Report - i.live.in.your.bathroom.zigboxs.com/

Report Overview

Visited public
2024-12-30 22:51:58
Tags
URL
i.live.in.your.bathroom.zigboxs.com/
Finishing URL
i.live.in.your.bathroom.zigboxs.com/
IP / ASN
66.23.193.126
#400304 REDOUBT-NET
Title
Home

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i.live.in.your.bathroom.zigboxs.com	unknown	2024-02-16	2024-12-30	2024-12-30	5.7 kB	840 kB	66.23.193.126
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-25	375 B	7.1 kB	151.101.193.229
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2024-12-27	462 B	1.6 kB	172.67.170.115
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2024-12-27	3.2 kB	136 kB	188.114.96.1
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-27	700 B	495 B	192.243.59.20
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-25	387 B	111 kB	142.250.74.40
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	2.8 kB	176 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	1.4 kB	31 kB	142.250.74.106
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17	2024-12-26	2.8 kB	289 kB	172.67.139.119
flatjeep.com	unknown	2024-10-11	2024-10-18	2024-12-30	396 B	18 kB	172.240.108.84
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-29	416 B	442 B	18.199.12.245
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-29	365 B	86 kB	185.196.197.72
specificallycries.com	unknown	2024-08-14	2024-12-23	2024-12-30	7.3 kB	14 kB	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-30	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	i.live.in.your.bathroom.zigboxs.com/assets/js/f.js	ScriptElement	11 kB	2024-09-07	2025-03-13
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/js/f.js IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-07 18:39 Last Seen2025-03-13 14:44 Times Seen25 Hash bb81419bd92190b95737345bbbf98937 687ca4aebe87d59bdb1ec0d1cc4c43b6052a04aa ee5edad327a5b8df6f02a91b351a62198488f4758867aaa2a5188210dfcb12cb Loading...

	www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ	ScriptElement	331 kB	2024-12-30	2024-12-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 22:52 Last Seen2024-12-30 22:52 Times Seen1 Hash c1f515d5259249dda696359f677a9e24 5cd549a4453a460db16d3276b3e625c85c678581 48095340431d12ed0b7b71d95ac08a07b9de10895d8be0cfad2cc52a6b34f223 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-06
Pretty URL cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-06 13:06 Times Seen1294 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	unknown	EventHandler	7 B	2024-05-10	2025-03-13
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-05-10 19:18 Last Seen2025-03-13 14:44 Times Seen40 Hash cb3c71c26f8a894861dace72575b0599 7863e4ffaac88f8ba904023e89e379365e4e0f63 2b6ead0dcec18916b4ca63615a2be488de19fddd95882cdb16070c261d973125 Loading...

	cdn.jsdelivr.net/particles.js/2.0.0/	ScriptElement	23 kB	2023-03-07	2025-05-06
Pretty URL cdn.jsdelivr.net/particles.js/2.0.0/ IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2025-05-06 11:40 Times Seen1350 Hash 00debcf6cf0789a19cee2278011afcd4 8017f8b1869077db728573f1ca4684a00af69462 faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6 Loading...

	i.live.in.your.bathroom.zigboxs.com/assets/js/home.js?v=00	ScriptElement	5.5 kB	2024-11-09	2025-02-21
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/js/home.js?v=00 IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-09 01:45 Last Seen2025-02-21 17:35 Times Seen13 Hash 1bc53ee0120a2c9962f39a30bcbf4039 54f92e3fb1f1dbe758bd3190b08dca6b87d42bf8 ddc9091e20ba7ca9c15355902f8283ddb548de03ed6fdb4976691ab6ca0e026b Loading...

	unknown	ScriptElement	6.5 kB	2024-12-12	2025-01-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:14 Last Seen2025-01-02 04:16 Times Seen3 Hash 3683a851ade4c00b98547af131ec945a 2eb6ea2a2d262e1960a6611e0b7190493f5a61c7 d21e141a98279fe147a9cbe94eab837f30a03dd9436bb0fc55b8505fb8191b9c Loading...

	i.live.in.your.bathroom.zigboxs.com/assets/ultra/config.js?v=10-02-2024	ScriptElement	333 B	2024-10-18	2025-03-13
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/ultra/config.js?v=10-02-2024 IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18 15:08 Last Seen2025-03-13 14:44 Times Seen19 Hash f1e825de37a1eb52af22880b1d6ba6e6 5ba4d9054ac825a784d85db5a2366c86565f09af 81c54446144e390dde5355d1a9288fcadc5efcddf5061361a9d8296d7c5a3fcb Loading...

	i.live.in.your.bathroom.zigboxs.com/assets/js/mv.js?v=001	ScriptElement	10 kB	2024-12-30	2025-01-02
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/js/mv.js?v=001 IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 22:52 Last Seen2025-01-02 04:16 Times Seen2 Hash ca8fd6ae94b7ff1d2d6b83790e23af56 4bb30e547602403c1d8683799a926bab92eec2f4 fae28e502c4476b0327f67918addd12c7d63682af2fa9ba6b3d7c607a04b326b Loading...

	i.live.in.your.bathroom.zigboxs.com/	ScriptElement	0 B	0001-01-01	2025-05-07
Pretty URL i.live.in.your.bathroom.zigboxs.com/ IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-07 03:38 Times Seen4622447 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js	ScriptElement	46 kB	2024-12-30	2025-01-02
Pretty URL flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 22:52 Last Seen2025-01-02 04:16 Times Seen2 Hash c64f31d3c5c50832eb556790f4d1c629 ee6bf2a7877fff1c0cc386a7d79ef77277e26cd0 22a220c2f1ce33c33d0fdb944e7f57a84940e18bb60e5d24cee4808f658ed958 Loading...

	i.live.in.your.bathroom.zigboxs.com/assets/js/i.js?v=02	ScriptElement	1.5 kB	2024-10-18	2025-01-03
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/js/i.js?v=02 IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18 15:08 Last Seen2025-01-03 14:04 Times Seen13 Hash ee20561894d0b59e7d0ceb2b7b71b9d2 14d276e78e2dfa151780a834a992a0d4aacd4ef1 5a25daa9a66b774ba50abf4bb7835f7f55c2e7de18241d8f49130a6f5a2c078f Loading...

	i.live.in.your.bathroom.zigboxs.com/assets/ultra/bundle.js?v=10-02-2024	ScriptElement	785 kB	2024-10-18	2025-03-13
Pretty URL i.live.in.your.bathroom.zigboxs.com/assets/ultra/bundle.js?v=10-02-2024 IP 66.23.193.126 ASN #400304 REDOUBT-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-18 15:08 Last Seen2025-03-13 14:44 Times Seen19 Hash d49af33f6b7a28782617a83ee37be786 045118eb56f9dd0f4d75b8f90d92231a8cf56aec 7c3f60a9e2f7a754c784565c2b5dfa3c73d5b6ffb19eecf772d3d5a9249702d0 Loading...

HTTP Transactions (49)

URL IP Response Size

i.live.in.your.bathroom.zigboxs.com/

66.23.193.126

200 OK

2.0 kB

URL User Request GET HTTP/2
i.live.in.your.bathroom.zigboxs.com/
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
HTML document, ASCII text
Size
2.0 kB (2038 bytes)
Hash
b7bca00a268ee952d7cbb9918aee9e3b
d79322ee7be9a5ddb051790858293af4ff374d82
1554f07edbb8129772116ee7f1c46219b8fd2cefc08c18cb113a694ab83b5f6e

HTTP Headers

GET / HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-type: text/html; charset=utf-8
etag: "d6dtn974388h1km"
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
server: Caddy
vary: Accept-Encoding
content-length: 2038
date: Mon, 30 Dec 2024 22:49:40 GMT
X-Firefox-Spdy: h2

cdn.jsdelivr.net/particles.js/2.0.0/

151.101.193.229

200 OK

6.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/particles.js/2.0.0/
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (23002)
Size
6.4 kB (6363 bytes)
Hash
00debcf6cf0789a19cee2278011afcd4
8017f8b1869077db728573f1ca4684a00af69462
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

HTTP Headers

GET /particles.js/2.0.0/ HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
content-encoding: br
accept-ranges: bytes
date: Mon, 30 Dec 2024 22:51:32 GMT
age: 2237397
x-served-by: cache-fra-etou8220098-FRA, cache-hel1410024-HEL
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6363
X-Firefox-Spdy: h2

i.live.in.your.bathroom.zigboxs.com/assets/css/global.css?v=6

66.23.193.126

200 OK

2.7 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/css/global.css?v=6
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
2.7 kB (2663 bytes)
Hash
99408c06fa1dc67e3883f861061b5cc0
2637960c9e64deaf6b87d07365284b6e2e676000
2605547a547e85feafd41ddfa7311354c6c70d5aa5b7e84897940775d0a74a07

HTTP Headers

GET /assets/css/global.css?v=6 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2663
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn95q2tf721z"
content-type: text/css; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes

i.live.in.your.bathroom.zigboxs.com/assets/css/h.css?v=01

66.23.193.126

200 OK

1.9 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/css/h.css?v=01
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
1.9 kB (1949 bytes)
Hash
6fba8fefd8f1e2a9ec011f0253f03b82
958430899f82337522940b9097dba1b1fe921ce3
321102f8bc99fb0427e333eded2188c275754f1274173dcdca31f70a462d091d

HTTP Headers

GET /assets/css/h.css?v=01 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "d6dtn95q2tf71i5"
content-type: text/css; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 1949
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding

i.live.in.your.bathroom.zigboxs.com/assets/css/nav.css?v=01

66.23.193.126

200 OK

3.2 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/css/nav.css?v=01
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
3.2 kB (3245 bytes)
Hash
03347fed64c11415f42714c90d20e5e8
dbcd40ef5d01dfb8ed2aaeec20cda656115db27d
34884878bd94cbdf7848985ca50f644c5c621aa24074dae28d954a3b6e736450

HTTP Headers

GET /assets/css/nav.css?v=01 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-length: 3245
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn95q2tf72i5"
content-type: text/css; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT

i.live.in.your.bathroom.zigboxs.com/assets/js/i.js?v=02

66.23.193.126

200 OK

1.5 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/js/i.js?v=02
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
1.5 kB (1483 bytes)
Hash
ee20561894d0b59e7d0ceb2b7b71b9d2
14d276e78e2dfa151780a834a992a0d4aacd4ef1
5a25daa9a66b774ba50abf4bb7835f7f55c2e7de18241d8f49130a6f5a2c078f

HTTP Headers

GET /assets/js/i.js?v=02 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 1483
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn95x80oi157"

i.live.in.your.bathroom.zigboxs.com/assets/js/home.js?v=00

66.23.193.126

200 OK

5.5 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/js/home.js?v=00
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
5.5 kB (5526 bytes)
Hash
1bc53ee0120a2c9962f39a30bcbf4039
54f92e3fb1f1dbe758bd3190b08dca6b87d42bf8
ddc9091e20ba7ca9c15355902f8283ddb548de03ed6fdb4976691ab6ca0e026b

HTTP Headers

GET /assets/js/home.js?v=00 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
etag: "d6dtn95x80oi49i"
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 5526
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy

i.live.in.your.bathroom.zigboxs.com/assets/ultra/config.js?v=10-02-2024

66.23.193.126

200 OK

333 B

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/ultra/config.js?v=10-02-2024
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
ASCII text
Size
333 B (333 bytes)
Hash
f1e825de37a1eb52af22880b1d6ba6e6
5ba4d9054ac825a784d85db5a2366c86565f09af
81c54446144e390dde5355d1a9288fcadc5efcddf5061361a9d8296d7c5a3fcb

HTTP Headers

GET /assets/ultra/config.js?v=10-02-2024 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: Caddy
vary: Accept-Encoding
etag: "d6dtn974388h99"
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 333
date: Mon, 30 Dec 2024 22:49:40 GMT

www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ

142.250.74.40

200 OK

110 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-WKJQ5QHQTJ
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
110 kB (109905 bytes)
Hash
c1f515d5259249dda696359f677a9e24
5cd549a4453a460db16d3276b3e625c85c678581
48095340431d12ed0b7b71d95ac08a07b9de10895d8be0cfad2cc52a6b34f223

HTTP Headers

GET /gtag/js?id=G-WKJQ5QHQTJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Dec 2024 22:51:32 GMT
expires: Mon, 30 Dec 2024 22:51:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 109905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.live.in.your.bathroom.zigboxs.com/assets/js/mv.js?v=001

66.23.193.126

200 OK

10 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/js/mv.js?v=001
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
Unicode text, UTF-8 text
Size
10 kB (10486 bytes)
Hash
ca8fd6ae94b7ff1d2d6b83790e23af56
4bb30e547602403c1d8683799a926bab92eec2f4
fae28e502c4476b0327f67918addd12c7d63682af2fa9ba6b3d7c607a04b326b

HTTP Headers

GET /assets/js/mv.js?v=001 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: Caddy
vary: Accept-Encoding
etag: "d6du7uxrzfxx83a"
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:37:09 GMT
accept-ranges: bytes
content-length: 10486
date: Mon, 30 Dec 2024 22:49:40 GMT

i.live.in.your.bathroom.zigboxs.com/assets/js/f.js

66.23.193.126

200 OK

11 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/js/f.js
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
JavaScript source, ASCII text, with very long lines (10779), with no line terminators
Size
11 kB (10779 bytes)
Hash
bb81419bd92190b95737345bbbf98937
687ca4aebe87d59bdb1ec0d1cc4c43b6052a04aa
ee5edad327a5b8df6f02a91b351a62198488f4758867aaa2a5188210dfcb12cb

HTTP Headers

GET /assets/js/f.js HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 10779
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn95x80oi8bf"

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 18:53:03 GMT
expires: Sat, 27 Dec 2025 18:53:03 GMT
cache-control: public, max-age=31536000
age: 273509
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 18:53:03 GMT
expires: Sat, 27 Dec 2025 18:53:03 GMT
cache-control: public, max-age=31536000
age: 273509
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
12 kB (11887 bytes)
Hash
a51c2b469cfc021315ce7c3ff0a10acb
9fc1094cf7ec07dc34a0a81188a52892ec3cc027
1cfc7cade01cba0f249c2f50f486c94382560b0aae98c5f6582dfe1d77e078e0

HTTP Headers

GET /css2?family=Poppins&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.live.in.your.bathroom.zigboxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Dec 2024 22:51:32 GMT
date: Mon, 30 Dec 2024 22:51:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Dec 2024 04:15:23 GMT
expires: Sun, 28 Dec 2025 04:15:23 GMT
cache-control: public, max-age=31536000
age: 239769
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.live.in.your.bathroom.zigboxs.com/assets/ultra/bundle.js?v=10-02-2024

66.23.193.126

200 OK

785 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/ultra/bundle.js?v=10-02-2024
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
785 kB (784615 bytes)
Hash
d49af33f6b7a28782617a83ee37be786
045118eb56f9dd0f4d75b8f90d92231a8cf56aec
7c3f60a9e2f7a754c784565c2b5dfa3c73d5b6ffb19eecf772d3d5a9249702d0

HTTP Headers

GET /assets/ultra/bundle.js?v=10-02-2024 HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "d6dtn974388hgtev"
content-type: text/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 784615
date: Mon, 30 Dec 2024 22:49:40 GMT
server: Caddy
vary: Accept-Encoding

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 18:53:03 GMT
expires: Sat, 27 Dec 2025 18:53:03 GMT
cache-control: public, max-age=31536000
age: 273510
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.live.in.your.bathroom.zigboxs.com/assets/media/favicon/main.png

66.23.193.126

200 OK

1.5 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/media/favicon/main.png
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
PNG image data, 479 x 342, 4-bit colormap, non-interlaced
Size
1.5 kB (1477 bytes)
Hash
1c643a797118ed37d97aef6edf444c9d
2fdbeb1bc15b2d0b8d2f3e638a8184c1f6ab21e5
615d946c0012af2eb66ab7274d6fc46ff020cb61eb60b78be1750f2cce7b3afa

HTTP Headers

GET /assets/media/favicon/main.png HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: Caddy
vary: Accept-Encoding
etag: "d6dtn964d7xu151"
content-type: image/png
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 1477
date: Mon, 30 Dec 2024 22:49:41 GMT

ka-f.fontawesome.com/releases/v6.1.1/css/pro.css

172.67.139.119

200 OK

119 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/css/pro.css
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
gzip compressed data, from Unix
Size
119 kB (118559 bytes)
Hash
ede3c20c2ab527d8649788b54fec1ee5
e75e8a01f2b80ea825a13671013c4c9830323c50
7eadfc1c9118e312bcd3ed99164efb730770e852475d266191b5f42bdb2a6915

HTTP Headers

GET /releases/v6.1.1/css/pro.css HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:20:26 GMT
etag: W/"c32d02bc39bc74cf5f6ddf20e1dc699d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb60bb37778839b51bfea3a34907efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: Fy-mWFIS7V3IcpESUm5a4au8Y8jqc37XLJDhdDUHZUP9bZ-PLtAbAA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKV1VDulVl5n%2F8L7O5OdbuNmF7%2BGwhdAXT07gt%2F1KHOBD1JmzHaxiekaUGkC%2BslHSfyRLxl9PQQN9gsco2qRpTLIP%2BE1QuiFZgw82NEMhPIOp0ZIpdN7f996g68Y0aK7M9izxQ2GRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa5985cb83956c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1129&min_rtt=433&rtt_var=1404&sent=17&recv=14&lost=0&retrans=0&sent_bytes=13901&recv_bytes=1372&delivery_rate=6884310&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=109&x=0"
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-font-face.css

172.67.139.119

200 OK

2.7 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-font-face.css
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
gzip compressed data, from Unix
Size
2.7 kB (2716 bytes)
Hash
b121a5e2a2fdb2e0c6fec8f0ce9c7607
04d138509eba6a27477a5ec84ab33c19385d5ac0
6006ce6d04972bff78f9d30c74bcc5739dc4751ccc2e2624f4f8783f9c918463

HTTP Headers

GET /releases/v6.1.1/css/pro-v4-font-face.css HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:20:25 GMT
etag: W/"c5d60cc0a0043104d82d899a7c370d90"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ec47ad650ce8b90cf8852923bd4f4320.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: PW4FaHuXV0rRDRoF9-gmHAkIPLtlMUu81HMGQCSDc0doywbINCS22g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkjSTro%2FFT9b651nVxwczthcDbf4Wpcoh0Eu4UmFIo2LDBFyd5uq2s4xF656jD657qc9jo298lnerRsq%2Fi03S%2FOvxhorCEK5XqmqvIVxUGBhUy8%2FAv5HjJG0c5NRhZjuSrJ16oaUMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa5985cd84f56c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=728&min_rtt=433&rtt_var=91&sent=103&recv=29&lost=0&retrans=0&sent_bytes=133812&recv_bytes=1372&delivery_rate=49363636&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=120&x=0"
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-a9bef0.woff2

172.67.139.119

200 OK

25 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-a9bef0.woff2
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25024, version 769.768
Size
25 kB (25024 bytes)
Hash
11edd2541e75e3f26006f9d14e05d75d
ddf27e3d25c0e8dcad0c054dd5281cabda33f156
cb5d84e639ef4801e84b33cafc158afebdd56ea61d4833b1ce4631151c07097c

HTTP Headers

GET /releases/v6.1.1/webfonts/pro-fa-solid-900-a9bef0.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: font/woff2
content-length: 25024
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:29:03 GMT
etag: "11edd2541e75e3f26006f9d14e05d75d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 ec47ad650ce8b90cf8852923bd4f4320.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: XVnFG8EF0iOUjXNGVhW52PMUDZpS6bNVEeST92svhk8sOmSlFPqW4A==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReIBsTgbrIqf2NLBcu6rfXNbzCw5PIGNZj03dxMdpPPPduiYF8IaXhlXGur5Q34%2B%2FpwQqUWJbV0s0iB6lsgEVikokn4qu64%2B1RcHjBU4RHJNems9Ng%2F02ZWt7hcx6DVsd47X%2B3GTug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5985efa1e56c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6997&min_rtt=433&rtt_var=12554&sent=113&recv=37&lost=0&retrans=0&sent_bytes=141712&recv_bytes=1646&delivery_rate=49363636&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=461&x=0"
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-d5bbe9.woff2

172.67.139.119

200 OK

25 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/webfonts/pro-fa-solid-900-d5bbe9.woff2
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25296, version 769.768
Size
25 kB (25296 bytes)
Hash
c28e87bc0d4b1a1734b57c297e30e102
4dd56b2ac781ae4905ec9c4b9ef72341aab8159a
0d915cf722fb8c04fdde1e23784350d1d8662cde6bb4d578b9bdaa1dd895b1bd

HTTP Headers

GET /releases/v6.1.1/webfonts/pro-fa-solid-900-d5bbe9.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: font/woff2
content-length: 25296
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:29:03 GMT
etag: "c28e87bc0d4b1a1734b57c297e30e102"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 784f462b4ee4e847ccfe44db65f51a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: zEciUbAja1dFmyK77GJ8hc90LyIeN8MVciYNunp5binR0GqZA127qA==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emYFH3OrqckQsn9g8m7gT0e41G1j8l3jXyxPO54gxkFWjsr4Iaitd6a3TfK7HGM5%2FmAVU10vx5pUfC7%2FayJCYNnM3hS7HM%2BurXrCtKLGmXUCRUoj2aH4sfn7nhBH82JJgxdd0nfidQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5985f0a1f56c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1646&min_rtt=433&rtt_var=755&sent=133&recv=57&lost=0&retrans=0&sent_bytes=167763&recv_bytes=1646&delivery_rate=49363636&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=465&x=0"
X-Firefox-Spdy: h2

flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js

172.240.108.84

200 OK

17 kB

URL GET HTTP/1.1
flatjeep.com/5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectflatjeep.com
FingerprintE3:45:0D:C8:A5:6B:B6:CC:52:33:EE:28:1D:33:5F:F8:20:FE:8E:E0
ValidityTue, 10 Dec 2024 22:59:53 GMT - Mon, 10 Mar 2025 22:59:52 GMT

File type
JavaScript source, ASCII text, with very long lines (46154), with no line terminators
Size
17 kB (16733 bytes)
Hash
c64f31d3c5c50832eb556790f4d1c629
ee6bf2a7877fff1c0cc386a7d79ef77277e26cd0
22a220c2f1ce33c33d0fdb944e7f57a84940e18bb60e5d24cee4808f658ed958

HTTP Headers

GET /5e/6b/27/5e6b2776400180cc548a7dfd8ab3f717.js HTTP/1.1
Host: flatjeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: flatjeep.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c28ae55e161f55c5ff2938a6c44e0d86
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

i.live.in.your.bathroom.zigboxs.com/favicon.png

66.23.193.126

200 OK

271 B

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/favicon.png
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
271 B (271 bytes)
Hash
1383ff15cc67fac9a24632d82da44723
2f6093cc556129939b3cb7916450032f67c6131b
4abda1d813d63186f17433cf177be5c8da2fecadfe404b748129f115dd7a685d

HTTP Headers

GET /favicon.png HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_WKJQ5QHQTJ=GS1.1.1735599093.1.0.1735599093.0.0.0; _ga=GA1.1.2020118147.1735599093
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 271
date: Mon, 30 Dec 2024 22:49:42 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn974388h7j"
content-type: image/png
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes

proftrafficcounter.com/stats

18.199.12.245

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.199.12.245:443
ASN
#16509 AMAZON-02

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
18b0deed4ac434e24f1e5531bccd0397
8cd2cb1d62d5e0386553b9fba525d5136eb180a4
4081df71cc1d4f8f0a4cb94113dffa27182dfd627c3a12d8c5739e2565a44915

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://i.live.in.your.bathroom.zigboxs.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; expires=Thu, 28 Dec 2034 22:51:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2a5bf4ca6fbe8aef182b7ef023b873b6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=5e6b2776400180cc548a7dfd8ab3f717&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=5e6b2776400180cc548a7dfd8ab3f717&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=5e6b2776400180cc548a7dfd8ab3f717&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Dec 2024 22:51:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0fbbb9bdeebd6ce9a09633c4bb3d27db
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

specificallycries.com/sbar.json?key=5e6b2776400180cc548a7dfd8ab3f717&uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6%3A3%3A1

192.243.61.225

200 OK

8.2 kB

URL GET HTTP/1.1
specificallycries.com/sbar.json?key=5e6b2776400180cc548a7dfd8ab3f717&uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6%3A3%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type
JSON text data
Size
8.2 kB (8170 bytes)
Hash
aea5416622d4861cc82e211d4a6c2e95
fea7510b3f648b681e0f55bfc7bb07d76244012f
f49a30cb5ca0344cd822923f7ca37c9756ce7df0fcad648f1f9f365f62a6b42a

HTTP Headers

GET /sbar.json?key=5e6b2776400180cc548a7dfd8ab3f717&uuid=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6%3A3%3A1 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:34 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://i.live.in.your.bathroom.zigboxs.com
Access-Control-Allow-Origin: https://i.live.in.your.bathroom.zigboxs.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl23371864=1; expires=Tue, 31 Dec 2024 22:51:34 GMT; path=/; secure; SameSite=None
uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; expires=Mon, 06 Jan 2025 22:51:34 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Dec 2024 22:51:34 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 31 Dec 2024 22:51:34 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Tue, 31 Dec 2024 22:51:34 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Tue, 31 Dec 2024 22:51:34 GMT; path=/; secure; SameSite=None
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 610264eac04d8b50a4b32a76140d5c16
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

specificallycries.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuTsLv8jut5ibC4HpQ2Ey650%2F3jDmIMUaCcbPsuuxeRKqrqidlarraqq7pyZyCAdnj4Bew80yyQV1EDx5dZLLgYUHIiIccNl9CyFWZMTj6Hup9n%2Fd5C5563vriyF2SOhy92PhQD6RSdLVZ9StvPAyCtcq2TF2%2F0m%2BFn4SNtYrpvdUOq%2F6blfcF29OrNT%2Fw%2FcAPKpvSiET3V6ckZPakHVTbfrVRqwbNBvrmv9g6D5Z64L1L8hIknyw985Yh2Rhp9%2FsNYfdynd16r%2BsUzbVBj5%2FeT%2FdSXaTozsvEeEjS0%2BtpaHu%2B%2BRQ6PZnJhe79MxjLCfF%2BeYo4Pb0Wibh3PNMZK4gUMf8%2Fit4YQo0h6RhMH0LycwIwjts7SLuPb2tT0P2%2FWTplJ2Tp6g%2FIYkKWXiwj7X63rmS%2Fck8rl0udWvSTErI%2FhuyMkbkz5AMPsjgDyz%2BH5L%2BS1attpN3jHas0JL94XQgqaknQWKnzRmulkdB4JW4KvkJD1maNhLFmHM4MknIMmYyhxBDULsJZD056cIkHl3no8osKC4Ig8jmjfqvNWJ1HIg65H9AoCWjghy04Nn3DEHk2BFNDMHOAzBxgTw5h3M%2BwuyUs92Bzgh4vUQiCwhIUlKCQBEVOUPTKE65szZaPubIuDq5z7TrXy5HOO0f0ROcdkRJQM4Th5bHMPrOHYPniaJDYj0c6sfwouyQ3pqZ6vHyIPXFRaYowrkVR2PD9oOUz1my0aMQT3qJxPYmCCFaWkHYB1HoYyAlZS18gkxPy8q2vENMzWHUGJhdB3augRQm6W2KQ%2Frhf7WiZ5sLYXCilqKnSLAPXJbJ8Cfm%2Bd6QuySuz%2FT54rQPBnpPrADMlMlPiU%2FmMoKMeje7qghzf1YUlP%2BxkuezKAZ3u%2Fl5Oc%2FG%2Fbz4Q%2B4U2fGvDDr9%2Bh02JafnkI2HzbZpymXYs%2BXZdci7MpjZMkJ%2B27AMR33F2d92Z1GXbd97d3OpmRlgrdToGlec3a2ByQm78fn%2F2qYPlPyHNGMaV6Lq5UqnHYNkBbDbvWU1g1BzHmYfClSNTi%2BdNJQmUmGMal7D%2FwvG8Hhk6vU1leWQfoWMWQPNDpN0SPVOip0pQNYR1i6M8M8%2Ff%2Fq0%2BC8RqYRQrs3AcK6O%2BnJk8PXZh5UUlqtd9GrabQRRREcWNWisJA05prRHWwpDWkdtJx968%2BisAAP%2F%2FdIWQjK4EAAA%3D

192.243.61.225

200 OK

7 B

URL GET HTTP/1.1
specificallycries.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuTsLv8jut5ibC4HpQ2Ey650%2F3jDmIMUaCcbPsuuxeRKqrqidlarraqq7pyZyCAdnj4Bew80yyQV1EDx5dZLLgYUHIiIccNl9CyFWZMTj6Hup9n%2Fd5C5563vriyF2SOhy92PhQD6RSdLVZ9StvPAyCtcq2TF2%2F0m%2BFn4SNtYrpvdUOq%2F6blfcF29OrNT%2Fw%2FcAPKpvSiET3V6ckZPakHVTbfrVRqwbNBvrmv9g6D5Z64L1L8hIknyw985Yh2Rhp9%2FsNYfdynd16r%2BsUzbVBj5%2FeT%2FdSXaTozsvEeEjS0%2BtpaHu%2B%2BRQ6PZnJhe79MxjLCfF%2BeYo4Pb0Wibh3PNMZK4gUMf8%2Fit4YQo0h6RhMH0LycwIwjts7SLuPb2tT0P2%2FWTplJ2Tp6g%2FIYkKWXiwj7X63rmS%2Fck8rl0udWvSTErI%2FhuyMkbkz5AMPsjgDyz%2BH5L%2BS1attpN3jHas0JL94XQgqaknQWKnzRmulkdB4JW4KvkJD1maNhLFmHM4MknIMmYyhxBDULsJZD056cIkHl3no8osKC4Ig8jmjfqvNWJ1HIg65H9AoCWjghy04Nn3DEHk2BFNDMHOAzBxgTw5h3M%2BwuyUs92Bzgh4vUQiCwhIUlKCQBEVOUPTKE65szZaPubIuDq5z7TrXy5HOO0f0ROcdkRJQM4Th5bHMPrOHYPniaJDYj0c6sfwouyQ3pqZ6vHyIPXFRaYowrkVR2PD9oOUz1my0aMQT3qJxPYmCCFaWkHYB1HoYyAlZS18gkxPy8q2vENMzWHUGJhdB3augRQm6W2KQ%2Frhf7WiZ5sLYXCilqKnSLAPXJbJ8Cfm%2Bd6QuySuz%2FT54rQPBnpPrADMlMlPiU%2FmMoKMeje7qghzf1YUlP%2BxkuezKAZ3u%2Fl5Oc%2FG%2Fbz4Q%2B4U2fGvDDr9%2Bh02JafnkI2HzbZpymXYs%2BXZdci7MpjZMkJ%2B27AMR33F2d92Z1GXbd97d3OpmRlgrdToGlec3a2ByQm78fn%2F2qYPlPyHNGMaV6Lq5UqnHYNkBbDbvWU1g1BzHmYfClSNTi%2BdNJQmUmGMal7D%2FwvG8Hhk6vU1leWQfoWMWQPNDpN0SPVOip0pQNYR1i6M8M8%2Ff%2Fq0%2BC8RqYRQrs3AcK6O%2BnJk8PXZh5UUlqtd9GrabQRRREcWNWisJA05prRHWwpDWkdtJx968%2BisAAP%2F%2FdIWQjK4EAAA%3D
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuTsLv8jut5ibC4HpQ2Ey650%2F3jDmIMUaCcbPsuuxeRKqrqidlarraqq7pyZyCAdnj4Bew80yyQV1EDx5dZLLgYUHIiIccNl9CyFWZMTj6Hup9n%2Fd5C5563vriyF2SOhy92PhQD6RSdLVZ9StvPAyCtcq2TF2%2F0m%2BFn4SNtYrpvdUOq%2F6blfcF29OrNT%2Fw%2FcAPKpvSiET3V6ckZPakHVTbfrVRqwbNBvrmv9g6D5Z64L1L8hIknyw985Yh2Rhp9%2FsNYfdynd16r%2BsUzbVBj5%2FeT%2FdSXaTozsvEeEjS0%2BtpaHu%2B%2BRQ6PZnJhe79MxjLCfF%2BeYo4Pb0Wibh3PNMZK4gUMf8%2Fit4YQo0h6RhMH0LycwIwjts7SLuPb2tT0P2%2FWTplJ2Tp6g%2FIYkKWXiwj7X63rmS%2Fck8rl0udWvSTErI%2FhuyMkbkz5AMPsjgDyz%2BH5L%2BS1attpN3jHas0JL94XQgqaknQWKnzRmulkdB4JW4KvkJD1maNhLFmHM4MknIMmYyhxBDULsJZD056cIkHl3no8osKC4Ig8jmjfqvNWJ1HIg65H9AoCWjghy04Nn3DEHk2BFNDMHOAzBxgTw5h3M%2BwuyUs92Bzgh4vUQiCwhIUlKCQBEVOUPTKE65szZaPubIuDq5z7TrXy5HOO0f0ROcdkRJQM4Th5bHMPrOHYPniaJDYj0c6sfwouyQ3pqZ6vHyIPXFRaYowrkVR2PD9oOUz1my0aMQT3qJxPYmCCFaWkHYB1HoYyAlZS18gkxPy8q2vENMzWHUGJhdB3augRQm6W2KQ%2Frhf7WiZ5sLYXCilqKnSLAPXJbJ8Cfm%2Bd6QuySuz%2FT54rQPBnpPrADMlMlPiU%2FmMoKMeje7qghzf1YUlP%2BxkuezKAZ3u%2Fl5Oc%2FG%2Fbz4Q%2B4U2fGvDDr9%2Bh02JafnkI2HzbZpymXYs%2BXZdci7MpjZMkJ%2B27AMR33F2d92Z1GXbd97d3OpmRlgrdToGlec3a2ByQm78fn%2F2qYPlPyHNGMaV6Lq5UqnHYNkBbDbvWU1g1BzHmYfClSNTi%2BdNJQmUmGMal7D%2FwvG8Hhk6vU1leWQfoWMWQPNDpN0SPVOip0pQNYR1i6M8M8%2Ff%2Fq0%2BC8RqYRQrs3AcK6O%2BnJk8PXZh5UUlqtd9GrabQRRREcWNWisJA05prRHWwpDWkdtJx968%2BisAAP%2F%2FdIWQjK4EAAA%3D HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 79d8ec8da194dfef1b07a4a7dd92a077
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.show-sb.com/sb/interstitial/dating/whatsapp/message/multi/1/index.html

172.67.170.115

200 OK

572 B

URL GET HTTP/2
cdn.show-sb.com/sb/interstitial/dating/whatsapp/message/multi/1/index.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint3C:A5:E1:7B:2D:A7:39:E4:57:14:B9:37:8B:15:0F:75:62:48:17:1A
ValidityMon, 16 Dec 2024 21:27:23 GMT - Sun, 16 Mar 2025 22:25:53 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
572 B (572 bytes)
Hash
baf5cc341e9b4ba29ea136d6771d8117
3f4d6e02aaf5e2a7cb0ce811441a983b2a9213b4
1030038db8eab83a70e707dac1cb89471487646fc2581899aed56ba1b628537b

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/index.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyqSNUvhC714ygdNOHQ34JRP8qLStrU7QrYAYi%2FCuvLf6l%2FTxDhuOvh8w7G9XhxY6fV61wKFnV4iox3lUvnPa9tc6WG1PL6m7auEihfEpjmvbkL1bk%2BSjdktvGio1nzsyp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa59867887ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=641&min_rtt=514&rtt_var=294&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1236&delivery_rate=6360175&cwnd=253&unsent_bytes=0&cid=e36c36cef867f24f&ts=453&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/send.png

188.114.96.1

200 OK

17 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/send.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
17 kB (16894 bytes)
Hash
49d282404a58395fd8d033171b934c1f
c5fe08b3491fc9ab1cd577fd0566a60cfade8ba2
dafcb1f828c60041971b47d7ebeaebbb1cae72e32a0f2e729b9077910bfbfb67

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/img/send.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: image/png
content-length: 16894
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: "65aa84c0-41fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1837826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMiSd6CAXFeMC%2FfT%2FlIPnSdDR%2BZ2FWwzabiyl1KXB0gflLF9q8aibp0ajOq5q9rXvCs19XdTeisA2ulYfJR%2FLdgrJr2gjGyrsjqN9QU0zu1e6YHt40pC7crcIZJUYGkYFNs1h4w%2FCHQD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b6f29b512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1437&min_rtt=483&rtt_var=632&sent=11&recv=16&lost=0&retrans=0&sent_bytes=4649&recv_bytes=1844&delivery_rate=4478350&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=104&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/adobe_flash_player.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/adobe_flash_player.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
PNG image data, 300 x 335, 8-bit colormap, non-interlaced
Size
11 kB (11265 bytes)
Hash
59a190081a9ee0dfce168033e73e6383
bd604cd88aa562d3363eebc4c403dc605db0eb42
844b46db74175f0108f5500b30ea887521893f2093c1e54066a94d69cc0bacaf

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/img/adobe_flash_player.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: image/png
content-length: 11265
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: "65aa84c0-2c01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 854092
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FxVsuDaulcpRPKLNoYPfnm6YzaY379XKeUS1ON7TKSc5YjJJChA63%2FJZTpyf%2F%2Bw%2FpxncTQ%2BY5uIILjpHfUxOmp6DV62HYCW3xj%2BXEjY4IkpaANm0Sa9serG%2BZKng%2F%2FuvhJ96%2BCVgNel"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b6f27b512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1380&min_rtt=483&rtt_var=587&sent=25&recv=17&lost=0&retrans=0&sent_bytes=22353&recv_bytes=1844&delivery_rate=20622583&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=105&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/close.svg

188.114.96.1

200 OK

576 B

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/img/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
SVG Scalable Vector Graphics image
Size
576 B (576 bytes)
Hash
369850b9873659adf0951d845f57dba1
a64257186daa33b6b318943a457b6cf8d80b26b6
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: W/"65aa84c0-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1837826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7E28Rxh05q1P2P3cOTh%2FdDZ1TGvOaC0LNlykrHRpM6VczgT1zW6WsTCJMijdd%2FNVPBMMzOr1i5pi6wjB1qagg6BXBnnERuJeUethN%2BgZ8ttN0UaptDxB1ZNSubPwnEWhjjGV%2FiGpVLwM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b5f12b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1503&min_rtt=483&rtt_var=664&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1727&delivery_rate=2997929&cwnd=254&unsent_bytes=0&cid=c5e966a06fc05cad&ts=94&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/css/animate.css

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
ASCII text
Size
4.9 kB (4858 bytes)
Hash
5982c5377696d20476871062646b253f
8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:36 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: W/"65aa84c0-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bG8QITXU5u7QGWbTsuorPK6UpwyCiZtv95%2Bn2ZZBGen0qabqTtzp41qaGB3EVe08PW4u%2FlH8znRtx%2By16gcQBHfjBr0humZ4hIzh1xIcTNcTCDpiTtzxz46OISMfjjPWS9GwXAUE39T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b0eb5b512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7251&min_rtt=463&rtt_var=12277&sent=64&recv=24&lost=0&retrans=0&sent_bytes=67591&recv_bytes=1953&delivery_rate=20622583&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=533&x=0"
X-Firefox-Spdy: h2

specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fjs%2Fscript.js&l=5490&fd=451

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fjs%2Fscript.js&l=5490&fd=451
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fjs%2Fscript.js&l=5490&fd=451 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:36 GMT
Content-Length: 0
Connection: keep-alive
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 19:08:18 GMT
expires: Sat, 27 Dec 2025 19:08:18 GMT
cache-control: public, max-age=31536000
age: 272598
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

specificallycries.com/pixel/sbs?c=1

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
specificallycries.com/pixel/sbs?c=1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:36 GMT
Content-Length: 0
Connection: keep-alive
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

specificallycries.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tkxRetl4Tf5rcanZ0IjeNCYdJ5r%2F%2FHWYgxRoJxMsw4zGxE6t%2FrlKl%2B9ax61a%2FTq2BAZtn4BXw5nUxQB9GFSwd5GXAxIKTFRRaTLyFkq3QbbL2LuvfccwtOnVtfHPoLUoen5%2BsfmqHSmq40q2HljYdRdKuypRI%2FqAw6rU9ajVsV239rtVUN36y8L%2FmuWamFURhGYVTZUFbGZrAyJaHSJ6tRdTWsNmrVqNnAwP4XOx%2FA0QCif0FeghKTpWfBdSheIul9vy7dbmbSm%2B%2F1vKaZseiLk%2FvJbmLyBL15GdsAcXJyNQ3jzjaewiTHM7kw%2FX8GmZqQ4JenYMnJlUiw%2FtFMJ9OQCZj4P%2FJ%2BCalLKFqCmwMocUYALnB7G0nv8W1jc7r3N0un7IQsXf4BlU%2FI0ovrSHrfrWk1qNwz2mfKJA6DuIAalFDdEqk%2FRTYMoPJT8OxzKPErWbncQtI72nbaQInz16WkshZHjeW6aHSWGzFly6wpxTJt8VXeiDlvstbMIKVKqLiEliNQtwjvAngVwMcBfBqgJ84rPIqidig4DTurnNdFW7KWCCPajiMaha0OPJ%2B%2BYYQsHYHrEbjdR2r3satGsP5nuJ0CTgRwGUFfFMglQe4IckqQK4I8I8j7xbHQruaKx0I7z6KrXLvK9WJssu4hPTZZVyYE1I5gRXGk0s%2FcAXi2OB7G7uOxiZ04TC%2FItampgSgeYleeV5qyxWrtdqsRhlEn5LzZ6NC2iEWHsnrcjtpwqoByC6AuwFBNyK3kBVI1IS%2Ff%2FAqMnsLpU3C1COpfBc0L0J0Cw%2BTHvWrXqCST1mVSa01tlaYphCmQZkvI9oJDfUFeme33wWtdSP6cXAW4LZDaAp%2BqZwRd%2FWh81%2BTk6K7JHflhO81UTw3pdPf3MprJ%2F33zgdzLjRWb62709Tt8SkzLJx9Jl23RRKik68i3a0oIaTeM5ZL8tOkeSHbHu501bxOfbt15d2Ozl1rpnDJJCarObtTA1YRc%2B%2F3%2B7FNH1%2F%2BEsiWsL9Dzc6XKlODpPlw67zlDYPUcszRA7ouxrbF5UysCLeeYsgLuX5jN67Gl09tUFYfuEbp2ATQ7QNIr0LcF%2BroA1SM4vzjOUvv87d%2FqswDTC2Om7cIR01Z%2FOTN5euzAqfNKPRRtJmPZZrLRbMSSC9ZsspDHnNVFp8ORuUnX3bj8KwAA%2F%2F%2F0UUVkrgQAAA%3D%3D

192.243.61.225

200 OK

7 B

URL GET HTTP/1.1
specificallycries.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tkxRetl4Tf5rcanZ0IjeNCYdJ5r%2F%2FHWYgxRoJxMsw4zGxE6t%2FrlKl%2B9ax61a%2FTq2BAZtn4BXw5nUxQB9GFSwd5GXAxIKTFRRaTLyFkq3QbbL2LuvfccwtOnVtfHPoLUoen5%2BsfmqHSmq40q2HljYdRdKuypRI%2FqAw6rU9ajVsV239rtVUN36y8L%2FmuWamFURhGYVTZUFbGZrAyJaHSJ6tRdTWsNmrVqNnAwP4XOx%2FA0QCif0FeghKTpWfBdSheIul9vy7dbmbSm%2B%2F1vKaZseiLk%2FvJbmLyBL15GdsAcXJyNQ3jzjaewiTHM7kw%2FX8GmZqQ4JenYMnJlUiw%2FtFMJ9OQCZj4P%2FJ%2BCalLKFqCmwMocUYALnB7G0nv8W1jc7r3N0un7IQsXf4BlU%2FI0ovrSHrfrWk1qNwz2mfKJA6DuIAalFDdEqk%2FRTYMoPJT8OxzKPErWbncQtI72nbaQInz16WkshZHjeW6aHSWGzFly6wpxTJt8VXeiDlvstbMIKVKqLiEliNQtwjvAngVwMcBfBqgJ84rPIqidig4DTurnNdFW7KWCCPajiMaha0OPJ%2B%2BYYQsHYHrEbjdR2r3satGsP5nuJ0CTgRwGUFfFMglQe4IckqQK4I8I8j7xbHQruaKx0I7z6KrXLvK9WJssu4hPTZZVyYE1I5gRXGk0s%2FcAXi2OB7G7uOxiZ04TC%2FItampgSgeYleeV5qyxWrtdqsRhlEn5LzZ6NC2iEWHsnrcjtpwqoByC6AuwFBNyK3kBVI1IS%2Ff%2FAqMnsLpU3C1COpfBc0L0J0Cw%2BTHvWrXqCST1mVSa01tlaYphCmQZkvI9oJDfUFeme33wWtdSP6cXAW4LZDaAp%2BqZwRd%2FWh81%2BTk6K7JHflhO81UTw3pdPf3MprJ%2F33zgdzLjRWb62709Tt8SkzLJx9Jl23RRKik68i3a0oIaTeM5ZL8tOkeSHbHu501bxOfbt15d2Ozl1rpnDJJCarObtTA1YRc%2B%2F3%2B7FNH1%2F%2BEsiWsL9Dzc6XKlODpPlw67zlDYPUcszRA7ouxrbF5UysCLeeYsgLuX5jN67Gl09tUFYfuEbp2ATQ7QNIr0LcF%2BroA1SM4vzjOUvv87d%2FqswDTC2Om7cIR01Z%2FOTN5euzAqfNKPRRtJmPZZrLRbMSSC9ZsspDHnNVFp8ORuUnX3bj8KwAA%2F%2F%2F0UUVkrgQAAA%3D%3D
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2tkxRetl4Tf5rcanZ0IjeNCYdJ5r%2F%2FHWYgxRoJxMsw4zGxE6t%2FrlKl%2B9ax61a%2FTq2BAZtn4BXw5nUxQB9GFSwd5GXAxIKTFRRaTLyFkq3QbbL2LuvfccwtOnVtfHPoLUoen5%2BsfmqHSmq40q2HljYdRdKuypRI%2FqAw6rU9ajVsV239rtVUN36y8L%2FmuWamFURhGYVTZUFbGZrAyJaHSJ6tRdTWsNmrVqNnAwP4XOx%2FA0QCif0FeghKTpWfBdSheIul9vy7dbmbSm%2B%2F1vKaZseiLk%2FvJbmLyBL15GdsAcXJyNQ3jzjaewiTHM7kw%2FX8GmZqQ4JenYMnJlUiw%2FtFMJ9OQCZj4P%2FJ%2BCalLKFqCmwMocUYALnB7G0nv8W1jc7r3N0un7IQsXf4BlU%2FI0ovrSHrfrWk1qNwz2mfKJA6DuIAalFDdEqk%2FRTYMoPJT8OxzKPErWbncQtI72nbaQInz16WkshZHjeW6aHSWGzFly6wpxTJt8VXeiDlvstbMIKVKqLiEliNQtwjvAngVwMcBfBqgJ84rPIqidig4DTurnNdFW7KWCCPajiMaha0OPJ%2B%2BYYQsHYHrEbjdR2r3satGsP5nuJ0CTgRwGUFfFMglQe4IckqQK4I8I8j7xbHQruaKx0I7z6KrXLvK9WJssu4hPTZZVyYE1I5gRXGk0s%2FcAXi2OB7G7uOxiZ04TC%2FItampgSgeYleeV5qyxWrtdqsRhlEn5LzZ6NC2iEWHsnrcjtpwqoByC6AuwFBNyK3kBVI1IS%2Ff%2FAqMnsLpU3C1COpfBc0L0J0Cw%2BTHvWrXqCST1mVSa01tlaYphCmQZkvI9oJDfUFeme33wWtdSP6cXAW4LZDaAp%2BqZwRd%2FWh81%2BTk6K7JHflhO81UTw3pdPf3MprJ%2F33zgdzLjRWb62709Tt8SkzLJx9Jl23RRKik68i3a0oIaTeM5ZL8tOkeSHbHu501bxOfbt15d2Ozl1rpnDJJCarObtTA1YRc%2B%2F3%2B7FNH1%2F%2BEsiWsL9Dzc6XKlODpPlw67zlDYPUcszRA7ouxrbF5UysCLeeYsgLuX5jN67Gl09tUFYfuEbp2ATQ7QNIr0LcF%2BroA1SM4vzjOUvv87d%2FqswDTC2Om7cIR01Z%2FOTN5euzAqfNKPRRtJmPZZrLRbMSSC9ZsspDHnNVFp8ORuUnX3bj8KwAA%2F%2F%2F0UUVkrgQAAA%3D%3D HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 52f0844a420a95fc8fcc5a2fcb81f70b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/jquery.min.js

188.114.96.1

200 OK

84 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
84 kB (84384 bytes)
Hash
6326c600df01e3bfb9b40e1aa08176f8
6b4fb754d29b297b539bf62ba9b4eaf0f33f314a
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: W/"65aa84c0-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1837826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGwfcNMfvdKmxWR5bpnittfKTIqWChvp0LHg4cponchbp%2B2YC8DEQsmFRwYC7sZbjGdgeOUxS5JxcoAeQHrLWXQ8PxXTGG%2BAJXGWch8UcedXrb3%2FzYhqwRnH5vBCreiTesnM9wUU6D22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b6f2bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1792&min_rtt=483&rtt_var=1469&sent=36&recv=19&lost=0&retrans=0&sent_bytes=34335&recv_bytes=1844&delivery_rate=20622583&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=112&x=0"
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.1.1/css/pro-v5-font-face.css

172.67.139.119

200 OK

69 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/css/pro-v5-font-face.css
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
ASCII text, with very long lines (2997)
Size
69 kB (68831 bytes)
Hash
a6bfc9d540862efd93ae48bde4016667
7fc4eac3ea25368ad3f4497abf03373dd131c24f
84cb10f8ef4f9e0cb700c08703d468ce64fd31b31e7e4ec197f31c8c795070c8

HTTP Headers

GET /releases/v6.1.1/css/pro-v5-font-face.css HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:20:25 GMT
etag: W/"a6bfc9d540862efd93ae48bde4016667"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 52b109b1375547c721208eb7c7b3185a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: d5i2Qskg02pXgDbI2wzeJV2KZoBpK4oVS-K77KCsUYX3S7IUTHht8Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLkVBhEzhv4WGN8SdZeDLzhMA6IhUYZrXUd%2B8VVcQPzvLuchtcybiwipIhWaX0XHuVdto8lSnxqDoUlZmDqwZVkmcHkGKinraBATfYfonz9QgszSiTwJ%2F41Lz3qWkhwXbdd7h8SaqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa5985cc84056c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1129&min_rtt=433&rtt_var=1404&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1372&delivery_rate=6884310&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=108&x=0"
X-Firefox-Spdy: h2

specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4423&fd=522

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4423&fd=522
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4423&fd=522 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:36 GMT
Content-Length: 0
Connection: keep-alive
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap

142.250.74.106

200 OK

9.9 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text, with very long lines (10136), with no line terminators
Size
9.9 kB (9884 bytes)
Hash
a5bc2c3bea38cbee4b02bff019553402
1566b165d339b2912fa6c3aa2087c057d58fe148
c66b8f82ce06052d34e1689d43496c7f476cdfcf849756b38162bc415c1b497d

HTTP Headers

GET /css2?family=Inter:wght@300;400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.live.in.your.bathroom.zigboxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Dec 2024 22:51:32 GMT
date: Mon, 30 Dec 2024 22:51:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/script.js

188.114.96.1

200 OK

6.3 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
Unicode text, UTF-8 text, with very long lines (5891), with no line terminators
Size
6.3 kB (6286 bytes)
Hash
88000d2297facce339f055fad10544b4
9dc38ca010ad7b5b86171cae975770bc0d856cad
da21fca43fd7c98d67f7a0a1d076b1b912cf63ab5b70b086208f04d31b8a6e91

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:36 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: W/"65aa84c0-188e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4x2sOD3uCLE3M7W6Ze%2FtEsTcDWbAaGuxNpvakZYp%2Frx0nusgGicHaAAS5kPxpVjPQHzIPiJ8PAGFHNOvjMLzUS%2Bk5Ml5qnGvniO80ZbY2mj0s%2BMj9Y5laIO4grn1BlZzpgtBlTk5anG3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986c98a3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4020&min_rtt=463&rtt_var=6579&sent=69&recv=29&lost=0&retrans=0&sent_bytes=73194&recv_bytes=1953&delivery_rate=20622583&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=723&x=0"
X-Firefox-Spdy: h2

specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Findex.html&l=2101&fd=487

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Findex.html&l=2101&fd=487
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Findex.html&l=2101&fd=487 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:35 GMT
Content-Length: 0
Connection: keep-alive
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/css/style.css

188.114.96.1

200 OK

4.4 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/interstitial/dating/whatsapp/message/multi/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
ASCII text, with very long lines (4688), with no line terminators
Size
4.4 kB (4423 bytes)
Hash
6fb88cfa4106c59ec0f724f2f68bed3c
1193a19e74a21f83d1f569d2fe13e3e9d1cae85f
6a5eee3a2a22a3381310f9629ab60c85417dcd6884a16af0aea667cb7f47d04f

HTTP Headers

GET /sb/interstitial/dating/whatsapp/message/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:35 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:18:40 GMT
etag: W/"65aa84c0-1147"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZh1xCruWTbKRT3xlXzXKLPahNRSSQQBP1OdZTbzJjFNaLq1Qp7HWt8nKxq1Rgn%2BMRq8S%2FtpN%2FIctTbiN7EAy6aSyyF5ITn4vxO02craJfc8yjTZSsp5jhtXX80PJ22eHERmxBT9xWAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa5986b0ebbb512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1756&min_rtt=483&rtt_var=1301&sent=61&recv=22&lost=0&retrans=0&sent_bytes=65836&recv_bytes=1953&delivery_rate=20622583&cwnd=257&unsent_bytes=0&cid=c5e966a06fc05cad&ts=472&x=0"
X-Firefox-Spdy: h2

i.live.in.your.bathroom.zigboxs.com/assets/media/background/full-main.png

66.23.193.126

200 OK

12 kB

URL GET HTTP/3
i.live.in.your.bathroom.zigboxs.com/assets/media/background/full-main.png
IP
66.23.193.126:443
ASN
#400304 REDOUBT-NET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjecti.live.in.your.bathroom.zigboxs.com
FingerprintE1:91:18:5C:4A:61:89:2A:13:EE:CD:43:96:00:E5:93:BF:17:17:11
ValidityThu, 26 Dec 2024 20:01:43 GMT - Wed, 26 Mar 2025 20:01:42 GMT

File type
PNG image data, 2560 x 2384, 4-bit colormap, non-interlaced
Size
12 kB (11509 bytes)
Hash
ff846e101141153acba51a6c00346f7d
8da93331c37856eb85e73bfdeee70fc6ef1ef474
848f069524c78bb30ea8209ec5154ba17b216594d1bb466f92fa6e1c066ddc80

HTTP Headers

GET /assets/media/background/full-main.png HTTP/1.1
Host: i.live.in.your.bathroom.zigboxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.live.in.your.bathroom.zigboxs.com/assets/css/global.css?v=6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
last-modified: Tue, 17 Dec 2024 08:10:14 GMT
accept-ranges: bytes
content-length: 11509
date: Mon, 30 Dec 2024 22:49:41 GMT
server: Caddy
vary: Accept-Encoding
etag: "d6dtn95zlr3m8vp"
content-type: image/png

specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fanimate.css&l=78693&fd=582

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
specificallycries.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fanimate.css&l=78693&fd=582
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerLet's Encrypt
Subjectspecificallycries.com
FingerprintE7:D3:77:FF:E6:B7:B6:B7:07:B2:87:87:52:24:4B:B8:34:10:6C:D1
ValidityFri, 13 Dec 2024 21:40:35 GMT - Thu, 13 Mar 2025 21:40:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Finterstitial%2Fdating%2Fwhatsapp%2Fmessage%2Fmulti%2F1%2Fcss%2Fanimate.css&l=78693&fd=582 HTTP/1.1
Host: specificallycries.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl23371864=1; uid_id2=eeae2f14-3d48-4fab-b5ed-a6c9c4fcc5b6:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 30 Dec 2024 22:51:36 GMT
Content-Length: 0
Connection: keep-alive
Host: specificallycries.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.2 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text, with very long lines (7364), with no line terminators
Size
7.2 kB (7175 bytes)
Hash
e082b2c49137015642f9e60e58c34f87
02ab175bf4bcab25a605a280bb2405ea233d3085
654f6d483488078da3ff22c940040ea8a603172ff7d43d21a57b213976e06ec5

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Dec 2024 22:51:35 GMT
date: Mon, 30 Dec 2024 22:51:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-shims.css

172.67.139.119

200 OK

40 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.1.1/css/pro-v4-shims.css
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://i.live.in.your.bathroom.zigboxs.com/
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
FingerprintF7:DD:90:67:3F:56:3B:77:93:AE:02:9F:78:FA:EE:51:F0:A2:6E:64
ValidityWed, 25 Dec 2024 21:45:17 GMT - Tue, 25 Mar 2025 22:45:14 GMT

File type
ASCII text
Size
40 kB (40538 bytes)
Hash
7c6b7986bca4b03e54110f552081eea8
96c46db74081072f7d638b0e4b91f4d781f8d7b0
b8e399aa0c1450953c0619764448af81b78076ea5ad7ae48912e62b8f559760d

HTTP Headers

GET /releases/v6.1.1/css/pro-v4-shims.css HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://i.live.in.your.bathroom.zigboxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Dec 2024 22:51:33 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 22 Mar 2022 15:20:25 GMT
etag: W/"7c6b7986bca4b03e54110f552081eea8"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5f7dfed9ac84be147f8e4e2e474596fc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: IkVjgNvInXFaO5mtYIRyfJ_Dbk3Ho1oP0fs6DQhacqXgqyzTNnZ7aw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCrl9iQBiOS1yaPAAXj1a92UezYdRbvOCymn0VQeyjvE0o60h3%2BiVFvM9d4ym%2Fu8AdWl8duIt5DxTZvclbmCnKrBDXRlhfWZVjRnjwy67WSVGBCdpV%2B36g9enXUo4c5GsC0qL9ltCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa5985cd84956c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1111&min_rtt=433&rtt_var=785&sent=107&recv=32&lost=0&retrans=0&sent_bytes=136649&recv_bytes=1372&delivery_rate=49363636&cwnd=254&unsent_bytes=0&cid=65a28ab78f14f27d&ts=128&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by