQg7MIYJKmTFSpjPY5BJFjEhOVGlDEm1MnrPDmFiRchzKu5ydgcTRa6dLK5DYXZYw3puUZL_pUJQwTYfQh7dDDveDbL4VGq0mtzODVrFsw4GSh2GF.8LWQlEkWheyfqXIz5dfX8z_QasFGgDcTvPg.Cgc59i0n0N669J1_fOtV_Gglw8F8vJDIEcDDOwjRDDZnhVrjhbazGCz9v8AV2gELlACAAA-%26cb%3De2e_684dece822f155.22839130&icons=lDO7RnjKLlGE5CukYOUF7DBI5JMH9XPyjMhW_peG7mIQn3UH3mnq4uHAlmuqdsArGtH-4i7JFuGbbpAAShh9RltzSfVAFiPwp6qTjFSHi8zzM6XRG3KPNNqFwP_MTusfl1zYvEIoCZCU3oSyrHfTdyz0arRpz8XXfSdAqTLsg_-QAOagnBQtiZMXatdGshb1_cQei60_TYi_9eRTt_mayb2t0wtrk3NKT8u5Qpz8VJ_lrquZQkunqm3QuPqKnjidLvA2tTZlmx_9DK4uWKwhApNhsaq9Qbr7awCoD_vig6jUjHyL9vEC6NX9pA0CNrJvPLaTqzUU43LX9dYpOQFOFD2DD5E09CbIcb0ea_vZXgWOkKwlxszxe6oOh65PnyHOPP18Bsz1YAaz2PF2RZe9Te7u-_LAtyS5ARh0h0DfxNUIoT5A6ZBOIxtyQKNQmScOk_Toycfag16Hm_MjjisGXYzmQFLBxtqYYrPLvuOc16DYuMykgYY33m7pigVc1tfkAH1MswVKv8GkTrR27y2bGXLhZW80cObmasJ98K9qFH9mdr-4V8w-LEQ5oSmftkApS9wpD4SFI2wfz4VwpUTrY-E-Mh1BzpkewhiAw-NRP4NXP_7G8KS0GjTWxOkX2IZcJh2oooboO8gMgkh4jb7yPWQpv9OoMi73mSeuGATtrl7D2HLzDlrbF5QkvomGMTCkLliYz_jhBRdJqksXmGrEanAJK2wB2FYgRyX-o6g9iizZFfEHf4jE3Y33PQbslgujG-zO1HDSWw6q2-isc1Mq67JKYoTZF5DX64di0ESVYg-Zq62KRGFuz_c8iqGm_4Kn1GMeHtWIwnWFPlyE7ynsSKKWZKUJIEEMMira1GB2E9B2HvJCfgzoV-uD4jHVNF8exZItPreBx4S-oGCO2HcTZQER6NDosetD2STUWK16kCHLqKDQj3Zye3SuFPcCKo8cg96x0pR7U-q4NgtGhCBkEiwthGycPr9qVsks4XcRIJI4Sc9KJ6uEP-fpuIHvpPM0bc8jQhRE8Lj2OIc40XD3lleT3oiwS3Rp4Od48svTRlaOzRTBKOw0JyewQnNs6kzVgq20Qxny5UaaPQeyAn_d0AI0p3DHV72FwCvo1VnhbqBfL_h109D6-vQk7jqCl0xxQxqFJzpNvINwU_289G1KmGG2O1wdlJcdmpeNn5zqVxpX5iCuB7fErKQ-eLQkVuXSLlcCT7V7yMxZLOpq8C4G6ZEtwcnuElaXoVVh__Wr4ks24XaeDNcWz0aSFU771Zw2Up_jY7zJ2_hMxJRmpRNptdThgssO2d1wGKnRzo8poBTFIJ11fZeThZsj5AXOaHbUBYSjJ3VrCuchiP8ZqrVNKtgrzzU4uHWcvhF0JnFyy6PaBV5HIgfLm8LyE4F_IOKifDH1sQPmgVupoHj4jE9emBT2JyPpiMeXuxs8R5eVw_H_Iu77KMPLmXNN1paJfmPcZitwyxpywiDGkg9ncfH93bhU_MHd5rPGAdkV1VZj6WkRcuJiQwTNiC2SSFuuMZyUVHCDlyE&ext_cid=5797462&px_id=731445320&min_cpm=3.515883463274518e-05&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=8&skin_test=0&from_cache=0&ecpm=0.0007000000000000001&cpm=0.0007000000000000001&verify_hash=0c6bab36e9273cdb630faf7a728d2d96&verify_hash_v2=c2d568ff51e6e87ffc8fdc27ebea8f8d010e5bc0eade84e185e262f013a4df4d&is_native=1&real_bid=0.0007000000000000001&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,95,148,70,8&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750023784&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=5797462&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&cpa=fc74dfee-1c5f-498a-8931-93f0c30ce672&prev_step_diff=331&st=0.12
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=&crid=141372_82091100&crtid=6bc270bae35cd8f11485518843129254&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01R24rcMAz9lXnJY4Jky5b92GVYKIUutB8w.JKZDbOTDEl2sy36.DrJQJdjm6OjIxnZhj2TVQLyOs_3qdLfKvVc1rIszdSm97G9nG.qScOtiIlMy4HaWgOamiDq2lsONSGgio4oxnOln39_P1b62NZjfX.vlC2hKnHFT9OYTq_DNPfh1lZ83HN6z_0d.vbU5V2.Lrs4h8u0K6mkNikN_Uc7Tt3QT6d5DOna9ZdikTIBMnmvWTuS25_Y5aYbxGPjoSHVoCFxCjwigBhN2nol3okQihYCWYFefZYtWCDJQg7MIYJKmTFSpjPY5BJFjEhOVGlDEm1MnrPDmFiRchzKu5ydgcTRa6dLK5DYXZYw3puUZL_pUJQwTYfQh7dDDveDbL4VGq0mtzODVrFsw4GSh2GF.8LWQlEkWheyfqXIz5dfX8z_QasFGgDcTvPg.Cgc59i0n0N669J1_fOtV_Gglw8F8vJDIEcDDOwjRDDZnhVrjhbazGCz9v8AV2gELlACAAA-%26cb%3De2e_684dece822f155.22839130&icons=lDO7RnjKLlGE5CukYOUF7DBI5JMH9XPyjMhW_peG7mIQn3UH3mnq4uHAlmuqdsArGtH-4i7JFuGbbpAAShh9RltzSfVAFiPwp6qTjFSHi8zzM6XRG3KPNNqFwP_MTusfl1zYvEIoCZCU3oSyrHfTdyz0arRpz8XXfSdAqTLsg_-QAOagnBQtiZMXatdGshb1_cQei60_TYi_9eRTt_mayb2t0wtrk3NKT8u5Qpz8VJ_lrquZQkunqm3QuPqKnjidLvA2tTZlmx_9DK4uWKwhApNhsaq9Qbr7awCoD_vig6jUjHyL9vEC6NX9pA0CNrJvPLaTqzUU43LX9dYpOQFOFD2DD5E09CbIcb0ea_vZXgWOkKwlxszxe6oOh65PnyHOPP18Bsz1YAaz2PF2RZe9Te7u-_LAtyS5ARh0h0DfxNUIoT5A6ZBOIxtyQKNQmScOk_Toycfag16Hm_MjjisGXYzmQFLBxtqYYrPLvuOc16DYuMykgYY33m7pigVc1tfkAH1MswVKv8GkTrR27y2bGXLhZW80cObmasJ98K9qFH9mdr-4V8w-LEQ5oSmftkApS9wpD4SFI2wfz4VwpUTrY-E-Mh1BzpkewhiAw-NRP4NXP_7G8KS0GjTWxOkX2IZcJh2oooboO8gMgkh4jb7yPWQpv9OoMi73mSeuGATtrl7D2HLzDlrbF5QkvomGMTCkLliYz_jhBRdJqksXmGrEanAJK2wB2FYgRyX-o6g9iizZFfEHf4jE3Y33PQbslgujG-zO1HDSWw6q2-isc1Mq67JKYoTZF5DX64di0ESVYg-Zq62KRGFuz_c8iqGm_4Kn1GMeHtWIwnWFPlyE7ynsSKKWZKUJIEEMMira1GB2E9B2HvJCfgzoV-uD4jHVNF8exZItPreBx4S-oGCO2HcTZQER6NDosetD2STUWK16kCHLqKDQj3Zye3SuFPcCKo8cg96x0pR7U-q4NgtGhCBkEiwthGycPr9qVsks4XcRIJI4Sc9KJ6uEP-fpuIHvpPM0bc8jQhRE8Lj2OIc40XD3lleT3oiwS3Rp4Od48svTRlaOzRTBKOw0JyewQnNs6kzVgq20Qxny5UaaPQeyAn_d0AI0p3DHV72FwCvo1VnhbqBfL_h109D6-vQk7jqCl0xxQxqFJzpNvINwU_289G1KmGG2O1wdlJcdmpeNn5zqVxpX5iCuB7fErKQ-eLQkVuXSLlcCT7V7yMxZLOpq8C4G6ZEtwcnuElaXoVVh__Wr4ks24XaeDNcWz0aSFU771Zw2Up_jY7zJ2_hMxJRmpRNptdThgssO2d1wGKnRzo8poBTFIJ11fZeThZsj5AXOaHbUBYSjJ3VrCuchiP8ZqrVNKtgrzzU4uHWcvhF0JnFyy6PaBV5HIgfLm8LyE4F_IOKifDH1sQPmgVupoHj4jE9emBT2JyPpiMeXuxs8R5eVw_H_Iu77KMPLmXNN1paJfmPcZitwyxpywiDGkg9ncfH93bhU_MHd5rPGAdkV1VZj6WkRcuJiQwTNiC2SSFuuMZyUVHCDlyE&ext_cid=5797462&px_id=731445320&min_cpm=3.515883463274518e-05&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=8&skin_test=0&from_cache=0&ecpm=0.0007000000000000001&cpm=0.0007000000000000001&verify_hash=0c6bab36e9273cdb630faf7a728d2d96&verify_hash_v2=c2d568ff51e6e87ffc8fdc27ebea8f8d010e5bc0eade84e185e262f013a4df4d&is_native=1&real_bid=0.0007000000000000001&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,95,148,70,8&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750023784&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=5797462&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&cpa=fc74dfee-1c5f-498a-8931-93f0c30ce672&prev_step_diff=331&st=0.12 HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET bigwarp.cc/images/ico-flag.png

104.22.57.130

200 OK

10 kB

URL GET
bigwarp.cc/images/ico-flag.png
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced
Size
10 kB (10467 bytes)
Hash
5b34b77d4db88fac010be0565bd12ff8
4ee0864f38f94b06694bf9e248b2e6cab269ba6d
83f325071f28561bb9b6b7edfd7fb49c8816fee483079d4d78d524b1e11e4bf5

HTTP Headers

GET /images/ico-flag.png HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: image/png
content-length: 10467
cf-ray: 94fd001289bb568f-OSL
last-modified: Tue, 19 Nov 2024 06:41:10 GMT
etag: "28e3-6273e51944d24"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2203
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917

109.202.99.162

206 Partial Content

5.2 MB

URL GET
fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917
IP
109.202.99.162:443
ASN
#49453 Global Layer B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subject*.bigwarp.io
FingerprintEC:99:21:1B:92:CE:90:96:2D:67:60:8B:EF:10:DC:48:73:FA:65:44
ValidityFri, 01 Nov 2024 08:00:08 GMT - Wed, 03 Dec 2025 08:00:07 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
5.2 MB (5242538 bytes)
Hash
cf28c7641040785bd520d3196b5eeaaa
c1ba839b7b7bd95ee6a4292cfd3a3281a5f9c149
82032a7eda15815b6b14252a8f21cfbcde7bc43c0b7f8497894f1feaae542a25

HTTP Headers

GET /v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917 HTTP/1.1
Host: fs54.bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 14 Jun 2025 21:40:29 GMT
Content-Type: video/mp4
Content-Length: 886521830
Last-Modified: Fri, 13 Jun 2025 22:06:58 GMT
Connection: keep-alive
ETag: "684ca102-34d73fe6"
Access-Control-Allow-Origin: *
Content-disposition: attachment
Content-Range: bytes 0-886521829/886521830

GET nereserv.com/in/dip?site=native-push&wl=1&event_id=1e1cf2c9-fdea-4388-9e5b-a421188e1280&subid=1262962996&sid=4208398747&spot_id=1445320&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1

116.202.249.56

200 OK

0 B

URL GET
nereserv.com/in/dip?site=native-push&wl=1&event_id=1e1cf2c9-fdea-4388-9e5b-a421188e1280&subid=1262962996&sid=4208398747&spot_id=1445320&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=1e1cf2c9-fdea-4388-9e5b-a421188e1280&subid=1262962996&sid=4208398747&spot_id=1445320&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET bigwarp.cc/m4pd6vdrgaj3

104.22.57.130

200 OK

57 kB

URL User Request GET
bigwarp.cc/m4pd6vdrgaj3
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (945)
Size
57 kB (56942 bytes)
Hash
4a198e8f10a6da9c69704ca70d58803c
8485fb9023b600f610588ee3ed15808cbf070eb5
768261f2bf77357139f068a273f1c9ce8657a07642e8309b76a203d9ccc2fb52

HTTP Headers

GET /m4pd6vdrgaj3 HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:54 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
expires: Fri, 13 Jun 2025 21:42:54 GMT
x-frame-options: DENY
set-cookie: lang=1; domain=.bigwarp.cc; path=/; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 94fd000efd43568f-OSL
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint81:A4:C6:88:C3:3E:D5:D5:E5:AB:E3:D3:AC:1A:1F:DE:B8:17:28:C6
ValidityFri, 30 May 2025 02:32:38 GMT - Thu, 28 Aug 2025 02:32:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Sun, 14 Jun 2026 21:43:04 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

POST bigwarp.cc/cdn-cgi/challenge-platform/h/b/jsd/r/0.21874664328629023:1749935546:ntx1ix8ZG6rm9HmuFlt_KQchMN0RCiLrD5lPdjavfRc/94fd000efd43568f

104.22.57.130

200 OK

0 B

URL POST
bigwarp.cc/cdn-cgi/challenge-platform/h/b/jsd/r/0.21874664328629023:1749935546:ntx1ix8ZG6rm9HmuFlt_KQchMN0RCiLrD5lPdjavfRc/94fd000efd43568f
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.21874664328629023:1749935546:ntx1ix8ZG6rm9HmuFlt_KQchMN0RCiLrD5lPdjavfRc/94fd000efd43568f HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12090
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1; _ga_90ZFH1V4FM=GS2.1.s1749937375$o1$g0$t1749937375$j60$l0$h0; _ga=GA1.1.538608489.1749937376; file_id=2762122; aff=3520; ads=-1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
cf-ray: 94fd00219bc2568f-OSL
set-cookie: cf_clearance=qYZk169NwS6riEdRDITQ9Ulq_yekeTIvd1HBS7NZJUQ-1749937377-1.2.1.1-eFsheOMK4ppNTW.b4Zss2S64748G.Gl7PSROlwuMZVBnR6MEP._v6oDvx1KuB7F8pkNE4EW1kwh6XHhjFGrufX.NgNWdD0.sODkfWPhgx4LOARHVN6pDyzQRprV.XXWHRd0B1o5Ctvch5H07ZpXvxxc2M00OVQEP0YVPLHCyQVqEk5hb8whTyYCClozTywG4KoDvV5tZ.gZb0Lmw8IJzCwgw8nzO8bPWvFU0DePGcwSjjD5t6IguegfcD3goMiBJ558T9cLGEFzmhwoTeXgjvM6aReVXc1rtyu4IlmWqi73hJTrZH4Oj_kSWhrwUUk9_owZ_1vIi9QqJyvwGt1fzefyl3m49Vpr6p.AGUZArAR4; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=bigwarp.cc; Expires=Sun, 14 Jun 2026 21:42:57 GMT
server: cloudflare
X-Firefox-Spdy: h2

GET metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

88.198.204.166

200 OK

0 B

URL GET
metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
88.198.204.166:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 14 Jun 2025 21:43:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPBG1mZrZjGRrO--m4TnNdOQlVosApiQ4L7CKxx-Ht0XMp0DFOa_cRVzYm2CMeZ9-p6GnORnw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1865479999%3A1749937383427854

142.251.9.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPBG1mZrZjGRrO--m4TnNdOQlVosApiQ4L7CKxx-Ht0XMp0DFOa_cRVzYm2CMeZ9-p6GnORnw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1865479999%3A1749937383427854
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint09:73:D4:56:AF:03:7E:40:3B:60:95:56:66:8D:E9:27:E0:DA:EC:DA
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPBG1mZrZjGRrO--m4TnNdOQlVosApiQ4L7CKxx-Ht0XMp0DFOa_cRVzYm2CMeZ9-p6GnORnw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1865479999%3A1749937383427854 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jun 2025 21:43:03 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-yGUnlSc7t8xAFBrDu5igGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.Kmu9ycRrjV8.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=7uYtdxkxr5XssJNlbGPkbei39jd77eNO3DTSrDSL5tSnjUeIb4tCpohDjv-YXu54mUEfQbypRzEtMnIX6wSLsAuqIjbEPTbZ0mzIfazrwBF_IYlHf-l3-c2vFKqP_jMgnbBJGFFrMMJ7ihylY3tw-cxNsqzYuymqi_lKZhrcu7S4eNRkgA&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.04543152063139811&px_id=2640385&min_cpm=0.0003755947917323847&out_id=1&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,4,20,27,150&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=368251c6-cebe-4f62-a1b7-5f0524ed39c9&prev_step_diff=591&st=0.12

116.202.249.56

200 OK

0 B

URL GET
dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=7uYtdxkxr5XssJNlbGPkbei39jd77eNO3DTSrDSL5tSnjUeIb4tCpohDjv-YXu54mUEfQbypRzEtMnIX6wSLsAuqIjbEPTbZ0mzIfazrwBF_IYlHf-l3-c2vFKqP_jMgnbBJGFFrMMJ7ihylY3tw-cxNsqzYuymqi_lKZhrcu7S4eNRkgA&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.04543152063139811&px_id=2640385&min_cpm=0.0003755947917323847&out_id=1&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,4,20,27,150&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=368251c6-cebe-4f62-a1b7-5f0524ed39c9&prev_step_diff=591&st=0.12
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=7uYtdxkxr5XssJNlbGPkbei39jd77eNO3DTSrDSL5tSnjUeIb4tCpohDjv-YXu54mUEfQbypRzEtMnIX6wSLsAuqIjbEPTbZ0mzIfazrwBF_IYlHf-l3-c2vFKqP_jMgnbBJGFFrMMJ7ihylY3tw-cxNsqzYuymqi_lKZhrcu7S4eNRkgA&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.04543152063139811&px_id=2640385&min_cpm=0.0003755947917323847&out_id=1&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,4,20,27,150&need_redirect_show=0&applied_features=stage-skins-settings,test_skins&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=368251c6-cebe-4f62-a1b7-5f0524ed39c9&prev_step_diff=591&st=0.12 HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiO4UVLfbB4v9xobdSbyDDlhF9i4ESMnRFB6aTeArIpJF5UjWRYjv6CJEEyLL2KvR-xHkMtVPA

142.251.9.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiO4UVLfbB4v9xobdSbyDDlhF9i4ESMnRFB6aTeArIpJF5UjWRYjv6CJEEyLL2KvR-xHkMtVPA
IP
142.251.9.84:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiO4UVLfbB4v9xobdSbyDDlhF9i4ESMnRFB6aTeArIpJF5UjWRYjv6CJEEyLL2KvR-xHkMtVPA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:I2VakeYO6upc04-jqp1eKwiGgRj_fw:orC7u0eem8a8z7ud;Path=/;Expires=Mon, 14-Jun-2027 21:43:03 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jun 2025 21:43:03 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPBG1mZrZjGRrO--m4TnNdOQlVosApiQ4L7CKxx-Ht0XMp0DFOa_cRVzYm2CMeZ9-p6GnORnw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1865479999%3A1749937383427854
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-bR6JbN4bgTb5_RGTSjyiGQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 416
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET us.vastilymoid.com/stsr5AW9ySNm/117476

23.109.170.189

200 OK

6 B

URL GET
us.vastilymoid.com/stsr5AW9ySNm/117476
IP
23.109.170.189:443
ASN
#7979 SERVERS-COM

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectus.vastilymoid.com
Fingerprint18:7B:41:04:49:76:73:D0:9B:2E:EF:9C:FD:46:BE:D5:3B:3C:04:A6
ValidityMon, 26 May 2025 07:03:36 GMT - Sun, 24 Aug 2025 07:03:35 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stsr5AW9ySNm/117476 HTTP/1.1
Host: us.vastilymoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jun 2025 21:42:55 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Origin
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, OPTIONS
Set-Cookie: GGI10=G/IAAASeD7dNK/dmKv8IjKne3vVF23LHD4p/239bRbcCCoMg63NMJOcmHtdgLENcdVb9C/8fcU22F4TMszPXDn3bi0JM1sszQtMiPRle3iuF+nW+PadvTJQWghuEE2erh7OxP8CGug0ouFXNMz9sX8bofOhPVVBMTsv72LAiF5aGU46qKWF8uZ1fb+RKCE0MoKV13JEH4pvoZXocf6ywyRddqbWmm1R6/v8=; max-age=3600000; path=/; secure; SameSite=None
GUI4=G/gDAMRIp04r95OT6ECi2ZbXlKmVUfRDNNHq/c+tboiHQszEdl9md5hoHSQir3sjEjJxrxMS5srGlhZBEWEdknvyLM1tkP8V3CQYfHC8qlUWhW84OtVOXHJ++9EY1elN+5eVa9+0+XJsR84sW6d32ksc5soYwwBlpDXCMiRM2DYFWf4EDsYu7sV2zAu1w4tvBsHFdR0aOBfKTCdJHBBUow++IdIaOOpYAcG9ORVwlGgDBLITqeV6kA9QRoeG6McX6803cICgVFFc/DWP31hNXdz6K1d+aVpED7JRP1NtmVk2EpYVZPSiikhIvB8EqrMj6na0zukJOrIrH4WMwBkGR1moIl5r0uQTVIkjccsROFp8xX60JIddYhhsPa2n8RSeXsm7lCAG3KVncCeWepuTG/4ACaGZiRdKZcAn/hm9qrHOQRB+rGjnrrJ9qp4N1RdTsew4QjQGSkGI6ItEkjrSV1RaojqFalUXHjJlt8dAtdCPi8fRGFLRZYYc1IUY4/aKNfgongPCcIzKg72ncN0CJaFAIq64zJK7JWXyUpY8XH/02/wnjUnBVv0gGDpRmrSsHOE2eIyc1UAWzuxZSHacQBJiclkTrxyKArUn2A78SLgs0+MA; max-age=3600000; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.35

200 OK

8.0 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:41:53 GMT
expires: Wed, 10 Jun 2026 02:41:53 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
age: 414063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintAB:89:C2:3D:3B:E4:DD:0A:32:44:EC:41:65:9E:53:44:11:61:AB:F3
ValiditySun, 04 May 2025 05:28:22 GMT - Sat, 02 Aug 2025 06:26:59 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=I8P8UwNr%2BNwEa5MOr%2Fvwnd7VDSX1SJ9b5YkbjLyl5twqn%2F1FI%2FsQ2DGEOeuwLTmmRp1vzb%2FkpOSkPxpVKS5nysRXyFBbpOuv14dmJTwOU6IqxiDorw%3D%3D"}]}
vary: Accept-Encoding
x-request-id: 372f78116678146c6841a5c0767c8f0e
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94fd003dae17b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

88.198.204.166

200 OK

0 B

URL GET
metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
88.198.204.166:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 14 Jun 2025 21:43:02 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET js.wpushsdk.com/npc/sdk/wpu/npush.m.js

45.133.44.53

200 OK

208 kB

URL GET
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint0A:DC:0B:A8:1A:A8:C8:90:9C:96:FF:5B:B2:8B:1F:6D:1A:05:B2:B7
ValidityTue, 06 May 2025 02:34:10 GMT - Mon, 04 Aug 2025 02:34:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
208 kB (208083 bytes)
Hash
b9aba566d0445eab3f1552b6d64898ec
1ff18babf66a5345c16d626ce7708bf7849e16ea
e146dd1ced6e8adc75d22fb7efcacb5c6eebf7dc86fbeb79037f7b76d5d84b8c

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 06 Jun 2025 08:22:55 GMT
etag: W/"6842a55f-32cd3"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:48:02 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET afrdtech.com/v1/script.js?kmnrKey=942899560

31.220.27.154

403 Forbidden

0 B

URL GET
afrdtech.com/v1/script.js?kmnrKey=942899560
IP
31.220.27.154:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectafrdtech.com
Fingerprint52:EF:71:A3:CB:47:A6:FA:6C:11:30:57:52:9B:BA:A6:22:4D:6E:6C
ValidityFri, 02 May 2025 11:48:10 GMT - Thu, 31 Jul 2025 11:48:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/script.js?kmnrKey=942899560 HTTP/1.1
Host: afrdtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: nginx
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
content-length: 0
accept-ch: Width, Viewport-Width, DPR, Device-Memory, Downlink, RTT, ECT, Save-Data, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET bvtpk.com/tag.min.js

104.21.5.190

200 OK

108 kB

URL GET
bvtpk.com/tag.min.js
IP
104.21.5.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbvtpk.com
Fingerprint80:D6:91:C2:8E:83:24:9B:4F:8D:6D:D8:9F:ED:C8:E8:4F:95:41:F8
ValidityWed, 14 May 2025 10:17:51 GMT - Tue, 12 Aug 2025 11:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107698 bytes)
Hash
ac22f7fe3727ed8c58365efeb7b79ca8
d9553961a8d9f7f790e8514837ef12cca9e54a68
42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: bvtpk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: b1225e7147a7209821b8353279c9d6a0
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 1459
cf-cache-status: HIT
last-modified: Sat, 14 Jun 2025 21:18:36 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=l5vyKfV0VL4GySV08crqCBq5o3Y%2BJQ%2F8XT0zlfxHBIde1tzGEOTktcY0B4AKI12I%2B7I%2B3AIhNqfVC8FqcxVCwVE6yZSYM8k%3D"}]}
cf-ray: 94fd0019fd1d56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917

109.202.99.162

206 Partial Content

5.5 MB

URL GET
fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917
IP
109.202.99.162:443
ASN
#49453 Global Layer B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subject*.bigwarp.io
FingerprintEC:99:21:1B:92:CE:90:96:2D:67:60:8B:EF:10:DC:48:73:FA:65:44
ValidityFri, 01 Nov 2024 08:00:08 GMT - Wed, 03 Dec 2025 08:00:07 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
5.5 MB (5504682 bytes)
Hash
4213fa29ca3bc19be054180c6341541f
dd8f226c44f2b9ddebc13ebaf5f94e5de4575905
f30a267271e8d6ffc5eaf01e26dedf36c14bb7c3d6abce13ca3e4040b6d6d8a4

HTTP Headers

GET /v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917 HTTP/1.1
Host: fs54.bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 14 Jun 2025 21:40:23 GMT
Content-Type: video/mp4
Content-Length: 886521830
Last-Modified: Fri, 13 Jun 2025 22:06:58 GMT
Connection: keep-alive
ETag: "684ca102-34d73fe6"
Access-Control-Allow-Origin: *
Content-disposition: attachment
Content-Range: bytes 0-886521829/886521830

GET a.labadena.com/api/users/485939?host=bigwarp.cc&ev=220&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=1&kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3

37.27.230.125

200 OK

741 B

URL GET
a.labadena.com/api/users/485939?host=bigwarp.cc&ev=220&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=1&kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjecta.labadena.com
Fingerprint95:52:FA:DF:EF:05:5E:A0:C0:62:A7:75:51:E5:2D:B7:50:B0:EC:F6
ValidityWed, 14 May 2025 23:28:38 GMT - Tue, 12 Aug 2025 23:28:37 GMT

File type
ASCII text, with very long lines (444)
Size
741 B (741 bytes)
Hash
1ad8ec1c0ab8625e1682f68f54c215b5
9b6279ed70ee48e3d73b38479c6cf21e5e97e7b1
340bea9f43a4b9728ee19b320fdfd4a4d6accbab6c7f2f5d154a53270d8688bc

HTTP Headers

GET /api/users/485939?host=bigwarp.cc&ev=220&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=1&kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jun 2025 21:43:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=mjsj0zrhloY77NZACVjg; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

GET bigwarp.io/m4pd6vdrgaj3

104.21.80.1

301 Moved Permanently

57 kB

URL User Request GET
bigwarp.io/m4pd6vdrgaj3
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type

Size
57 kB (56942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /m4pd6vdrgaj3 HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 14 Jun 2025 21:42:54 GMT
content-type: text/html; charset=iso-8859-1
location: https://bigwarp.cc/m4pd6vdrgaj3
cf-ray: 94fd000d999e1c0e-OSL
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZB9SZJ10AU%2BDsm59YnL3JAfzR3ZIYAPuGCM4kxLFPOTP9ton20wjMYBxOud34xyauWk78DIzSOZYd1PbwpBd%2BklFIFaK6179HgoROVZGe5CD5M1ARgNWgh3m8SS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfOrigin;dur=143,cfEdge;dur=13, cfL4;desc="?proto=TCP&rtt=5671&min_rtt=451&rtt_var=10467&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1131&delivery_rate=7743315&cwnd=250&unsent_bytes=0&cid=91fd4832837801c1&ts=177&x=0"
X-Firefox-Spdy: h2

GET s3t3d2y9.afcdn.net/library/141372/19bfa7f6fbedf06b395b50408fe37447a0e9d47c.jpg

185.76.9.11

200 OK

9.1 kB

URL GET
s3t3d2y9.afcdn.net/library/141372/19bfa7f6fbedf06b395b50408fe37447a0e9d47c.jpg
IP
185.76.9.11:443
ASN
#60068 Datacamp Limited

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
ValiditySat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 192x192, components 3
Size
9.1 kB (9143 bytes)
Hash
9b681c7bc1419f590e88876930106975
19bfa7f6fbedf06b395b50408fe37447a0e9d47c
eb355f5f11dae2aa50a82a9f284ef6ab44d1c9da5752144728a8e49b85536360

HTTP Headers

GET /library/141372/19bfa7f6fbedf06b395b50408fe37447a0e9d47c.jpg HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: image/jpeg
content-length: 9143
last-modified: Mon, 11 Feb 2019 15:06:13 GMT
etag: "5c618f65-23b7"
expires: Thu, 28 May 2026 19:12:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec01-prg1-1
x-77-nzt: EwwBuUwJCgH3RocWAAwBuUwKCQH3dgUAAAwBw7WvAgG3FAAAAA
x-77-nzt-ray: e2f75420fc10f1eee8ec4d680fabb128
x-77-cache: HIT
x-77-age: 1476422
server: CDN77-Turbo
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bigwarp.io/css/main.css?

104.21.32.1

200 OK

49 kB

URL GET
bigwarp.io/css/main.css?
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
assembler source, Unicode text, UTF-8 text
Size
49 kB (49243 bytes)
Hash
40fa099cd62886ddda0afde4ef18cc84
4c53f2b1e903260eeeff8c4f78b1562e015e1951
57fd276195b1343bb4664915c74396b2331de23b3a778e05e85c149db2332d55

HTTP Headers

GET /css/main.css? HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 18 Feb 2025 05:47:09 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nAPNP3Qhnr7I%2FElHa5W6p%2B1RtZvFUiAcHZ1lfJjjViEs%2BdX4eCKbd4H4AN8rD%2BJEq%2B9CnN8NA%2BeZ8GWrmekygCNXib7KTaGs"}]}
age: 4244
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
etag: W/"c05b-62e642bf259de"
content-encoding: br
cf-ray: 94fd0012d832b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

151.101.193.229

200 OK

156 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
156 kB (155845 bytes)
Hash
abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Sat, 14 Jun 2025 21:42:55 GMT
age: 2799008
x-served-by: cache-fra-eddf8230173-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20016
X-Firefox-Spdy: h2

POST p2yn.com/5/9175603/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0

139.45.195.12

204 No Content

0 B

URL POST
p2yn.com/5/9175603/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0
IP
139.45.195.12:443
ASN
#9002 RETN Limited

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectp2yn.com
Fingerprint41:DF:44:91:8F:FF:ED:B1:15:DC:67:CC:7C:9F:5F:DA:C7:F0:61:F8
ValidityTue, 22 Apr 2025 14:26:15 GMT - Mon, 21 Jul 2025 14:26:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/9175603/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0 HTTP/1.1
Host: p2yn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2595
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 14 Jun 2025 21:43:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://bigwarp.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3Dmz3u88%26c%3DvbOfVpnEM5N13rJBV9EzyCdGTJMYP_mKGYOFzw4H-ngP2eLVlfWmCRDoU-hPM5qO4RBLv1-Ti55HnUMcrPmed3uZH-09OwAjyyoWUPOZHhOTMyrj3qriQ5EwAQQMeBJauNGrmTUwWLY5xRXxWP4ZHOY9cnshg-LoicE-lUgvhnzY-sIYp_CPyXDq_wbhBLaRmhinJXymtsNbHGWEgh9uZujjDq9c3z4N-zVEltOXUc8Rq4JDK64n1AapBqJC9xgKYx5_QJTc0SkSAt9pkvlep4VmWZcO45kNscL4SyAIDWOvhjNieXGMlaPUyMvMLSDHLNPuavBHpTu4CX32J2Ss0h1RmO3n5icOKgCFE2AK4dJb_Jw0ec_gdp8BcWprJMWitT4a1quxxQsQ-LFz-52jdRXyytJi2U6EeJa54Q9uWlvvpyW2fqMpH2jaVwKG80RGw2WDcBfZhrGzeQW4MI05v6Cg3CdCiSlBCagcZZ2bP9nzWGVxuZfyECtYlgGE0IcJmCqTC93v8qPqX_uVjZkVd1lIUcXvWwTsKwYN7WgQ49IIP8j-bWxTrhEk1C_kXQDfFc6S-jxaMyUklDO2&icons=CFFzPgLZJUV0PH5S1PgHKGQyRte8WLE4HkKGjIrxFzRkhN-_SaAbF6jjj9VriuIRtF7aYjYIG1enJjvxnKQC9HSaPl3DVk_JPCr02cb-aGk0zwGFCMhbeimxN-dGjYM9Cd-tjZPpg3P2-qzw7SjJ2TbgY9krUbI1nC0NyUrygH2ptEbjKw&ext_cid=0&pop_price=0.0035&pop_ecpm=0.11155112242269875&px_id=1445320&min_cpm=0.0003819024365897725&out_id=1&campaign_type=lq-pop-ext&aid=3335&cid=15248&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=2.556400090455995&cpm=0.0035&verify_hash=6cc11f8f9b2fc239533d02cf7f28f66d&verify_hash_v2=e6fe4cf4a6702305897a4df05a82b107a890b8f7828ddfd5c4a067ada742f7a7&is_native=3&real_bid=0&pop_real_cpm=0&pop_real_bid=0.002556400090455995&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,150,70,108,0,4,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750110184&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&is_pop_cpc=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0035&ext_campaign_id_str=18832&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=8af8f448-932f-484e-9250-302bf68fe2ed&prev_step_diff=330&st=0.12

116.202.249.56

200 OK

0 B

URL GET
dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3Dmz3u88%26c%3DvbOfVpnEM5N13rJBV9EzyCdGTJMYP_mKGYOFzw4H-ngP2eLVlfWmCRDoU-hPM5qO4RBLv1-Ti55HnUMcrPmed3uZH-09OwAjyyoWUPOZHhOTMyrj3qriQ5EwAQQMeBJauNGrmTUwWLY5xRXxWP4ZHOY9cnshg-LoicE-lUgvhnzY-sIYp_CPyXDq_wbhBLaRmhinJXymtsNbHGWEgh9uZujjDq9c3z4N-zVEltOXUc8Rq4JDK64n1AapBqJC9xgKYx5_QJTc0SkSAt9pkvlep4VmWZcO45kNscL4SyAIDWOvhjNieXGMlaPUyMvMLSDHLNPuavBHpTu4CX32J2Ss0h1RmO3n5icOKgCFE2AK4dJb_Jw0ec_gdp8BcWprJMWitT4a1quxxQsQ-LFz-52jdRXyytJi2U6EeJa54Q9uWlvvpyW2fqMpH2jaVwKG80RGw2WDcBfZhrGzeQW4MI05v6Cg3CdCiSlBCagcZZ2bP9nzWGVxuZfyECtYlgGE0IcJmCqTC93v8qPqX_uVjZkVd1lIUcXvWwTsKwYN7WgQ49IIP8j-bWxTrhEk1C_kXQDfFc6S-jxaMyUklDO2&icons=CFFzPgLZJUV0PH5S1PgHKGQyRte8WLE4HkKGjIrxFzRkhN-_SaAbF6jjj9VriuIRtF7aYjYIG1enJjvxnKQC9HSaPl3DVk_JPCr02cb-aGk0zwGFCMhbeimxN-dGjYM9Cd-tjZPpg3P2-qzw7SjJ2TbgY9krUbI1nC0NyUrygH2ptEbjKw&ext_cid=0&pop_price=0.0035&pop_ecpm=0.11155112242269875&px_id=1445320&min_cpm=0.0003819024365897725&out_id=1&campaign_type=lq-pop-ext&aid=3335&cid=15248&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=2.556400090455995&cpm=0.0035&verify_hash=6cc11f8f9b2fc239533d02cf7f28f66d&verify_hash_v2=e6fe4cf4a6702305897a4df05a82b107a890b8f7828ddfd5c4a067ada742f7a7&is_native=3&real_bid=0&pop_real_cpm=0&pop_real_bid=0.002556400090455995&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,150,70,108,0,4,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750110184&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&is_pop_cpc=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0035&ext_campaign_id_str=18832&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=8af8f448-932f-484e-9250-302bf68fe2ed&prev_step_diff=330&st=0.12
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=311445320&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset,all&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=1262962996&sid=4208398747&tcid=0&ver=8.232.0&ver_c=&spot_id=1445320&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=96.76611739732309&kubik_score=89.831414389523&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1262962996%26spot_id%3D1445320%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3Dmz3u88%26c%3DvbOfVpnEM5N13rJBV9EzyCdGTJMYP_mKGYOFzw4H-ngP2eLVlfWmCRDoU-hPM5qO4RBLv1-Ti55HnUMcrPmed3uZH-09OwAjyyoWUPOZHhOTMyrj3qriQ5EwAQQMeBJauNGrmTUwWLY5xRXxWP4ZHOY9cnshg-LoicE-lUgvhnzY-sIYp_CPyXDq_wbhBLaRmhinJXymtsNbHGWEgh9uZujjDq9c3z4N-zVEltOXUc8Rq4JDK64n1AapBqJC9xgKYx5_QJTc0SkSAt9pkvlep4VmWZcO45kNscL4SyAIDWOvhjNieXGMlaPUyMvMLSDHLNPuavBHpTu4CX32J2Ss0h1RmO3n5icOKgCFE2AK4dJb_Jw0ec_gdp8BcWprJMWitT4a1quxxQsQ-LFz-52jdRXyytJi2U6EeJa54Q9uWlvvpyW2fqMpH2jaVwKG80RGw2WDcBfZhrGzeQW4MI05v6Cg3CdCiSlBCagcZZ2bP9nzWGVxuZfyECtYlgGE0IcJmCqTC93v8qPqX_uVjZkVd1lIUcXvWwTsKwYN7WgQ49IIP8j-bWxTrhEk1C_kXQDfFc6S-jxaMyUklDO2&icons=CFFzPgLZJUV0PH5S1PgHKGQyRte8WLE4HkKGjIrxFzRkhN-_SaAbF6jjj9VriuIRtF7aYjYIG1enJjvxnKQC9HSaPl3DVk_JPCr02cb-aGk0zwGFCMhbeimxN-dGjYM9Cd-tjZPpg3P2-qzw7SjJ2TbgY9krUbI1nC0NyUrygH2ptEbjKw&ext_cid=0&pop_price=0.0035&pop_ecpm=0.11155112242269875&px_id=1445320&min_cpm=0.0003819024365897725&out_id=1&campaign_type=lq-pop-ext&aid=3335&cid=15248&uniq=&mid=6333992346846900469&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=2.556400090455995&cpm=0.0035&verify_hash=6cc11f8f9b2fc239533d02cf7f28f66d&verify_hash_v2=e6fe4cf4a6702305897a4df05a82b107a890b8f7828ddfd5c4a067ada742f7a7&is_native=3&real_bid=0&pop_real_cpm=0&pop_real_bid=0.002556400090455995&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,150,70,108,0,4,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=1750110184&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-b&auc_type=1&pop_type=1&is_pop_cpc=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0035&ext_campaign_id_str=18832&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&cpa=8af8f448-932f-484e-9250-302bf68fe2ed&prev_step_diff=330&st=0.12 HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET bvtpk.com/tag.min.js

104.21.5.190

200 OK

108 kB

URL GET
bvtpk.com/tag.min.js
IP
104.21.5.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbvtpk.com
Fingerprint80:D6:91:C2:8E:83:24:9B:4F:8D:6D:D8:9F:ED:C8:E8:4F:95:41:F8
ValidityWed, 14 May 2025 10:17:51 GMT - Tue, 12 Aug 2025 11:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107698 bytes)
Hash
ac22f7fe3727ed8c58365efeb7b79ca8
d9553961a8d9f7f790e8514837ef12cca9e54a68
42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: bvtpk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: b1225e7147a7209821b8353279c9d6a0
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 1459
cf-cache-status: HIT
last-modified: Sat, 14 Jun 2025 21:18:36 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9h3ekUdqsuZl%2B9P30ip%2F8wBd%2BJ6yDnAnCQ0X9CdRleufXoBTRyqMGy5vGVPubQIdBfjUuT%2BwSbxh4YsptlmGoOtNxX5GvNI%3D"}]}
cf-ray: 94fd0019fd2156c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET nereserv.com/in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3

116.202.249.56

200 OK

0 B

URL GET
nereserv.com/in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=fc79a602-1567-4891-98c9-f163bfaa2723&subid=671610963&spot_id=1449964&created_at=2025-06-14&timezone=0&ver=1.162.3 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:02 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

POST enrtx.com/get/

94.130.197.239

200 OK

5.9 kB

URL POST
enrtx.com/get/
IP
94.130.197.239:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectpopunder-base.infrapu.sh
FingerprintD1:0E:8E:F9:D2:2D:16:E4:51:52:3C:0F:A6:8D:A3:35:C2:6B:C1:1A
ValidityMon, 26 May 2025 07:34:47 GMT - Sun, 24 Aug 2025 07:34:46 GMT

File type
JSON text data
Size
5.9 kB (5925 bytes)
Hash
4e2732031935cfa002a8a26dea2e9625
eaacc785c9f66b8d00ee16edce2d1836328fa593
7fcb63eeda80fab9f814fa44b8f1725872c65429fa20ca65c3b1db8da686c38c

HTTP Headers

POST /get/ HTTP/1.1
Host: enrtx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bigwarp.cc/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1335
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: application/json
content-length: 5925
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET s.optvz.com/cimp.php?data=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfC9saWJyYXJ5LzE0MTM3Mi8xOWJmYTdmNmZiZWRmMDZiMzk1YjUwNDA4ZmUzNzQ0N2EwZTlkNDdjLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDE0MTM3Mnw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk4fDU3OTc0NjJ8ODIwOTExMDB8NDB8M3wwfDB8MjUzNDR8MHwwLjF8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MTAyfDh8MXx8YzYwZGE3N2FiMDJjZDcxYjRkNGYwNmM4YzRiMWIxNDh8YjZiYzk3ZDgxYmM3MjQyODdhMGIzZjg1MGM3YjkzODN8MXwwfGJpZ3dhcnAuY2N8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MzE2MzQ4MHwtMXwwfDMxNTE2Mjd8fHwzfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEzNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEzNC4wfHwyNHwzM3wwfDJ8MHx8fDB8MHwwfDB8MHwwfDB8MHwwfDB8M3wwLjIxMjA0MDgyfDAuMDAxfDAuMDA1fDAuMDAxfDF8MnwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4xOXxPS3xjY2Q5ZDFhYThjNTYwMjQ1YzU2NzFmN2I0ZDdkYTkwYg--&bs=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDh8MC41fDAuMXwwLjF8MHxPS3xjODNkNTdiNTE3OWIxODU5MmE5NTFiNGE2YTYzOWMzNA--&cb=e2e_684dece822f304.23826219

95.211.229.245

302 Found

9.1 kB

URL GET
s.optvz.com/cimp.php?data=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfC9saWJyYXJ5LzE0MTM3Mi8xOWJmYTdmNmZiZWRmMDZiMzk1YjUwNDA4ZmUzNzQ0N2EwZTlkNDdjLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDE0MTM3Mnw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk4fDU3OTc0NjJ8ODIwOTExMDB8NDB8M3wwfDB8MjUzNDR8MHwwLjF8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MTAyfDh8MXx8YzYwZGE3N2FiMDJjZDcxYjRkNGYwNmM4YzRiMWIxNDh8YjZiYzk3ZDgxYmM3MjQyODdhMGIzZjg1MGM3YjkzODN8MXwwfGJpZ3dhcnAuY2N8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MzE2MzQ4MHwtMXwwfDMxNTE2Mjd8fHwzfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEzNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEzNC4wfHwyNHwzM3wwfDJ8MHx8fDB8MHwwfDB8MHwwfDB8MHwwfDB8M3wwLjIxMjA0MDgyfDAuMDAxfDAuMDA1fDAuMDAxfDF8MnwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4xOXxPS3xjY2Q5ZDFhYThjNTYwMjQ1YzU2NzFmN2I0ZDdkYTkwYg--&bs=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDh8MC41fDAuMXwwLjF8MHxPS3xjODNkNTdiNTE3OWIxODU5MmE5NTFiNGE2YTYzOWMzNA--&cb=e2e_684dece822f304.23826219
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectoptvz.com
Fingerprint04:D5:77:F6:10:22:86:33:18:2E:74:FD:A3:13:77:DE:78:7E:21:C9
ValidityTue, 10 Jun 2025 10:19:13 GMT - Mon, 08 Sep 2025 10:19:12 GMT

File type

Size
9.1 kB (9143 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cimp.php?data=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfC9saWJyYXJ5LzE0MTM3Mi8xOWJmYTdmNmZiZWRmMDZiMzk1YjUwNDA4ZmUzNzQ0N2EwZTlkNDdjLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDE0MTM3Mnw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk4fDU3OTc0NjJ8ODIwOTExMDB8NDB8M3wwfDB8MjUzNDR8MHwwLjF8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MTAyfDh8MXx8YzYwZGE3N2FiMDJjZDcxYjRkNGYwNmM4YzRiMWIxNDh8YjZiYzk3ZDgxYmM3MjQyODdhMGIzZjg1MGM3YjkzODN8MXwwfGJpZ3dhcnAuY2N8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfaW5fcGFnZV9wdXNoX25vdGlmaWNhdGlvbnwwfDB8MzE2MzQ4MHwtMXwwfDMxNTE2Mjd8fHwzfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEzNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEzNC4wfHwyNHwzM3wwfDJ8MHx8fDB8MHwwfDB8MHwwfDB8MHwwfDB8M3wwLjIxMjA0MDgyfDAuMDAxfDAuMDA1fDAuMDAxfDF8MnwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4xOXxPS3xjY2Q5ZDFhYThjNTYwMjQ1YzU2NzFmN2I0ZDdkYTkwYg--&bs=TVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDh8MC41fDAuMXwwLjF8MHxPS3xjODNkNTdiNTE3OWIxODU5MmE5NTFiNGE2YTYzOWMzNA--&cb=e2e_684dece822f304.23826219 HTTP/1.1
Host: s.optvz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 14 Jun 2025 21:43:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%224909e85cdafe4e43ca8f1d4993736494%22%3B%7D; expires=Mon, 14 Jun 2027 21:43:04 GMT; path=; domain=.optvz.com; Secure; SameSite=none
Location: https://s3t3d2y9.afcdn.net/library/141372/19bfa7f6fbedf06b395b50408fe37447a0e9d47c.jpg
X-Robots-Tag: noindex, follow

GET bigwarp.io/css/bootstrap.css

104.21.32.1

200 OK

144 kB

URL GET
bigwarp.io/css/bootstrap.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
ASCII text, with very long lines (540)
Size
144 kB (144219 bytes)
Hash
de29a2a7f8fdd32726d8e70fa3037379
45686004dcb4a332ffd98cca3ba7979bf1a02aa7
0dd311ba439876efdb560247faf414416adb4683c5184c817c5c4ff1137e8a9a

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 18 Feb 2025 05:47:09 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cLE2T2D7SgAitJebb1AcCtZyyL%2Bpzu%2FVEh5w6KhbNLTz8%2FxW017z2tYoER13G%2BkTHKYKltm4%2BymTTNzNkcoVfwHYYT%2B4l8CN"}]}
age: 4244
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
etag: W/"2335b-62e642bf2791e"
content-encoding: br
cf-ray: 94fd001338a8b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bigwarp.cc/dl?op=get_slides&length=4285&url=https://fs54.bigwarp.io/i/01/00552/m4pd6vdrgaj30000.jpg

104.22.57.130

403 Forbidden

7.2 kB

URL GET
bigwarp.cc/dl?op=get_slides&length=4285&url=https://fs54.bigwarp.io/i/01/00552/m4pd6vdrgaj30000.jpg
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
HTML document, ASCII text, with very long lines (7224), with no line terminators
Size
7.2 kB (7224 bytes)
Hash
617c9d25c2f1a7273ad5ef345cee10bb
030e77990413a8c970577a3795df5790f098aaec
9c72a040e841ace604f6241eafce3dec59911e159143f55ceec6392cb4b8ca11

HTTP Headers

GET /dl?op=get_slides&length=4285&url=https://fs54.bigwarp.io/i/01/00552/m4pd6vdrgaj30000.jpg HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1; _ga_90ZFH1V4FM=GS2.1.s1749937375$o1$g0$t1749937375$j60$l0$h0; _ga=GA1.1.538608489.1749937376; file_id=2762122; aff=3520; ads=-1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server-timing: chlray;desc="94fd001c5d4f568f"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd001c5d4f568f-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET na.nawpush.com/tags/331293?version_name=b&domain=bigwarp.cc

45.133.44.24

200 OK

1.3 kB

URL GET
na.nawpush.com/tags/331293?version_name=b&domain=bigwarp.cc
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint95:17:E8:76:46:3F:BE:D1:B1:49:03:3B:B8:E3:15:5A:8B:FB:00:41
ValidityThu, 22 May 2025 02:31:52 GMT - Wed, 20 Aug 2025 02:31:51 GMT

File type
JSON text data
Size
1.3 kB (1333 bytes)
Hash
c300cb5dd0656e37409fda04ebf14130
5ad1cef0510ec630ad327da7fa0923ed4712ce48
65abaca4e76b22be869e2a5623c10e935460bbbf44995b24a29c75d0ff7a60eb

HTTP Headers

GET /tags/331293?version_name=b&domain=bigwarp.cc HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

OPTIONS fp.metricswpsh.com/fp?tag_id=311007

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=311007
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=311007 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://bigwarp.cc
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS fp.metricswpsh.com/fp?tag_id=331293

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=331293
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=331293 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://bigwarp.cc
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST a.labadena.com/api/pageview/485939?kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&host=bigwarp.cc&ev=220&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=true

37.27.230.125

200 OK

0 B

URL POST
a.labadena.com/api/pageview/485939?kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&host=bigwarp.cc&ev=220&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=true
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjecta.labadena.com
Fingerprint95:52:FA:DF:EF:05:5E:A0:C0:62:A7:75:51:E5:2D:B7:50:B0:EC:F6
ValidityWed, 14 May 2025 23:28:38 GMT - Tue, 12 Aug 2025 23:28:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/pageview/485939?kw=free%2Cyoga%2Cclass%2Cwet%2C7on1%2Cjolee%2Clove%2Cbbc%2Catm%2Cdap%2Cbig%2Cgapes&host=bigwarp.cc&ev=220&url=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&sid=b154372b-5988-42cc-a022-26fd18860f41&i=true HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Cookie: nauid=mjsj0zrhloY77NZACVjg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

GET bigwarp.io/css/style.css

104.21.32.1

200 OK

26 kB

URL GET
bigwarp.io/css/style.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
assembler source, ASCII text, with very long lines (510)
Size
26 kB (26239 bytes)
Hash
122137fc7acbd3ae93b8ed425269e2a0
f8bc056863389d7db268368a9af82f7471b5e446
ed98b300c36a2df8e2b55a873d757fa7d7a6000b2bff6bba74c2e38db631422b

HTTP Headers

GET /css/style.css HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 02 Dec 2024 03:40:26 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BXZaTK55cP4W7nMgjaRqyeBsQBQ41sPvGlklJjQs3%2B5Z0lNnp9QUmhuwnceSWMa%2F2Ux9OQqFC6rNfEemzD9qWMVMV7l6LDXW"}]}
age: 1543
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
etag: W/"667f-628414f30eb05"
content-encoding: br
cf-ray: 94fd001348beb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bigwarp.cc/js/localstorage-slim.js

104.22.57.130

200 OK

2.1 kB

URL GET
bigwarp.cc/js/localstorage-slim.js
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
JavaScript source, ASCII text, with very long lines (2063)
Size
2.1 kB (2064 bytes)
Hash
ba6facacb00551830393d637195804cf
77d2d2802ee44767b33a2d679945cc3efa3619cc
41bb37c8133d8e5c128820cfbe03bcbf63ce256bcbd60a1a76143472d8668e38

HTTP Headers

GET /js/localstorage-slim.js HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
content-encoding: br
last-modified: Tue, 18 Feb 2025 05:47:10 GMT
etag: W/"810-62e642c05af16"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5105
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd001289c4568f-OSL
X-Firefox-Spdy: h2

GET a.labadena.com/api/settings/485939

37.27.230.125

200 OK

33 B

URL GET
a.labadena.com/api/settings/485939
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjecta.labadena.com
Fingerprint95:52:FA:DF:EF:05:5E:A0:C0:62:A7:75:51:E5:2D:B7:50:B0:EC:F6
ValidityWed, 14 May 2025 23:28:38 GMT - Tue, 12 Aug 2025 23:28:37 GMT

File type
JSON text data
Size
33 B (33 bytes)
Hash
1be64b6d6652effba7dcf744e90def6a
d9fbc7d1fa49fa4733f90a3739882d63972c2352
72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f

HTTP Headers

GET /api/settings/485939 HTTP/1.1
Host: a.labadena.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

POST p2yn.com/5/9270404/?oo=1&js_build=iclick-v1.1458.0&dmn=paupsoborofoow.net&tt=2&ix=0

139.45.195.12

204 No Content

0 B

URL POST
p2yn.com/5/9270404/?oo=1&js_build=iclick-v1.1458.0&dmn=paupsoborofoow.net&tt=2&ix=0
IP
139.45.195.12:443
ASN
#9002 RETN Limited

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectp2yn.com
Fingerprint41:DF:44:91:8F:FF:ED:B1:15:DC:67:CC:7C:9F:5F:DA:C7:F0:61:F8
ValidityTue, 22 Apr 2025 14:26:15 GMT - Mon, 21 Jul 2025 14:26:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/9270404/?oo=1&js_build=iclick-v1.1458.0&dmn=paupsoborofoow.net&tt=2&ix=0 HTTP/1.1
Host: p2yn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2595
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 14 Jun 2025 21:42:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://bigwarp.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET kit.fontawesome.com/d45e7e578e.js

172.64.147.188

403 Forbidden

9 B

URL GET
kit.fontawesome.com/d45e7e578e.js
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectfontawesome.com
FingerprintB6:27:5D:7E:5E:68:5C:A4:3C:22:27:23:51:CC:9A:5C:3A:7A:AF:0D
ValidityMon, 28 Apr 2025 18:51:58 GMT - Sun, 27 Jul 2025 19:51:56 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /d45e7e578e.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 14 Jun 2025 21:42:55 GMT
content-length: 9
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
x-request-id: GEkGxXYz_ZZnhAzfZaOh
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd00138bff1c02-OSL
X-Firefox-Spdy: h2

GET fv.yotedroumy.com/rXiQghXYYZVhXX/113763

23.109.170.227

200 OK

5 B

URL GET
fv.yotedroumy.com/rXiQghXYYZVhXX/113763
IP
23.109.170.227:443
ASN
#7979 SERVERS-COM

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectfv.yotedroumy.com
Fingerprint42:4C:2F:0F:14:1D:B0:C5:B5:18:3A:D4:D6:F7:58:05:66:8D:33:D5
ValidityThu, 12 Jun 2025 07:26:42 GMT - Wed, 10 Sep 2025 07:26:41 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rXiQghXYYZVhXX/113763 HTTP/1.1
Host: fv.yotedroumy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jun 2025 21:42:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bigwarp.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sun, 15-Jun-2025 21:42:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 15-Jun-2025 21:42:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:31 GMT
etag: W/"6849a49b-6c7"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:55 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET 6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.52

504 Gateway Timeout

167 B

URL GET
6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject6a60528789.b70a8e5392.com
FingerprintCA:FD:62:3A:8B:4A:2B:1E:A1:A4:2F:E1:AA:BE:51:D4:FF:DC:33:05
ValidityWed, 11 Jun 2025 02:48:00 GMT - Tue, 09 Sep 2025 02:47:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1497d0002c6288efdf23f0baf9e9429e
607594e78f5a20345e1b72ad8db97d5039476ae5
7fe9f464a87c85ce3f84da95921cb55d3c75875cd9bc098cb68f36d8da0b12c6

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMzEyOTMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 6a60528789.b70a8e5392.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
server: nginx/1.26.2
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html; charset=utf-8
content-length: 167
x-cdn-host-id: ah1747
X-Firefox-Spdy: h2

GET fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917

109.202.99.162

206 Partial Content

5.2 MB

URL GET
fs54.bigwarp.io/v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917
IP
109.202.99.162:443
ASN
#49453 Global Layer B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subject*.bigwarp.io
FingerprintEC:99:21:1B:92:CE:90:96:2D:67:60:8B:EF:10:DC:48:73:FA:65:44
ValidityFri, 01 Nov 2024 08:00:08 GMT - Wed, 03 Dec 2025 08:00:07 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
5.2 MB (5242538 bytes)
Hash
cf28c7641040785bd520d3196b5eeaaa
c1ba839b7b7bd95ee6a4292cfd3a3281a5f9c149
82032a7eda15815b6b14252a8f21cfbcde7bc43c0b7f8497894f1feaae542a25

HTTP Headers

GET /v/01/00552/m4pd6vdrgaj3_x/x.mp4?t=rzT69eeImcJ4ygksEbDSH6ehAwEDHhZBr4pNQdwyAQk&s=1749937374&e=43200&f=2762122&sp=1000&i=0.0&kmnr=590872917 HTTP/1.1
Host: fs54.bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 14 Jun 2025 21:40:34 GMT
Content-Type: video/mp4
Content-Length: 886521830
Last-Modified: Fri, 13 Jun 2025 22:06:58 GMT
Connection: keep-alive
ETag: "684ca102-34d73fe6"
Access-Control-Allow-Origin: *
Content-disposition: attachment
Content-Range: bytes 0-886521829/886521830

GET www.googletagmanager.com/gtag/js?id=G-90ZFH1V4FM

142.250.74.136

200 OK

400 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-90ZFH1V4FM
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT

File type
JavaScript source, ASCII text, with very long lines (6004)
Size
400 kB (399589 bytes)
Hash
9852ccd53593829cc362446e3dc5c095
6db9628133266e831a17041de67ff2fef8f3117c
d3d6917eadaa2d931ab422234382a3ae941ea0f2b027a34f8154d3590d2c57dc

HTTP Headers

GET /gtag/js?id=G-90ZFH1V4FM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jun 2025 21:42:55 GMT
expires: Sat, 14 Jun 2025 21:42:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 132756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

79 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
79 kB (78743 bytes)
Hash
0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Sat, 14 Jun 2025 21:42:55 GMT
age: 3325943
x-served-by: cache-fra-eddf8230080-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21528
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

126 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
126 kB (125514 bytes)
Hash
9b471c965261c33628f414b8a4b62306
a86ea9fba3f3215484d84330fb4fc0f46570ab0f
9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:36 GMT
etag: W/"6849a4a0-1ea4a"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:56 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

POST fp.metricswpsh.com/fp?tag_id=316247

157.90.84.242

200 OK

60 B

URL POST
fp.metricswpsh.com/fp?tag_id=316247
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
60 B (60 bytes)
Hash
c299c16d2a75cca379ee02b91ce3946e
e58df1b020a6bf0ac909bb601940a3f923411092
8bf0b1b1c9dafd5f12dc26bba4b403182bd063cf26ac422af22352a06e83819e

HTTP Headers

POST /fp?tag_id=316247 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1977
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bigwarp.cc
Set-Cookie: id=6860196589866170590; Expires=Sun, 14 Jun 2026 21:43:02 GMT; Secure; SameSite=None
Vary: Origin

GET bigwarp.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.22.57.130

302 Found

10 kB

URL GET
bigwarp.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type

Size
10 kB (10042 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=1; _ga_90ZFH1V4FM=GS2.1.s1749937375$o1$g0$t1749937375$j60$l0$h0; _ga=GA1.1.538608489.1749937376; file_id=2762122; aff=3520
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 14 Jun 2025 21:42:56 GMT
content-length: 0
cf-ray: 94fd0019da09568f-OSL
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/f9574c83b4d7/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET bigwarp.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/f9574c83b4d7/main.js?

104.22.57.130

200 OK

10 kB

URL GET
bigwarp.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/f9574c83b4d7/main.js?
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
JavaScript source, ASCII text, with very long lines (10042), with no line terminators
Size
10 kB (10042 bytes)
Hash
3c09312de1ff4b5110232a012b54376a
f56b116e6dbb71a061ebd9e0c3eed308b003a284
18fd45be0dca7c5f4569315cd75602fdef001c1b76ef9facf635226bbecdedb9

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/f9574c83b4d7/main.js? HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=1; _ga_90ZFH1V4FM=GS2.1.s1749937375$o1$g0$t1749937375$j60$l0$h0; _ga=GA1.1.538608489.1749937376; file_id=2762122; aff=3520; ads=-1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd001e6fa7568f-OSL
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:31 GMT
etag: W/"6849a49b-6c7"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:56 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jun 2025 20:17:34 GMT
expires: Thu, 11 Jun 2026 20:17:34 GMT
cache-control: public, max-age=31536000
age: 264322
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

88.198.204.166

200 OK

0 B

URL GET
metricswpsh.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
88.198.204.166:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 14 Jun 2025 21:43:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

POST dd8add5afa.3c0448ff06.com/in/multy

116.202.249.56

200 OK

70 kB

URL POST
dd8add5afa.3c0448ff06.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type
JSON text data
Size
70 kB (70503 bytes)
Hash
4478184effd4182d3644bec016543c4a
7e6636d5029dccfab435cb59773d5cbca8f08af9
8f3f916a1327df0c0ebe0b5edfdf03b3f6270ddcd4e767ff0e9bf476b6930f0a

HTTP Headers

POST /in/multy HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2219
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: application/json
content-length: 6905
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 10:26:17 GMT
expires: Fri, 12 Jun 2026 10:26:17 GMT
cache-control: public, max-age=31536000
age: 213399
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST p2yn.com/5/9136593/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0

139.45.195.12

204 No Content

0 B

URL POST
p2yn.com/5/9136593/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0
IP
139.45.195.12:443
ASN
#9002 RETN Limited

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectp2yn.com
Fingerprint41:DF:44:91:8F:FF:ED:B1:15:DC:67:CC:7C:9F:5F:DA:C7:F0:61:F8
ValidityTue, 22 Apr 2025 14:26:15 GMT - Mon, 21 Jul 2025 14:26:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/9136593/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0 HTTP/1.1
Host: p2yn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2595
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 14 Jun 2025 21:42:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://bigwarp.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET 6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.52

504 Gateway Timeout

167 B

URL GET
6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject6a60528789.b70a8e5392.com
FingerprintCA:FD:62:3A:8B:4A:2B:1E:A1:A4:2F:E1:AA:BE:51:D4:FF:DC:33:05
ValidityWed, 11 Jun 2025 02:48:00 GMT - Tue, 09 Sep 2025 02:47:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1497d0002c6288efdf23f0baf9e9429e
607594e78f5a20345e1b72ad8db97d5039476ae5
7fe9f464a87c85ce3f84da95921cb55d3c75875cd9bc098cb68f36d8da0b12c6

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTYyNDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45MSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 6a60528789.b70a8e5392.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
server: nginx/1.26.2
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html; charset=utf-8
content-length: 167
x-cdn-host-id: ah1747
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

126 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
126 kB (125514 bytes)
Hash
9b471c965261c33628f414b8a4b62306
a86ea9fba3f3215484d84330fb4fc0f46570ab0f
9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:36 GMT
etag: W/"6849a4a0-1ea4a"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:56 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

POST p2yn.com/5/8891209/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0

139.45.195.12

204 No Content

0 B

URL POST
p2yn.com/5/8891209/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0
IP
139.45.195.12:443
ASN
#9002 RETN Limited

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectp2yn.com
Fingerprint41:DF:44:91:8F:FF:ED:B1:15:DC:67:CC:7C:9F:5F:DA:C7:F0:61:F8
ValidityTue, 22 Apr 2025 14:26:15 GMT - Mon, 21 Jul 2025 14:26:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /5/8891209/?oo=1&js_build=iclick-v1.1458.0&dmn=bvtpk.com&tt=2&ix=0 HTTP/1.1
Host: p2yn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2595
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Sat, 14 Jun 2025 21:43:01 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://bigwarp.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintAB:89:C2:3D:3B:E4:DD:0A:32:44:EC:41:65:9E:53:44:11:61:AB:F3
ValiditySun, 04 May 2025 05:28:22 GMT - Sat, 02 Aug 2025 06:26:59 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wL5zi5oW4j6NBb9nUGsu3A0mWpBKOCde7WQ7ciqkbXd4cnakbomzvxuX2oF18%2BLK4pyZcHOC8kq7jCHwFWTMuZjXk38JaVilmew4h544QerTp%2B436g%3D%3D"}]}
vary: Accept-Encoding
x-request-id: cc41f4e92526bfdf6586b1a9741cebe6
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94fd003e3ea3b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST dd8add5afa.3c0448ff06.com/in/multy

116.202.249.56

200 OK

56 kB

URL POST
dd8add5afa.3c0448ff06.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type
JSON text data
Size
56 kB (55694 bytes)
Hash
0c9a4a142b87b22968756b485c36c070
b13c65504958bc0b9f1f2ee99f0f6ef5f4d106f9
87ac66246586c7010e72b2f92fb1f372a7b74afefc7b1d1b753df09278189776

HTTP Headers

POST /in/multy HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2222
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: application/json
content-length: 6284
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

GET cdn.tapioni.com/asg_embed.js

104.22.39.71

200 OK

248 kB

URL GET
cdn.tapioni.com/asg_embed.js
IP
104.22.39.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectcdn.tapioni.com
Fingerprint9D:5E:8D:89:3F:44:95:41:D4:6B:BF:25:E3:95:5E:B8:BE:81:F7:17
ValidityThu, 22 May 2025 00:42:30 GMT - Wed, 20 Aug 2025 01:42:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
248 kB (247835 bytes)
Hash
d21cc54c55f74c347f0e22ea516d1594
d997d3b1583de52b0f116419679e17d8d53bcac3
6ea5019aa17b8666e68c050669100296404df8f2b1e21defe01ed284c10901d2

HTTP Headers

GET /asg_embed.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
content-length: 79343
cf-ray: 94fd0013cb3f92d6-CPH
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-135ef"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 580477
accept-ranges: bytes
server: cloudflare
X-Firefox-Spdy: h2

GET bigwarp.cc/images/fb.png

104.22.57.130

200 OK

10 kB

URL GET
bigwarp.cc/images/fb.png
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced
Size
10 kB (10085 bytes)
Hash
1557edbf07f781a763a86062b4a9660b
7bea5704167381e92158d3a1a87f086785877869
40b483167ec64e8b84ed213bbf232eff2ff605efb8dd63b01e821ea116869562

HTTP Headers

GET /images/fb.png HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: image/png
content-length: 10085
cf-ray: 94fd001299d1568f-OSL
last-modified: Fri, 08 Nov 2024 12:52:07 GMT
etag: "2765-6266637f49fb5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2907
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintAB:89:C2:3D:3B:E4:DD:0A:32:44:EC:41:65:9E:53:44:11:61:AB:F3
ValiditySun, 04 May 2025 05:28:22 GMT - Sat, 02 Aug 2025 06:26:59 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YKBsw28zarYREutARQ9DXn4oBZqgv9OjI5NsEW3fwMQcrQRweR%2FFEtKEIZ1UvfoLqiA6WQFoJAs3qaB2i49FRpEOiEqL023fna633oW1T0npkbHIfw%3D%3D"}]}
vary: Accept-Encoding
x-request-id: f3be4777a7d644a375b31c7f90b3323f
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94fd003dce27b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.24

200 OK

486 B

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint81:A4:C6:88:C3:3E:D5:D5:E5:AB:E3:D3:AC:1A:1F:DE:B8:17:28:C6
ValidityFri, 30 May 2025 02:32:38 GMT - Thu, 28 Aug 2025 02:32:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Sun, 14 Jun 2026 21:43:04 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

OPTIONS dd8add5afa.3c0448ff06.com/in/multy

116.202.249.56

204 No Content

0 B

URL OPTIONS
dd8add5afa.3c0448ff06.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bigwarp.cc/
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET bigwarp.io/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http

104.21.32.1

200 OK

38 B

URL GET
bigwarp.io/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
ASCII text, with CRLF line terminators
Size
38 B (38 bytes)
Hash
99eccae6afa72c589ae54b5c3890282a
0f102f8f5b556635de65d16cf70fa8269c6761b4
b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3

HTTP Headers

GET /js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 18 Feb 2025 05:47:10 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XFBQj3%2Bg8Nb%2F%2B6bZyg3uzEO9mfIl7V%2FfrCkfTP8LrP%2Frlup%2FYF8maP4iqRbJoDwNZmxUbusFahRt8VUKOHwM52DpMA2PtNRi"}]}
age: 6265
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"26-62e642c04ad46"
content-encoding: br
cf-ray: 94fd0012d83ab503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bigwarp.cc/images/tw.png

104.22.57.130

200 OK

11 kB

URL GET
bigwarp.cc/images/tw.png
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced
Size
11 kB (10640 bytes)
Hash
e7ca3cd68fbaa91477f4d22e409ac7fd
fe7840ed607e0badf3611c4b031b7eeb7ff5dd09
0f76b064bec09d273d406828189447e7220039e66f886858b7a8b6ebb4310871

HTTP Headers

GET /images/tw.png HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: image/png
content-length: 10640
cf-ray: 94fd0012b9f3568f-OSL
last-modified: Fri, 08 Nov 2024 12:52:09 GMT
etag: "2990-62666380d7793"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET kit.fontawesome.com/d45e7e578e.js

172.64.147.188

403 Forbidden

9 B

URL GET
kit.fontawesome.com/d45e7e578e.js
IP
172.64.147.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectfontawesome.com
FingerprintB6:27:5D:7E:5E:68:5C:A4:3C:22:27:23:51:CC:9A:5C:3A:7A:AF:0D
ValidityMon, 28 Apr 2025 18:51:58 GMT - Sun, 27 Jul 2025 19:51:56 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /d45e7e578e.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sat, 14 Jun 2025 21:42:55 GMT
content-length: 9
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
x-request-id: GEkGxY0SuL4j5gA7W0AC
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd0015de8d1c02-OSL
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:31 GMT
etag: W/"6849a49b-6c7"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:56 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

126 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
126 kB (125514 bytes)
Hash
9b471c965261c33628f414b8a4b62306
a86ea9fba3f3215484d84330fb4fc0f46570ab0f
9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:36 GMT
etag: W/"6849a4a0-1ea4a"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:47:56 GMT
cache-control: max-age=300
x-cdn-host-id: ds8137
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET cdn.tapioni.com/adgpt.js

104.22.39.71

200 OK

2.4 kB

URL GET
cdn.tapioni.com/adgpt.js
IP
104.22.39.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectcdn.tapioni.com
Fingerprint9D:5E:8D:89:3F:44:95:41:D4:6B:BF:25:E3:95:5E:B8:BE:81:F7:17
ValidityThu, 22 May 2025 00:42:30 GMT - Wed, 20 Aug 2025 01:42:27 GMT

File type
ASCII text, with very long lines (2391), with no line terminators
Size
2.4 kB (2391 bytes)
Hash
c8353a641602ac900bafa496ff76e18c
3ac832327c6f7e906d569b0f19180171f6da53ba
03f32871a596ccf145436c0c232c51ea74b2267a747edcd0f7a1eeb5828ca676

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
content-length: 879
cf-ray: 94fd00195eb992d6-CPH
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-36f"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 152076
accept-ranges: bytes
server: cloudflare
X-Firefox-Spdy: h2

GET static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.24

200 OK

486 B

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint81:A4:C6:88:C3:3E:D5:D5:E5:AB:E3:D3:AC:1A:1F:DE:B8:17:28:C6
ValidityFri, 30 May 2025 02:32:38 GMT - Thu, 28 Aug 2025 02:32:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:04 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Sun, 14 Jun 2026 21:43:04 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bigwarp.cc/images/logo.png

104.22.57.130

200 OK

17 kB

URL GET
bigwarp.cc/images/logo.png
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
PNG image data, 247 x 62, 8-bit/color RGBA, non-interlaced
Size
17 kB (17253 bytes)
Hash
d5dec15784b5aa1dfd5718cd21eae2fc
84a606952ab1b265d97a194756cbb2077c1e8212
c597e928e2774d70b4ae023f24c60a74c84978fe849237c1d068e3681975091e

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: image/png
content-length: 17253
cf-ray: 94fd0012799e568f-OSL
last-modified: Wed, 06 Nov 2024 13:15:58 GMT
etag: "4365-6263e518e961c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET bigwarp.io/player/jw8/jwplayer.js?v=

104.21.32.1

200 OK

111 kB

URL GET
bigwarp.io/player/jw8/jwplayer.js?v=
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65511)
Size
111 kB (111437 bytes)
Hash
fab72a04bc5627827387920f8233e0ed
ce828999c9c484b695453d20288c60bf4d4656f3
8aff839038af9a3af6377929713746739fbd2b7b8d72120f9424eb2d33f83b0e

HTTP Headers

GET /player/jw8/jwplayer.js?v= HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 25 Mar 2024 19:00:12 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=p62Z8Gk1hgQ%2BTe%2FWt4ME7vQ5ujezQcT1Q8cYpuS8pe7lXaF4IJTri02EZe1OG6T0egcrHX2f7YzxXyK7wUJIkD83vkcdkmfZ"}]}
age: 1739
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"1b34d-61480c878e700"
content-encoding: br
cf-ray: 94fd0012d837b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET paupsoborofoow.net/tag.min.js

188.114.96.1

200 OK

108 kB

URL GET
paupsoborofoow.net/tag.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectpaupsoborofoow.net
FingerprintE4:98:19:34:F3:75:37:84:9E:70:EF:20:BD:43:93:9E:10:D7:E6:96
ValidityFri, 30 May 2025 03:50:02 GMT - Thu, 28 Aug 2025 04:48:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107698 bytes)
Hash
ac22f7fe3727ed8c58365efeb7b79ca8
d9553961a8d9f7f790e8514837ef12cca9e54a68
42722d5d4ef8c44458fbc4159984b238e5f1338d254dca4ac70a35ebbbd3b682

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: paupsoborofoow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-trace-id: fb373b8b15ba67736f1e6d59cb86e183
cache-control: public, max-age=600, s-maxage=1800
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
age: 205
cf-cache-status: HIT
last-modified: Sat, 14 Jun 2025 21:39:30 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3MYLzX1MN84lvAN3lj%2BTqOOV5XNE7lRypaL%2F66tONCj6phte9Jp9RygZlBoFViTi1CiMezw%2FvGr%2BqEsgjzNegCYhX7fr5HLN4b1Ri7ZT%2FuY%3D"}]}
cf-ray: 94fd00183d54569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST fp.metricswpsh.com/fp?tag_id=311007

157.90.84.242

200 OK

60 B

URL POST
fp.metricswpsh.com/fp?tag_id=311007
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
60 B (60 bytes)
Hash
c299c16d2a75cca379ee02b91ce3946e
e58df1b020a6bf0ac909bb601940a3f923411092
8bf0b1b1c9dafd5f12dc26bba4b403182bd063cf26ac422af22352a06e83819e

HTTP Headers

POST /fp?tag_id=311007 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1977
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bigwarp.cc
Set-Cookie: id=17401349153377441856; Expires=Sun, 14 Jun 2026 21:43:02 GMT; Secure; SameSite=None
Vary: Origin

GET js.wpushsdk.com/skins/nmain.m.js

45.133.44.53

200 OK

563 kB

URL GET
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint0A:DC:0B:A8:1A:A8:C8:90:9C:96:FF:5B:B2:8B:1F:6D:1A:05:B2:B7
ValidityTue, 06 May 2025 02:34:10 GMT - Mon, 04 Aug 2025 02:34:09 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
563 kB (563174 bytes)
Hash
3d4ee325f19c0951e0ab86f5cd9118b8
ce0adbde45021d0f3c59cbda3baecb002e322212
f394d1d0e141183d0de5f7a931f2640f275f5e39a4c5728f9ec1722abe8351f7

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 06 Jun 2025 08:22:47 GMT
etag: W/"6842a557-897e6"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:48:03 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET bigwarp.io/js/jquery.min.js

104.21.32.1

200 OK

90 kB

URL GET
bigwarp.io/js/jquery.min.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 02 Mar 2021 23:27:20 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZSPf8GrtOaUXLZtbQPlIpoxTMJw0ccNQWuacK7SwHxGsbUESTTJfjtfUvuo9GRahT98ghFNcKDdw%2F8ZYxrkTwzDEmQ2nqIFF"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
etag: W/"15d9d-5bc9613642600"
content-encoding: br
cf-ray: 94fd001328a4b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET bigwarp.io/js/xupload.js?

104.21.32.1

200 OK

11 kB

URL GET
bigwarp.io/js/xupload.js?
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.io
Fingerprint4B:55:B1:27:7A:B9:F6:FC:1B:95:40:87:EC:F8:A9:19:18:29:01:F2
ValidityWed, 23 Apr 2025 21:26:54 GMT - Tue, 22 Jul 2025 22:24:28 GMT

File type
JavaScript source, ASCII text
Size
11 kB (10790 bytes)
Hash
e7cb7dae1da48c74b41563b936111f97
bda176bc9fd4060d50006cd31d8c25453362db70
590c624e3400ed1e344d5c44f184356937d2704917289340ec5b099d35d5b9e8

HTTP Headers

GET /js/xupload.js? HTTP/1.1
Host: bigwarp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 02 Dec 2024 06:00:36 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BOAhmrsr1WNffCdUNQWp%2FZ%2FY5aOJ0WVUOJlajFE0gN7IT7W6P3Z7jMK7IQ3c1MQCd6Bwc63x6rPhTb%2F6vYG5TwCn7A0dwGp1"}]}
age: 3871
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"2a26-6284344789295"
content-encoding: br
cf-ray: 94fd0013289eb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 14 Jun 2025 21:47:57 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.52

504 Gateway Timeout

167 B

URL GET
6a60528789.b70a8e5392.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject6a60528789.b70a8e5392.com
FingerprintCA:FD:62:3A:8B:4A:2B:1E:A1:A4:2F:E1:AA:BE:51:D4:FF:DC:33:05
ValidityWed, 11 Jun 2025 02:48:00 GMT - Tue, 09 Sep 2025 02:47:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1497d0002c6288efdf23f0baf9e9429e
607594e78f5a20345e1b72ad8db97d5039476ae5
7fe9f464a87c85ce3f84da95921cb55d3c75875cd9bc098cb68f36d8da0b12c6

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTMzNzQ5ODkzMjEzMTMxNjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMTEwMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6NC45NiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 6a60528789.b70a8e5392.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
server: nginx/1.26.2
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: text/html; charset=utf-8
content-length: 167
x-cdn-host-id: ah1747
X-Firefox-Spdy: h2

GET bigwarp.cc/images/logo-f.png

104.22.57.130

200 OK

12 kB

URL GET
bigwarp.cc/images/logo-f.png
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
PNG image data, 247 x 62, 8-bit/color RGBA, non-interlaced
Size
12 kB (11624 bytes)
Hash
eb1179e2b4b03809ff88c6976b9ec2ef
8b8698be27aa56e83b914e05145bb24fcb4f7916
5c573ecf8c5abc455fdb5999bf2767c9ee91808297a424a6c75065597345d679

HTTP Headers

GET /images/logo-f.png HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:55 GMT
content-type: image/png
content-length: 11624
cf-ray: 94fd001289c8568f-OSL
last-modified: Thu, 07 Nov 2024 17:06:08 GMT
etag: "2d68-62655a6853a2e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

GET bigwarp.cc/favicon.ico

104.22.57.130

200 OK

15 kB

URL GET
bigwarp.cc/favicon.ico
IP
104.22.57.130:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerGoogle Trust Services
Subjectbigwarp.cc
Fingerprint25:D0:2A:C3:FB:AC:14:46:16:2A:D9:73:BB:FC:62:87:54:A1:14:25
ValiditySun, 04 May 2025 10:58:14 GMT - Sat, 02 Aug 2025 11:56:51 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
2b6c5cb8a2dd74e3d1e8afc9e19f3fe9
fd0953f9aaccca53ff0a314df4f8211afe2a54c7
b75617ebb48aa27e8968507e313cca11fc8aaf6932c6f2374d749f714cae2ad7

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bigwarp.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/m4pd6vdrgaj3
Cookie: lang=1; _ga_90ZFH1V4FM=GS2.1.s1749937375$o1$g0$t1749937375$j60$l0$h0; _ga=GA1.1.538608489.1749937376; file_id=2762122; aff=3520; ads=-1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:56 GMT
content-type: image/vnd.microsoft.icon
content-encoding: br
last-modified: Fri, 22 Nov 2024 13:54:20 GMT
etag: W/"3c2e-62780b8380316"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5417
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fd001c3d0b568f-OSL
X-Firefox-Spdy: h2

POST fp.metricswpsh.com/fp?tag_id=331293

157.90.84.242

200 OK

60 B

URL POST
fp.metricswpsh.com/fp?tag_id=331293
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
60 B (60 bytes)
Hash
c299c16d2a75cca379ee02b91ce3946e
e58df1b020a6bf0ac909bb601940a3f923411092
8bf0b1b1c9dafd5f12dc26bba4b403182bd063cf26ac422af22352a06e83819e

HTTP Headers

POST /fp?tag_id=331293 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1977
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jun 2025 21:43:02 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bigwarp.cc
Set-Cookie: id=17402945945206352551; Expires=Sun, 14 Jun 2026 21:43:02 GMT; Secure; SameSite=None
Vary: Origin

GET dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=UbgDNbWD-e8aBHpsOBpS3663YreTbPLtu8bY5iLhofyCMcAjl2t0MOF27x74bDMuWjA_MugtfL6WI9rKc-iVWnXWa_L2g-RvzFSuZfJRtTlQ8d431Wu0iC5UfajDfluPHIi0z6sgF05gojugBHqcFZfv4pnaaxZLvN4UFWTX44oU-aujkw&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.011281135469120853&px_id=2640385&min_cpm=9.326422862678614e-05&out_id=0&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,150,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&cpa=5fb142bb-e079-44b0-87b4-ea86e80e256e&prev_step_diff=592&st=0.12

116.202.249.56

200 OK

0 B

URL GET
dd8add5afa.3c0448ff06.com/in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=UbgDNbWD-e8aBHpsOBpS3663YreTbPLtu8bY5iLhofyCMcAjl2t0MOF27x74bDMuWjA_MugtfL6WI9rKc-iVWnXWa_L2g-RvzFSuZfJRtTlQ8d431Wu0iC5UfajDfluPHIi0z6sgF05gojugBHqcFZfv4pnaaxZLvN4UFWTX44oU-aujkw&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.011281135469120853&px_id=2640385&min_cpm=9.326422862678614e-05&out_id=0&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,150,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&cpa=5fb142bb-e079-44b0-87b4-ea86e80e256e&prev_step_diff=592&st=0.12
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subject3c0448ff06.com
FingerprintF2:0E:93:47:70:73:4A:B8:C7:EC:B4:74:81:E8:F5:43:58:60:6D:11
ValidityTue, 10 Jun 2025 14:04:21 GMT - Mon, 08 Sep 2025 14:04:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=b&site_id=311443740&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3963&page=https%3A%2F%2Fbigwarp.cc%2Fm4pd6vdrgaj3&refdom=bigwarp.cc&auction_time=1749937384&subid=143754272&sid=39063987&tcid=0&ver=8.232.0&ver_c=&spot_id=1443740&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-06-14&iabcat=IAB25-3&user_fp=9807773637070159093&score=97.4866374782516&kubik_score=91.85912288222227&kaminari_bot_ip=1&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D143754272%26spot_id%3D1443740%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fbigwarp.cc%252Fm4pd6vdrgaj3%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=popunderAd&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfGh0dHBzOi8vZmxpcnRpby5jbHViL2NsaWNrP2tleT01NDkxJnRhZz1vcmRkTkhkTEhUUEhOVlM0QVNPcW9xb21wcmROTlRSVE5YVE82VnpyclhVek9vZFRLNlYwcnBYVDFVVTB1b21yb3B0bGRSTlZOWFBZNlYwenBYU3VsZEs2WjBycFhUT3IyMDNtM3FtbHIxcnUwcGxxbTNsbzNyczRybm5sMHM0ZHR0Um5aTnhQVmJSWGJkcE54UkxiWE5YTHZuUlBUUlZLNmFtaXlxbWV5ZDJuZktjeUNqMTFjNTA4cnBYU3VsZEs2VjBycFhTdW1zcHV1b3NvdHBjNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwcmlHMGozVUhYN3ZYMlBVUDduT2RiblZMUmJ4cnB2cHZyWlhMTnBuVFBUTG5YTFRieHROVzRQc0EtJmNvc3Q9MC4wMDE1JnNvdXJjZT1wb3JubGF1bmRyeS5jb20mdmFyaWQ9MTE0MzQxNjQyJmNhbXBpZD03NTE4MDI0JnNpdGVpZD05Nzg0NDYmem9uZWlkPTUzNTMxNDYmY2F0aWQ9OTgmY291bnRyeT1OT1ImZm9ybWF0PSZlbWFpbF9lbmNvZGVkPSZhZ2U9e2FnZX18aHR0cHN8OTEuOTAuNDIuMTU0fE5PUnw0MXxwb3JubGF1bmRyeS5jb218OTIyOTg0fDY2NjE3M3w5Nzg0NDZ8NTM1MzE0Nnw5OHw3NTE4MDI0fDExNDM0MTY0Mnw0MHwzfDB8MHwyNTM0NHwxNDM3NTQyNzJ8MTUwfDcwfEVVUnxVU0R8MC44NzU4fDF8MjJ8fDF8Tk9SfHwyMHw0fDF8fDZkYmUxZTUxMDZjNjliNDA1MWUwM2U2N2Y2MjIwYjdmfGRkM2E3MWYyNTgzNjg5YjFmMzA4NjE2MGVhMzI0MzUwfDF8MHxiaWd3YXJwLmNjfDB8MHwwfDAuMDl8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDMxNjM0ODB8LTF8MHwzMTUxNjI3fHx8MnwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8NzIwfDd8MHwyfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDB8MnwwLjV8MC4wMTQyNzU3NjIyODU3MTR8MS41fDF8MHwwfHJ0Yi5leG9jbGljay5jb218fHx8MC4yMXxPS3w0NzMzODI2ZDM3M2E0OGQ1MWRjMzIzNDY5MjM0NDE5MQ--%26bs%3DTVRjME9Ua3pOek00Tkh3NFlqVmhPREU1WXpjd1lqQm1OV1V3TTJNNU5qTTJZV00xT0dJM1lXRmlaUS0tfDR8MS40Mjc1NzYyMjg1NzE0fDE1MHwxNTB8MHxPS3wyOGZjZDIzMzE2MDhiMTZjOThlNjgzZmI4MWFiOWJjMg--%26cb%3De2e_684dece82c2bf5.00974906&icons=UbgDNbWD-e8aBHpsOBpS3663YreTbPLtu8bY5iLhofyCMcAjl2t0MOF27x74bDMuWjA_MugtfL6WI9rKc-iVWnXWa_L2g-RvzFSuZfJRtTlQ8d431Wu0iC5UfajDfluPHIi0z6sgF05gojugBHqcFZfv4pnaaxZLvN4UFWTX44oU-aujkw&ext_cid=7518024&pop_price=0.001058632008&pop_ecpm=0.011281135469120853&px_id=2640385&min_cpm=9.326422862678614e-05&out_id=0&campaign_type=lq-pop-ext&aid=2140&cid=18741&uniq=&mid=7927906304664025639&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.058632008&cpm=1.058632008&verify_hash=9c231a87df6ce41c447fbdebb7906831&verify_hash_v2=2c8ac0eda6127b419e161674d0a6c11a33b5d861173058194526f2ca6e50bbdc&is_native=3&real_bid=1.058632008&pop_real_cpm=0.91959&pop_real_bid=0.001058632008&original_bid_usd=1.058632008&original_bid=0.91959&show_type=0&exp=0&placement_type_id=325&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=27,108,0,4,150,20&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0&hostname=auc-inpage-hz-12-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.001058632008&ext_campaign_id_str=7518024&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=hash&script_type=general&tma_wallet_balance=0&processed_keywords=bigass%2Canal%2Cdap&is_iframe=0&traffic_category=adult&iframe_click=0&tmp_fix=tmp_fix&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&cpa=5fb142bb-e079-44b0-87b4-ea86e80e256e&prev_step_diff=592&st=0.12 HTTP/1.1
Host: dd8add5afa.3c0448ff06.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:04 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

GET js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:42:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 14 Jun 2025 21:47:57 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET js.capndr.com/popunder-admanager/build.m.js

45.133.44.52

200 OK

116 kB

URL GET
js.capndr.com/popunder-admanager/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
116 kB (115759 bytes)
Hash
642fd0829c87a4f706cd35f3847ea507
6f1d828be4af0608aa3ea4464afef45a61c1bf55
6338e1bfeed427a8cea32e5dbab8471c3c9b1a6a91856d31d41949e4a9f05a57

HTTP Headers

GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 14 Jun 2025 21:43:02 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 04 Jun 2025 08:08:19 GMT
etag: W/"683ffef3-1c42f"
content-encoding: gzip
expires: Sat, 14 Jun 2025 21:48:02 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET nereserv.com/in/dip?site=native-push&wl=1&event_id=1cc1679f-4777-42fc-a8dd-ac4380840747&subid=143754272&sid=39063987&spot_id=1443740&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1

116.202.249.56

200 OK

0 B

URL GET
nereserv.com/in/dip?site=native-push&wl=1&event_id=1cc1679f-4777-42fc-a8dd-ac4380840747&subid=143754272&sid=39063987&spot_id=1443740&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bigwarp.cc/m4pd6vdrgaj3
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=1cc1679f-4777-42fc-a8dd-ac4380840747&subid=143754272&sid=39063987&spot_id=1443740&created_at=2025-06-14&timezone=0&ver=8.232.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bigwarp.cc
DNT: 1
Connection: keep-alive
Referer: https://bigwarp.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 14 Jun 2025 21:43:03 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML