cdn.luulu.org/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http
200 OK 38 B URL GET HTTP/2 cdn.luulu.org/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectluulu.org
Fingerprint69:29:E4:3C:6C:E5:A8:F1:F8:5E:9C:86:0E:28:55:63:A6:38:47:1F
ValiditySun, 05 Nov 2023 22:40:49 GMT - Sat, 03 Feb 2024 22:40:48 GMT
File type ASCII text, with CRLF line terminators
Hash 99eccae6afa72c589ae54b5c3890282a
0f102f8f5b556635de65d16cf70fa8269c6761b4
b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3
GET /js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http HTTP/1.1
Host: cdn.luulu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
content-length: 38
last-modified: Mon, 13 Sep 2021 15:50:14 GMT
etag: "26-5cbe26bbab980"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 677434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IMNn0Ej8w3CD7Fpro%2FOeNUcwiElTVgKiADtuDdgk%2BiQzaDELC58EiOKxiHWiiFfDTgp5OCo%2F7nIa060hAMY9vO0eZnvmKqvQxgHVP3LNtA6DZdRHZ4IfAyrBtyDrway"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6fd085695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RFESL45RJX
200 OK 94 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-RFESL45RJX
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash f3e79707d9d3a18b71d0c97c1b7b7c78
c716596c17a286ac99e7aec3e50b3670c752dfce
31931d49c29ea9a3f6f31c78722e3318dcf406c1b06884091df19fdad4a0ce0f
GET /gtag/js?id=G-RFESL45RJX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 16:59:47 GMT
expires: Wed, 06 Dec 2023 16:59:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gmxvmvptfm.com/solid.gif?z=2003355&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1
200 OK 43 B URL POST HTTP/2 gmxvmvptfm.com/solid.gif?z=2003355&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint14:D3:45:CB:D6:04:24:B4:40:49:4E:38:1B:23:CD:D2:47:9A:0D:FD
ValiditySun, 29 Oct 2023 21:18:37 GMT - Thu, 25 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2003355&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1 HTTP/1.1
Host: gmxvmvptfm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 08 Jan 2025 16:59:48 GMT; Secure; SameSite=None
UID=231206115992d2a0eb924f492ab5a86b61ba; Path=/; Expires=Wed, 08 Jan 2025 16:59:48 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.luulu.org/player/jw8/jwplayer.core.controls.js
200 OK 89 kB URL GET HTTP/3 cdn.luulu.org/player/jw8/jwplayer.core.controls.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectluulu.org
Fingerprint69:29:E4:3C:6C:E5:A8:F1:F8:5E:9C:86:0E:28:55:63:A6:38:47:1F
ValiditySun, 05 Nov 2023 22:40:49 GMT - Sat, 03 Feb 2024 22:40:48 GMT
File type ASCII text, with very long lines (65143)
Hash a8889c5f9e2492b9c3d6f73b5bad08fe
6b942336401bc4ecd598f91fcaa7db96c889e6b4
43502aabf4a1ce166cb2a84a177579663aa32e1ea7db8666bc67534a53a0f368
GET /player/jw8/jwplayer.core.controls.js HTTP/1.1
Host: cdn.luulu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:20:44 GMT
etag: W/"5167f-60b3c274227f4"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 677372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btZmz%2B1tzudQAmBPJVxgszo5GAyEFw9NlZk7Wch1qiv7PfccgDjMPIp1p3ARw3YKoVR1GwI7ib2A%2BOSc%2BDcGNYjhVYe7A6c4yd1asFyePFWtD0Qs5COJWB5BHh5EN10h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d8bcc856b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
achcdn.com/script/suv5.js
200 OK 32 kB URL GET HTTP/3 achcdn.com/script/suv5.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectachcdn.com
Fingerprint52:9D:4F:AD:60:0D:A1:64:0A:07:87:97:4E:F6:92:D9:02:CF:2A:D6
ValidityTue, 24 Oct 2023 11:00:13 GMT - Mon, 22 Jan 2024 11:00:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65442)
Hash fe85f0affad429f5413cd601a475b728
88b8cee8368b6b943d1ddd5be8b9c441f63ef580
25ab5707f8caa81d4c8ef4d9373254d130c294ed2ee997c807e068b149fdb4e8
GET /script/suv5.js HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPqKBLONKdrBkK4F8y2PssmhDaox_gw28dv4bvoN3T4X9gAOgxxL9sUBvEYLYiDGhcsTNzYrlgNJj_OdU_l7iHf6lw
x-goog-generation: 1701698677261682
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97361
x-goog-hash: crc32c=4eu5MA==, md5=/oXwr/rUKfVBPNYBpHW3KA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 06 Dec 2023 17:38:37 GMT
cache-control: public, max-age=14400
age: 522
last-modified: Mon, 04 Dec 2023 14:04:37 GMT
etag: W/"fe85f0affad429f5413cd601a475b728"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=refYxrzwMHOFJtIbOY4yQl%2B4KThdUFewHDSFbSdHPWhH8VkTUUL%2BFHBk7GTsiVejjIt7d9rZLxTLE4%2BB2wud8F3U6N2kX0Sw7im5amoUyGUyPScu%2BVj7muSQ9KdC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614da4f0eb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/srt/empty.srt
200 OK 42 B URL GET HTTP/3 luluvdo.com/srt/empty.srt
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with CRLF line terminators
Hash 7f8501e8cf0fd2262e1ec59fa6653797
5ea9200f583b21ec2008fc44447b2a15ab31f246
f3adadb235f7ecab4a68f4d0961640c155c0d2057d28fe24e19d36b04904ddc6
GET /srt/empty.srt HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/vtt; charset=utf-8
content-length: 42
last-modified: Fri, 08 Jul 2016 15:03:06 GMT
etag: "2a-537211991fe80"
accept-ranges: bytes
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEvrecv91kZELLj8aAn%2FrkHSTWMzl3kpt29M5vkc83yW5IsWGq%2BvR0gTOy%2BQhY0%2Fg4eqF9ii9EQBrI9BrswwBckpHIgHyY%2FwlLS1zH7Z4S5O9GSAduhGv%2FzwKNL05A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614dbc87fb4f9-OSL
alt-svc: h3=":443"; ma=86400
almstda.tv/tag.min.js
200 OK 26 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectalmstda.tv
Fingerprint88:BB:5E:54:95:58:44:3D:8A:15:8E:A1:FD:19:36:CE:89:FC:D1:6A
ValidityMon, 09 Oct 2023 05:44:08 GMT - Sun, 07 Jan 2024 05:44:07 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0677fef3df853b167f8b069996781c03
6f4fc1ffdde4c943dd8de8a4dd30f6160a4c0c75
e855a4ca09d9d67308866602853ff4a479b167c9012062b3b89f65edaa7d18e6
GET /tag.min.js HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 25672
content-encoding: br
x-trace-id: 965cb3c9b751057a6e2a861b8b10e963
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 06 Dec 2023 16:57:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn1006.tnmr.org/i/01/00031/658e6avdw962_xt.jpg
200 OK 121 kB URL GET HTTP/1.1 cdn1006.tnmr.org/i/01/00031/658e6avdw962_xt.jpg
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectcdn1006.tnmr.org
FingerprintDC:59:3A:02:95:6F:DE:49:0F:8A:43:92:43:09:14:E3:B2:7E:A8:AC
ValidityWed, 18 Oct 2023 11:20:40 GMT - Tue, 16 Jan 2024 11:20:39 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 1000x504, components 3\012- data
Size 121 kB (121238 bytes)
Hash 64688a254e7597ecf91c4b0c6530f072
edeca2126b3c611c63f27cf8a8dd5fd02a03a4cc
af73b9f91e2179479851d52757ae43b9247e5d70a3fe8ad5642dd54e78a30388
GET /i/01/00031/658e6avdw962_xt.jpg HTTP/1.1
Host: cdn1006.tnmr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:59:48 GMT
Content-Type: image/jpeg
Content-Length: 121238
Last-Modified: Thu, 28 Sep 2023 02:01:44 GMT
Connection: keep-alive
ETag: "6514de88-1d996"
Expires: Wed, 13 Dec 2023 16:59:48 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/master.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
200 OK 326 B URL GET HTTP/1.1 cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/master.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectcdn1006.tnmr.org
FingerprintDC:59:3A:02:95:6F:DE:49:0F:8A:43:92:43:09:14:E3:B2:7E:A8:AC
ValidityWed, 18 Oct 2023 11:20:40 GMT - Tue, 16 Jan 2024 11:20:39 GMT
Hash e85162b764db2b4ea442f17817614ad3
cb8393e72bdd7dedcc9b784c8a01b9944773cb8e
09c1eddd9d860dce97cf3c8ae60d3faf6c1b8c541a184b4f0f14dc360bb59608
GET /hls2/01/00031/658e6avdw962_h/master.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0 HTTP/1.1
Host: cdn1006.tnmr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:59:48 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Wed, 06 Dec 2023 16:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 15 Mar 2024 16:59:48 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Content-Encoding: gzip
pubtrky.com/ut/hb.php?cb=0.32424691281933915&v=1
204 No Content 0 B URL POST HTTP/2 pubtrky.com/ut/hb.php?cb=0.32424691281933915&v=1
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectpubtrky.com
FingerprintA5:A1:14:4B:51:48:70:73:A4:B5:3C:89:63:1B:21:45:6C:F5:96:8E
ValidityTue, 21 Nov 2023 10:09:43 GMT - Mon, 19 Feb 2024 10:09:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.32424691281933915&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 774
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 06 Dec 2023 16:59:48 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtxCPUHYGyvhKyHr3KFQ3FBIc30IbssIU0oAPjUZikMLLukjjXIQIqKIP4P04GK2sWGOX2kudkPHmYZ0ScQgk9S06v402sMRTrYrQuw2kpg5USYsWeeysIjHbCjs8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614de1bbab50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
904f5ddbe2.78387c2566.com/f636c08ea8130135852300a91da714c3/118549?version_name=d
200 OK 1.1 kB URL GET HTTP/2 904f5ddbe2.78387c2566.com/f636c08ea8130135852300a91da714c3/118549?version_name=d
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject904f5ddbe2.78387c2566.com
Fingerprint10:4B:63:61:7B:F8:5C:C8:5D:5D:10:3E:CB:3C:73:08:2A:A8:1B:40
ValiditySun, 03 Dec 2023 02:20:23 GMT - Sat, 02 Mar 2024 02:20:22 GMT
File type JSON data\012- , ASCII text, with very long lines (1149), with no line terminators
Hash 1b85a02d44817db23f5bd505b97271a7
b64173bbbee35c5d410bdaa836cf919d82d7ac8f
ef982fba5659269c5f25d3646784b7813ac37bcbf35b0813e641fbcd8a81b09c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f636c08ea8130135852300a91da714c3/118549?version_name=d HTTP/1.1
Host: 904f5ddbe2.78387c2566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: application/json
content-length: 1149
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 06 Dec 2023 17:04:49 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/index-v1-a1.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
200 OK 672 B URL GET HTTP/1.1 cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/index-v1-a1.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectcdn1006.tnmr.org
FingerprintDC:59:3A:02:95:6F:DE:49:0F:8A:43:92:43:09:14:E3:B2:7E:A8:AC
ValidityWed, 18 Oct 2023 11:20:40 GMT - Tue, 16 Jan 2024 11:20:39 GMT
Hash 76afbf75b3158169d7dd6779c06acb9b
ce6f75be20829524d4406d2c607aa9ddddc84d2b
b15c3d7701552f73942b6b10d57c454a49e29675585ba69a3dc4a02b2d7846c0
GET /hls2/01/00031/658e6avdw962_h/index-v1-a1.m3u8?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0 HTTP/1.1
Host: cdn1006.tnmr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:59:49 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Wed, 06 Dec 2023 16:59:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 15 Mar 2024 16:59:49 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Content-Encoding: gzip
luluvdo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 503 B URL GET HTTP/3 luluvdo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
Hash 0bbf27d0b1fe0aed5a665c82406c5385
9b496e2fc980f285d3b5c93ac96ee859b10e471e
0ca11bc4095858e809f38815ff3e18a503b84a8538a3c2176631e3e8d9378272
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 06 Dec 2023 16:59:48 GMT
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfkyJZFiep0FNATndS2%2F6VpdtHiMM9%2BZFj5EMDc6uluguKRO2KEoXT2cCePoChsAbGIQqVSRqc0vuPPaqeVkdi%2FW%2FDsUJR8K0c0FNVmmnF9ygdvR46EWQ9djJYzkZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614dd7b7ab4f9-OSL
alt-svc: h3=":443"; ma=86400
js.capndr.com/advertising.js
200 OK 0 B URL GET HTTP/2 js.capndr.com/advertising.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintD9:9C:A9:BD:64:40:4E:C3:80:FB:C1:63:4D:D6:8F:A9:F7:83:AC:F4
ValidityTue, 24 Oct 2023 01:02:38 GMT - Mon, 22 Jan 2024 01:02:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 06 Dec 2023 17:04:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://luluvdo.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e1ff8b56af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
28 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 06 Jan 2024 16:59:49 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 523067
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e1ee3656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
4.adsco.re/
200 OK 62 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 16:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://luluvdo.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
c.adsco.re/
27 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 06 Jan 2024 16:59:49 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 523067
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e0e9840b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e3289e56c4-OSL
alt-svc: h3=":443"; ma=86400
c.adsco.re/
28 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 06 Jan 2024 16:59:49 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 523067
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e3087c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
4.adsco.re/
200 OK 62 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 16:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/seg-1-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
200 OK 647 kB URL GET HTTP/1.1 cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/seg-1-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectcdn1006.tnmr.org
FingerprintDC:59:3A:02:95:6F:DE:49:0F:8A:43:92:43:09:14:E3:B2:7E:A8:AC
ValidityWed, 18 Oct 2023 11:20:40 GMT - Tue, 16 Jan 2024 11:20:39 GMT
File type MPEG transport stream data\012- data
Size 647 kB (647096 bytes)
Hash 7787d69ac0b28375c7226b0cc2b5a329
d226d2c60aa90e77384c952ba5181486de39cc62
2f28ba2b37ae680dd760dde83556eaed2c5ac5253d6452d2a22050af1dc6b709
GET /hls2/01/00031/658e6avdw962_h/seg-1-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0 HTTP/1.1
Host: cdn1006.tnmr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:59:49 GMT
Content-Type: video/MP2T
Content-Length: 647096
Connection: keep-alive
Expires: Fri, 15 Mar 2024 16:59:49 GMT
ETag: "5f693e80-9dfb8"
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
youradexchange.com/script/suurl5.php?r=7470438&cbur=0.9065177950254591&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=376048_3xplanet_COSVR-028_A_clip2.mp4%20-%20LuluStream&cbpage=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&ts=1701881994793&srs=24e14aa3f398de441d3b8d4d55be3a83&atv=38.4-sw-suv5&sub1=delusion910358
200 OK 847 B URL GET HTTP/2 youradexchange.com/script/suurl5.php?r=7470438&cbur=0.9065177950254591&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=376048_3xplanet_COSVR-028_A_clip2.mp4%20-%20LuluStream&cbpage=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&ts=1701881994793&srs=24e14aa3f398de441d3b8d4d55be3a83&atv=38.4-sw-suv5&sub1=delusion910358
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectyouradexchange.com
FingerprintFD:52:FD:E8:62:0A:DE:66:86:28:19:39:64:21:57:5C:CB:8A:59:D9
ValidityTue, 17 Oct 2023 07:21:58 GMT - Mon, 15 Jan 2024 07:21:57 GMT
File type JSON data\012- , ASCII text, with very long lines (1062)
Hash e6591c2fe9a40336907bfe7f2db5d533
cc1b6541bb12272eac60567e65839ada5491a8cb
fdd92953d20b04338c75ad09396ad00afeff18a00a726b566de4687e6d14451b
GET /script/suurl5.php?r=7470438&cbur=0.9065177950254591&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=376048_3xplanet_COSVR-028_A_clip2.mp4%20-%20LuluStream&cbpage=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&ts=1701881994793&srs=24e14aa3f398de441d3b8d4d55be3a83&atv=38.4-sw-suv5&sub1=delusion910358 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdo.com/
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSdacZbjj16vqldrlHonLzP1Kbr5zesgsXnwHTG%2FcUsd3dlktJ2%2FMeVZRPJYpMJPsXSLsqPJlXni0%2BW6%2FBiYbucVb3HCcKKefQlPKTYVEQ1b%2BA5IFncM2IbtNK7RPTdLAZ5C4is%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614de7dbe5317-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=850c204af1be46bb826132c95d2381f2
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=850c204af1be46bb826132c95d2381f2
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 2d746c4c8fcee8cf9e6734e7dd6fe051
a7798206fa25c3b01a9cd1be73c362137fd7e042
de94926d8a617968a46dfd25a755baa87b566ae732116764fbec6d9a0486c090
GET /gid.js?userId=850c204af1be46bb826132c95d2381f2 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://luluvdo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=850c204af1be46bb826132c95d2381f2; expires=Thu, 05 Dec 2024 16:59:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL POST HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subjectfleraprt.com
FingerprintA4:AF:A0:00:99:C9:85:E5:30:F6:F3:F2:B5:4F:AE:4F:D0:46:74:A9
ValidityMon, 09 Jan 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1362
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 06 Dec 2023 17:00:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://luluvdo.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ossmightyenar.net/500/6047829?excludes=&oaid=850c204af1be46bb826132c95d2381f2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=7&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
200 OK 0 B URL OPTIONS HTTP/2 ossmightyenar.net/500/6047829?excludes=&oaid=850c204af1be46bb826132c95d2381f2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=7&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectossmightyenar.net
Fingerprint0E:D3:09:79:9C:DD:16:39:20:44:A5:13:2B:E0:03:A4:E6:4A:A9:CA
ValidityWed, 29 Nov 2023 05:17:05 GMT - Tue, 27 Feb 2024 05:17:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/6047829?excludes=&oaid=850c204af1be46bb826132c95d2381f2&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=7&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: ossmightyenar.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://luluvdo.com/
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://luluvdo.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
adsco.re/p
200 OK 848 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (1063), with no line terminators
Hash 69591ef8d87136e50f27e7e26b18cdbe
f66a29eb6a8d9e441ff479cfdc13166d9658c442
cff38e03147c00e661d30275d29b841da37c5010d1ba816ad29fab42de0d45e2
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2141
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 06 Dec 2023 16:59:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Critical-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Access-Control-Allow-Origin: https://luluvdo.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
fp.metricswpsh.com/fp?tag_id=118549
204 No Content 0 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=118549
IP
ASN #24940 Hetzner Online GmbH
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=118549 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://luluvdo.com/
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 06 Dec 2023 16:59:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://luluvdo.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
96c3525379.1b8873d66e.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MDA3MjYxMjk1OTQyNjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOTUuMCIsInRhZ19pZCI6MTE4NTQ5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiMzc2MDQ4XzN4cGxhbmV0X0NPU1ZSLTAyOF9BX2NsaXAyLm1wNCUyQ0x1bHVTdHJlYW0ifQ==
200 OK 0 B URL GET HTTP/2 96c3525379.1b8873d66e.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MDA3MjYxMjk1OTQyNjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOTUuMCIsInRhZ19pZCI6MTE4NTQ5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiMzc2MDQ4XzN4cGxhbmV0X0NPU1ZSLTAyOF9BX2NsaXAyLm1wNCUyQ0x1bHVTdHJlYW0ifQ==
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject96c3525379.1b8873d66e.com
Fingerprint57:F5:B0:D4:0C:F7:40:68:BA:8F:8B:4F:36:07:1B:56:DF:A6:2C:9A
ValiditySun, 03 Dec 2023 02:50:23 GMT - Sat, 02 Mar 2024 02:50:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MDA3MjYxMjk1OTQyNjM4MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOTUuMCIsInRhZ19pZCI6MTE4NTQ5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiMzc2MDQ4XzN4cGxhbmV0X0NPU1ZSLTAyOF9BX2NsaXAyLm1wNCUyQ0x1bHVTdHJlYW0ifQ== HTTP/1.1
Host: 96c3525379.1b8873d66e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:50 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
200 OK 60 kB URL GET HTTP/2 offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash ae3860cff8da21042245e4d26341aec8
d269ef2eb3b874b206683eaa192557cc912d1d9b
5312d856f309d28367406622b04cea5458e7853572fdf5e9ba79be6c03f8b0c6
GET /www/images/ae3860cff8da21042245e4d26341aec8.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: image/png
content-length: 60492
last-modified: Wed, 06 Dec 2023 13:53:30 GMT
etag: "65707cda-ec4c"
expires: Thu, 07 Dec 2023 13:57:58 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 10912
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e8dca35efb-ARN
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=118549
204 No Content 58 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=118549
IP
ASN #24940 Hetzner Online GmbH
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
File type JSON data\012- , ASCII text
Hash 49cb75c0da6be8cc97daea0ae2498649
1dd230c3f22a2308b9c091fe1e952b5e8d44bc88
3f61f6927c8c29196e623750a164dcd6895cc2dc3a592ccc5d755b3d4d407841
POST /fp?tag_id=118549 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1773
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 06 Dec 2023 16:59:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://luluvdo.com
Set-Cookie: id=9443110526450160484; Expires=Thu, 05 Dec 2024 16:59:50 GMT; Secure; SameSite=None
Vary: Origin
idwulufqm2k5.s4.adsco.re/
200 OK 0 B URL POST HTTP/2 idwulufqm2k5.s4.adsco.re/
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject*.s4.adsco.re
Fingerprint64:CA:F8:23:A5:E5:7F:B7:B7:9E:AD:14:92:A0:E1:5C:12:BB:22:C1
ValidityTue, 03 Oct 2023 12:32:24 GMT - Mon, 01 Jan 2024 12:32:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: idwulufqm2k5.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/seg-2-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
200 OK 674 kB URL GET HTTP/1.1 cdn1006.tnmr.org/hls2/01/00031/658e6avdw962_h/seg-2-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectcdn1006.tnmr.org
FingerprintDC:59:3A:02:95:6F:DE:49:0F:8A:43:92:43:09:14:E3:B2:7E:A8:AC
ValidityWed, 18 Oct 2023 11:20:40 GMT - Tue, 16 Jan 2024 11:20:39 GMT
File type MPEG transport stream data\012- TeX font metric data (\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377)\012- data
Size 674 kB (674168 bytes)
Hash 7f96744088a781acca07cb35417f12fe
effbd3eeaf3f9087e70d1d800c2830ad745f8fff
ab9fd2a5dc755d28707dbff75f28af302da62bb454f1045e70b6d2076ff4a99c
GET /hls2/01/00031/658e6avdw962_h/seg-2-v1-a1.ts?t=gJCqn-yrvu3QoXH6BsAEs6sotYuqRRB3ZLV0N4kVeRA&s=1701881987&e=43200&f=158713&i=0.3&sp=0 HTTP/1.1
Host: cdn1006.tnmr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 06 Dec 2023 16:59:50 GMT
Content-Type: video/MP2T
Content-Length: 674168
Connection: keep-alive
Expires: Fri, 15 Mar 2024 16:59:50 GMT
ETag: "5f693e80-a4978"
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Cache-Control: max-age=8640000, public, no-transform
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Vt4Cf8KBopXcZcHyGtqAUe4-ooyw9A:5gCSuH5cFL0uzHPv; Expires=Fri, 05-Dec-2025 16:59:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 16:59:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3QR0in3NzBTPrsAG5Iz8wB8QRrbxDWxL0yNUZEmJyn7q5wNnrlpni4UnQxVCxWEv1R8ygI
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-iuprDkeoHHF0x-JuJbJzUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
xadsmart.com/xgpaqnseqtgqgtqpvkw?BWxvZazN=BQMSAAAAAAAACZUAAprlTXvyyz7nIePMo06gUVr_s4PUF1eDS6HMcoCEfnP9rFC9SEuZTUo5FTU-TpG4MsBg59qbrAUpf4OWSC2FBj7scnvS63v36kWSw8rUSM8YUYkCvAQrY-fZ45E3yqCkfrXedbqUKL7DFjkLbNPSbgZCZ3iGusEBzTJvWHPwQ06vT4R6HBfYoauYb27MP0v4OuvLheqnxwZBRcDFPB-OxaKD1bSi2TInoK8qG6QK77_auK0V69l8b6yxSwh28nDCJ6MFL7kjJdoT34CkbV8hHTvCrCrvdbBHPtbQXthYRG6elOGarDqHxxY1gEt_ryBTRakpVvjUuX9rGAc-gG-UsN_M4GsfctL8CKF5sjZwxVSUqdTSroQrWpLKFbtQ2KH2xHG9ou9AbS8UhgtFClAU7S-cwj4DrucoYK9A79Amlmk8Z1IBaUOsNyl7LoCvRvhaNmWSEwYhZkthGxnqTJTVJp7iohkY0ZYhYQNn3URxlTLhU9WbtF73H59Gzxzt1VaDPJfZKzHyy_oKQf31Bf0xuVcHuYm034NBgMT5LZChYM0eKY6krURxgSv_1icfhQ6qGFs5UfhNyW9dOFT3FFJCvo6VIhBQLsKKk7Ua0XwMILkB2hzNCwZ2aLZpF0epWgFXLkXTJVVxPaKQ-xbLconaMLZaI3G8eI-8M8nI90LMXuXJgaKUp9HEXbC1rli4Bb546ZL7Fq7z432YScjTQxXC56iSTSBoIGLFyhEO74fzZDqHUmfAW0krlyXSMohe8xSQZbyRx2F3Mg79D9z2XuV-WGlZQPHqAPrn4A2YKrQniwL1_dr_6G-6MWVkaGGn0HNR9VZMTRLV2sUD6M1JmFGW-SF0zr-gzuvrDGE_sTcvJgLjzD2CnUXDN2FIl1bDJqZbd5pQ5JU9Lz8D_YK3BegU3xOcFHjmvKp5iNQuYNOsHrOxEC8h7tImrx0_ksFQ_Q7iClyCDNpeQArbnVu-lWZVWmrcceZMM1-AM7o1kyhUz1KkJWuNuuk-wfXzyc2RAQ6ErOlL3jWx6E8GSZvbSqfAcvY&fMmjPtde=4&FuaehWCT=4998988&fzrdOGvm=&aNgIyObj=0:1,0&dmYCUlbF=&RSVPiMml=&SZNYGVxQ=1280,1024,1,1280,1024,0
200 OK 44 B URL GET HTTP/2 xadsmart.com/xgpaqnseqtgqgtqpvkw?BWxvZazN=BQMSAAAAAAAACZUAAprlTXvyyz7nIePMo06gUVr_s4PUF1eDS6HMcoCEfnP9rFC9SEuZTUo5FTU-TpG4MsBg59qbrAUpf4OWSC2FBj7scnvS63v36kWSw8rUSM8YUYkCvAQrY-fZ45E3yqCkfrXedbqUKL7DFjkLbNPSbgZCZ3iGusEBzTJvWHPwQ06vT4R6HBfYoauYb27MP0v4OuvLheqnxwZBRcDFPB-OxaKD1bSi2TInoK8qG6QK77_auK0V69l8b6yxSwh28nDCJ6MFL7kjJdoT34CkbV8hHTvCrCrvdbBHPtbQXthYRG6elOGarDqHxxY1gEt_ryBTRakpVvjUuX9rGAc-gG-UsN_M4GsfctL8CKF5sjZwxVSUqdTSroQrWpLKFbtQ2KH2xHG9ou9AbS8UhgtFClAU7S-cwj4DrucoYK9A79Amlmk8Z1IBaUOsNyl7LoCvRvhaNmWSEwYhZkthGxnqTJTVJp7iohkY0ZYhYQNn3URxlTLhU9WbtF73H59Gzxzt1VaDPJfZKzHyy_oKQf31Bf0xuVcHuYm034NBgMT5LZChYM0eKY6krURxgSv_1icfhQ6qGFs5UfhNyW9dOFT3FFJCvo6VIhBQLsKKk7Ua0XwMILkB2hzNCwZ2aLZpF0epWgFXLkXTJVVxPaKQ-xbLconaMLZaI3G8eI-8M8nI90LMXuXJgaKUp9HEXbC1rli4Bb546ZL7Fq7z432YScjTQxXC56iSTSBoIGLFyhEO74fzZDqHUmfAW0krlyXSMohe8xSQZbyRx2F3Mg79D9z2XuV-WGlZQPHqAPrn4A2YKrQniwL1_dr_6G-6MWVkaGGn0HNR9VZMTRLV2sUD6M1JmFGW-SF0zr-gzuvrDGE_sTcvJgLjzD2CnUXDN2FIl1bDJqZbd5pQ5JU9Lz8D_YK3BegU3xOcFHjmvKp5iNQuYNOsHrOxEC8h7tImrx0_ksFQ_Q7iClyCDNpeQArbnVu-lWZVWmrcceZMM1-AM7o1kyhUz1KkJWuNuuk-wfXzyc2RAQ6ErOlL3jWx6E8GSZvbSqfAcvY&fMmjPtde=4&FuaehWCT=4998988&fzrdOGvm=&aNgIyObj=0:1,0&dmYCUlbF=&RSVPiMml=&SZNYGVxQ=1280,1024,1,1280,1024,0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subjectxadsmart.com
FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58
ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /xgpaqnseqtgqgtqpvkw?BWxvZazN=BQMSAAAAAAAACZUAAprlTXvyyz7nIePMo06gUVr_s4PUF1eDS6HMcoCEfnP9rFC9SEuZTUo5FTU-TpG4MsBg59qbrAUpf4OWSC2FBj7scnvS63v36kWSw8rUSM8YUYkCvAQrY-fZ45E3yqCkfrXedbqUKL7DFjkLbNPSbgZCZ3iGusEBzTJvWHPwQ06vT4R6HBfYoauYb27MP0v4OuvLheqnxwZBRcDFPB-OxaKD1bSi2TInoK8qG6QK77_auK0V69l8b6yxSwh28nDCJ6MFL7kjJdoT34CkbV8hHTvCrCrvdbBHPtbQXthYRG6elOGarDqHxxY1gEt_ryBTRakpVvjUuX9rGAc-gG-UsN_M4GsfctL8CKF5sjZwxVSUqdTSroQrWpLKFbtQ2KH2xHG9ou9AbS8UhgtFClAU7S-cwj4DrucoYK9A79Amlmk8Z1IBaUOsNyl7LoCvRvhaNmWSEwYhZkthGxnqTJTVJp7iohkY0ZYhYQNn3URxlTLhU9WbtF73H59Gzxzt1VaDPJfZKzHyy_oKQf31Bf0xuVcHuYm034NBgMT5LZChYM0eKY6krURxgSv_1icfhQ6qGFs5UfhNyW9dOFT3FFJCvo6VIhBQLsKKk7Ua0XwMILkB2hzNCwZ2aLZpF0epWgFXLkXTJVVxPaKQ-xbLconaMLZaI3G8eI-8M8nI90LMXuXJgaKUp9HEXbC1rli4Bb546ZL7Fq7z432YScjTQxXC56iSTSBoIGLFyhEO74fzZDqHUmfAW0krlyXSMohe8xSQZbyRx2F3Mg79D9z2XuV-WGlZQPHqAPrn4A2YKrQniwL1_dr_6G-6MWVkaGGn0HNR9VZMTRLV2sUD6M1JmFGW-SF0zr-gzuvrDGE_sTcvJgLjzD2CnUXDN2FIl1bDJqZbd5pQ5JU9Lz8D_YK3BegU3xOcFHjmvKp5iNQuYNOsHrOxEC8h7tImrx0_ksFQ_Q7iClyCDNpeQArbnVu-lWZVWmrcceZMM1-AM7o1kyhUz1KkJWuNuuk-wfXzyc2RAQ6ErOlL3jWx6E8GSZvbSqfAcvY&fMmjPtde=4&FuaehWCT=4998988&fzrdOGvm=&aNgIyObj=0:1,0&dmYCUlbF=&RSVPiMml=&SZNYGVxQ=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Wed, 06 Dec 2023 16:59:51 GMT
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3QR0in3NzBTPrsAG5Iz8wB8QRrbxDWxL0yNUZEmJyn7q5wNnrlpni4UnQxVCxWEv1R8ygI
302 Found 404 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3QR0in3NzBTPrsAG5Iz8wB8QRrbxDWxL0yNUZEmJyn7q5wNnrlpni4UnQxVCxWEv1R8ygI
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395)
Hash ba23b4c92a7afadf1634c7b87ba689d0
2fd3fca961e04da411418cbf2daa7e5badbd84cb
c5cc89a0956bfba635e8ecc8aa4cf4548bdc7e6c86a9a9e8c0036e5fdc355290
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3QR0in3NzBTPrsAG5Iz8wB8QRrbxDWxL0yNUZEmJyn7q5wNnrlpni4UnQxVCxWEv1R8ygI HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:VCpwP1YTM_3S-LZQ_JIXMbWaZxvgDA:4CLNeN_cxzHh2n0I;Path=/;Expires=Fri, 05-Dec-2025 16:59:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 16:59:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0Ylny_USVl5ymiIY85GuQPcQWuhFHwvCIy_qLaUNCOnlNs5uxtMbFClSkHGDGVawHduJ_T&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-854627212%3A1701881991203728&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-JNvPmoHseuapJEoWYjlbAg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0Ylny_USVl5ymiIY85GuQPcQWuhFHwvCIy_qLaUNCOnlNs5uxtMbFClSkHGDGVawHduJ_T&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-854627212%3A1701881991203728&theme=glif
403 Forbidden 4.8 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0Ylny_USVl5ymiIY85GuQPcQWuhFHwvCIy_qLaUNCOnlNs5uxtMbFClSkHGDGVawHduJ_T&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-854627212%3A1701881991203728&theme=glif
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:3A:D9:47:14:B0:78:30:A1:BF:B4:45:F6:F5:81:AD:0A:C7:76:89
ValidityMon, 20 Nov 2023 08:02:55 GMT - Mon, 12 Feb 2024 08:02:54 GMT
File type gzip compressed data, max compression\012- data
Hash c1486a7ab86d6cbf9adb577eb31feb89
2df3fb3f87fd8f773adf72b6879edd82bd593471
c5d671c48258b4a79d9d20880949f37d9f9e3104e46e80880e2dd6d023ec322e
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0Ylny_USVl5ymiIY85GuQPcQWuhFHwvCIy_qLaUNCOnlNs5uxtMbFClSkHGDGVawHduJ_T&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-854627212%3A1701881991203728&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Dec 2023 16:59:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-omyuS4yGfdQwxZAr1kZalQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
almstda.tv/?rb=3_rtcJHEv0zAnefWGCWr1b8MkFiCaUT4bxV1oM2bckSOMNEfC3HRFGjhGruj3oWtVZqmox2o4ut9n7-KxHoCfv2uura1gENzOog2bbWXVjZ2ZPVQ87ZQN9oTO4Z-xp9vSdRj08PW-KxGojLVG5nKUPqlsGNUSq30hvc-bfVvdAoZBn2nlAqp7POpwNVo1OcFOSnzVVOx8bbDOu3krVIiNajeKQbixkcN6isu2g%3D%3D&request_ab2=0&zoneid=6042705&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=942&wiw=1280&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=b2e9b8e6-d1bf-4a7d-a09c-1b58ea93a12a&userId=850c204af1be46bb826132c95d2381f2&m=link
200 OK 1.8 kB URL GET HTTP/2 almstda.tv/?rb=3_rtcJHEv0zAnefWGCWr1b8MkFiCaUT4bxV1oM2bckSOMNEfC3HRFGjhGruj3oWtVZqmox2o4ut9n7-KxHoCfv2uura1gENzOog2bbWXVjZ2ZPVQ87ZQN9oTO4Z-xp9vSdRj08PW-KxGojLVG5nKUPqlsGNUSq30hvc-bfVvdAoZBn2nlAqp7POpwNVo1OcFOSnzVVOx8bbDOu3krVIiNajeKQbixkcN6isu2g%3D%3D&request_ab2=0&zoneid=6042705&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=942&wiw=1280&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=b2e9b8e6-d1bf-4a7d-a09c-1b58ea93a12a&userId=850c204af1be46bb826132c95d2381f2&m=link
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectalmstda.tv
Fingerprint88:BB:5E:54:95:58:44:3D:8A:15:8E:A1:FD:19:36:CE:89:FC:D1:6A
ValidityMon, 09 Oct 2023 05:44:08 GMT - Sun, 07 Jan 2024 05:44:07 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 7aab4601540538c49e98fb06567ae286
00bb37768db734c0632c796ebcfa31722adf279b
42565248f9ae853e9b90cde2d92c0cc1cd67146f31887716f6c28bcb2d430a5b
GET /?rb=3_rtcJHEv0zAnefWGCWr1b8MkFiCaUT4bxV1oM2bckSOMNEfC3HRFGjhGruj3oWtVZqmox2o4ut9n7-KxHoCfv2uura1gENzOog2bbWXVjZ2ZPVQ87ZQN9oTO4Z-xp9vSdRj08PW-KxGojLVG5nKUPqlsGNUSq30hvc-bfVvdAoZBn2nlAqp7POpwNVo1OcFOSnzVVOx8bbDOu3krVIiNajeKQbixkcN6isu2g%3D%3D&request_ab2=0&zoneid=6042705&js_build=iclick-v1.641.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=942&wiw=1280&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.641.0&bs=b2e9b8e6-d1bf-4a7d-a09c-1b58ea93a12a&userId=850c204af1be46bb826132c95d2381f2&m=link HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdo.com/
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Cookie: OAID=850c204af1be46bb826132c95d2381f2; oaidts=1701881988
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: application/json
x-trace-id: 38a61a54b576096c8ad01738cad3b1f0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://luluvdo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=850c204af1be46bb826132c95d2381f2; expires=Thu, 05 Dec 2024 16:59:50 GMT; path=/; secure; SameSite=None
oaidts=1701881990; expires=Thu, 05 Dec 2024 16:59:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 13 Dec 2023 16:59:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
200 OK 60 kB URL GET HTTP/2 offerimage.com/www/images/ae3860cff8da21042245e4d26341aec8.png
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDB:4D:42:F8:E2:4C:E3:E4:BB:22:D8:D1:F7:64:B5:9A:10:B6:25:E0
ValiditySun, 07 May 2023 00:00:00 GMT - Mon, 06 May 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash ae3860cff8da21042245e4d26341aec8
d269ef2eb3b874b206683eaa192557cc912d1d9b
5312d856f309d28367406622b04cea5458e7853572fdf5e9ba79be6c03f8b0c6
GET /www/images/ae3860cff8da21042245e4d26341aec8.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:54 GMT
content-type: image/png
content-length: 60492
last-modified: Wed, 06 Dec 2023 13:53:30 GMT
etag: "65707cda-ec4c"
expires: Thu, 07 Dec 2023 13:57:58 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 10916
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 831615008e7f5efb-ARN
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
200 OK 1.3 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 27653a4d15c19e825eb7482aadfe053b
cfebf409306d06ac53ad83c7f073ca9f084cc412
711b946af38572b4e3642cc8828ad0911a9192cad6adf1ed3e278b1041c45a69
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 16:59:54 GMT
date: Wed, 06 Dec 2023 16:59:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:54:00 GMT
expires: Wed, 04 Dec 2024 03:54:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 133554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 561740
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
luluvdo.com/e/658e6avdw962
403 Forbidden 0 B URL HEAD HTTP/3 luluvdo.com/e/658e6avdw962
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/658e6avdw962 HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: file_id=158713; aff=168; lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpz09nL4%2Fioh9Fx%2FqzMddyxcCcozbamP6Q69EUWA1MR8mxeyaG0hX0J7PMglQonCqx8GripH2KEd2c2IuUREaXJTZ%2B4Q%2F3psfkKQshmXusaScfvfUY2VyY2Hfpy83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614db0f74b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/css/main.css
200 OK 39 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with very long lines (38568), with no line terminators
Hash 6ca3420513275986e2e75eae84e94ff3
b914d6aa1ba8838bf779c0dbd40a2c969515e5ab
495335e7a612583096b393d2d8c4c98a96c8a938797631e3ce3f5de497ae7046
GET /css/main.css HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: text/css
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=49243
etag: W/"c05b-5fbfb986a0000"
last-modified: Thu, 18 May 2023 18:01:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiXxiN%2BOHKeLsp7pvVNskZbeZ8ngUqE1HUqDsm2ElZtxrIAuKntIkY833epZPKeskVnz5mzeyOc2HTnKMLexJqIkFNSgA%2BEyXIFF23HDLpmpNWuIcb86N4DMJ9BBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d68908b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.luulu.org/player/jw8/jwplayer.js?v=2
200 OK 121 kB URL GET HTTP/2 cdn.luulu.org/player/jw8/jwplayer.js?v=2
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectluulu.org
Fingerprint69:29:E4:3C:6C:E5:A8:F1:F8:5E:9C:86:0E:28:55:63:A6:38:47:1F
ValiditySun, 05 Nov 2023 22:40:49 GMT - Sat, 03 Feb 2024 22:40:48 GMT
Size 121 kB (120878 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/jwplayer.js?v=2 HTTP/1.1
Host: cdn.luulu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
last-modified: Wed, 07 Jun 2023 23:02:18 GMT
etag: W/"1d82e-5fd9220ac069a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 677434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gkqt2z6J3HfexW%2FcUu5koGbV2%2BIAEE4C3QZ0hRNdR8lmUyIf6xrwZ5DIrqCymyjN%2BQ%2BqxQ27%2BkIpDGNcU7wAVD4caK9NywcDI8%2F1GVPiX%2FuXLQ8ptlvlT8cuy8rhkT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6fd005695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
luluvdo.com/js/jquery.min.js
200 OK 90 kB URL GET HTTP/3 luluvdo.com/js/jquery.min.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /js/jquery.min.js HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
last-modified: Wed, 03 Mar 2021 00:27:20 GMT
etag: W/"15d9d-5bc96e9f7ca00"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJolZzpuvWVnHJ7k7NapNP4%2FHIZiZrB5x%2FefrFKiNtfsOElyxieen4fUTHxwEesCw7TFLYS4VSds%2FJ8rPPbrGRckZQhw%2BaBMgepvhDf4dRwS7GN6d2PsDS5XaTBI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6890ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gmxvmvptfm.com/get/2003355?zoneid=2003355&var=delusion910358&jp=_clku3pzrcp9kj4lo91ghv&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1
200 OK 3.1 kB URL GET HTTP/2 gmxvmvptfm.com/get/2003355?zoneid=2003355&var=delusion910358&jp=_clku3pzrcp9kj4lo91ghv&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint14:D3:45:CB:D6:04:24:B4:40:49:4E:38:1B:23:CD:D2:47:9A:0D:FD
ValiditySun, 29 Oct 2023 21:18:37 GMT - Thu, 25 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (3472), with no line terminators
Hash 932e080e2746bfa732eeac735482fcee
f37544834963c19bc3f693eef90d964da87b4e05
2992e640383665e13447e96b2f67f5935170a4984084f15a52867eb28f9feb8c
GET /get/2003355?zoneid=2003355&var=delusion910358&jp=_clku3pzrcp9kj4lo91ghv&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1 HTTP/1.1
Host: gmxvmvptfm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 08 Jan 2025 16:59:48 GMT; Secure; SameSite=None
UID=231206115990490aeb75e844d7a5393d056c; Path=/; Expires=Wed, 08 Jan 2025 16:59:48 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
904f5ddbe2.78387c2566.com/e66126eb992a35bbae7ca85ea8ce83fc.js
200 OK 104 kB URL GET HTTP/2 904f5ddbe2.78387c2566.com/e66126eb992a35bbae7ca85ea8ce83fc.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject904f5ddbe2.78387c2566.com
Fingerprint10:4B:63:61:7B:F8:5C:C8:5D:5D:10:3E:CB:3C:73:08:2A:A8:1B:40
ValiditySun, 03 Dec 2023 02:20:23 GMT - Sat, 02 Mar 2024 02:20:22 GMT
Size 104 kB (104096 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /e66126eb992a35bbae7ca85ea8ce83fc.js HTTP/1.1
Host: 904f5ddbe2.78387c2566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 06 Dec 2023 08:14:23 GMT
etag: W/"65702d5f-196a0"
content-encoding: gzip
expires: Wed, 06 Dec 2023 17:04:48 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ossmightyenar.net/400/6047829
200 OK 89 kB URL GET HTTP/2 ossmightyenar.net/400/6047829
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectossmightyenar.net
Fingerprint0E:D3:09:79:9C:DD:16:39:20:44:A5:13:2B:E0:03:A4:E6:4A:A9:CA
ValidityWed, 29 Nov 2023 05:17:05 GMT - Tue, 27 Feb 2024 05:17:04 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 069ee23a57127e460ac98bc25ecfa29d
6414da0e41edb4ce73e6ef892a1c5a89f4a5e9a6
ccf05385884b3dc66a520bc6e1afed49394e4606c3e3ddcdbb3e53f2191edd3d
GET /400/6047829 HTTP/1.1
Host: ossmightyenar.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/javascript
x-trace-id: 25ddec60d19525127ce6fb64506e08fd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
set-cookie: OAID=dc8390b171ab4402bb517a525496bcbc; expires=Thu, 05 Dec 2024 16:59:48 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
luluvdo.com/e/658e6avdw962
403 Forbidden 0 B URL HEAD HTTP/3 luluvdo.com/e/658e6avdw962
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/658e6avdw962 HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: file_id=158713; aff=168; lang=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqYJmsn7s14%2F7uDh8ZUBOI7Vvan76c69j2nqEylO6Lu34hRyArWiZyH0poQO74EpJi0lV1VCo5NClqiD7AjZG%2Fx4bX%2FcP8Lu%2BAi4aWxWf7wpUkQwhUlFN4i1T1rpLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614da2e41b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
almstda.tv/5/6042705/?oo=1&aab=1
200 OK 2.8 kB URL GET HTTP/2 almstda.tv/5/6042705/?oo=1&aab=1
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectalmstda.tv
Fingerprint88:BB:5E:54:95:58:44:3D:8A:15:8E:A1:FD:19:36:CE:89:FC:D1:6A
ValidityMon, 09 Oct 2023 05:44:08 GMT - Sun, 07 Jan 2024 05:44:07 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3021), with no line terminators
Hash bf18421ab2c612dd1ea05a3e820b22f7
c9b2b6e3b32a1aff64f84c91ef50d40c903a2d95
3ba083e5a6bb0077f745c8cde64066e2f5493c1f4ddb5ff3d3e159be750fc245
GET /5/6042705/?oo=1&aab=1 HTTP/1.1
Host: almstda.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/json
x-trace-id: 1154cb0b3ca97f1bcbdc970a9942a682
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://luluvdo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=850c204af1be46bb826132c95d2381f2; expires=Thu, 05 Dec 2024 16:59:48 GMT; path=/; secure; SameSite=None
oaidts=1701881988; expires=Thu, 05 Dec 2024 16:59:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
achcdn.com/script/ut.js?cb=1701881994368
200 OK 82 kB URL GET HTTP/3 achcdn.com/script/ut.js?cb=1701881994368
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectachcdn.com
Fingerprint52:9D:4F:AD:60:0D:A1:64:0A:07:87:97:4E:F6:92:D9:02:CF:2A:D6
ValidityTue, 24 Oct 2023 11:00:13 GMT - Mon, 22 Jan 2024 11:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1701881994368 HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPoMEbm2CQ-9nCA69MJD-xYEz1NYuibbrwM67_72qdC1g4LADq0wNfRkVl8fC8E9XgLExr0aBRLeJuxPSSD09S-Vs5HZgo6t
x-goog-generation: 1701698737164870
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 82092
x-goog-hash: crc32c=2nkS8g==, md5=Ht/tgHkwwd6oGKwYwpkVTA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 06 Dec 2023 16:49:09 GMT
cache-control: public, max-age=14400
age: 1948
last-modified: Mon, 04 Dec 2023 14:05:37 GMT
etag: W/"1edfed807930c1dea818ac18c299154c"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEAsBkfqTuh%2FmBBk%2Bs1nFJdsGQ1Nx2SBm9ad4Z9sEGa%2BdHwypv47%2FzASCBIkRcQcaMdjePgasRvlvuMtw4VJ064CXwHSpV6OZurcCv%2BYo8%2BCiBpd846QGVcN1qkj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614da3f0ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tzegilo.com/stattag.js
200 OK 19 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjecttzegilo.com
FingerprintF2:F3:F8:C4:40:73:B6:FE:DD:58:70:D7:13:25:D2:51:21:88:50:0B
ValiditySun, 03 Dec 2023 17:24:18 GMT - Sat, 02 Mar 2024 17:24:17 GMT
File type ASCII text, with very long lines (18369)
Hash 89e89aea544ea2785d49cc4cd9cf26f6
7d53437a89eb9861038ee27a8ff0e3bb70fa2a0b
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:52 GMT
etag: W/"64f987a8-4a4b"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVqG6r9o%2FApX5HBBUoH0spuegB4ZBJl2HuMghTLcYUx4wjzgr31k6qgJ5YfirTXn0uBkBzP62KrEU6v1R9gzR4Ft8skU6KQhIUo%2FCpw8F%2Frju01%2Fzcn%2Fn%2Fk5TvLzdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614de7b6c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
luluvdo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
200 OK 7.3 kB URL GET HTTP/3 luluvdo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with very long lines (7303), with no line terminators
Hash 71ac4b076be948f0ed4b50e7f6eff138
fd7b6afce531e9b7b11f602c7a64dad3da0b7606
ababdacf3c884a4289a1c4bc3c2fa1853d5ac28cac8f580831fd2bd552e3bb08
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGxxi9YUsHfrnEtWS0G1I2jtU6h1%2FvS4Tb6ldKLGzKAXSlluUhXecson6Ij9uxomJxiZ7iPiDDTVwvjs9TEEAz6dR61F8OTp1UFRNytVzFvAgIGlsaVS7oHi%2B3LGGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614de0c44b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c.adsco.re/
200 OK 80 kB IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73
ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (881)
Hash 41b38d766e8df9f16d99ee5656550613
4b040e742fafccbf1f9afa059258568e320fd9d8
65802711d89571b28699f3399d58f642a270d1e2bc5e155a8a0c73c94c66ec3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 06 Jan 2024 16:59:49 GMT
etag: W/"QbONdm6N+fFtme5WVlUGEw=="
cf-cache-status: HIT
age: 523067
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614e1ee3656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/favicon.ico
200 OK 449 B IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type MS Windows icon resource - 1 icon, 30x30 with PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 91a7665e37c2eeb49f2ee2fbc2e2d19d
8f93836b06e6c2fac65258b7420c1df09ad58d37
ff27be6c1a1eba3dc17d16581d680e8faba2536b565e90ad7c09c43d62495dd7
GET /favicon.ico HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 01 Jun 2023 18:52:04 GMT
etag: W/"1c1-5fd15eeb261fb"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw%2FQzxzqOKQYDLZBGns%2FynGJSCeCtMvStzAwsRF05UfXvCFUXB%2FTSXStR%2FEQq8fBjS0clIvrneaUhHPz6fHuIB4hxdgsIvo9l0zckxo2vUvXqDTt8OWWD%2FBjgarZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614df9ea2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/js/jquery.cookie.js
200 OK 990 B URL GET HTTP/3 luluvdo.com/js/jquery.cookie.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with very long lines (994), with no line terminators
Hash 2af5e791a2ced283f5c0683bc8a73e23
6e7d535372bfd4a13da00e5ee913d18d7d47a023
e6cb21733bd4a2be7662f823f8c1507c2717783298b80cd703119127e88c6dd7
GET /js/jquery.cookie.js HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=4331
etag: W/"10eb-4a491e5980100"
last-modified: Tue, 31 May 2011 12:53:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv%2Bu7GLFM%2B31bkhZ1frsgbYrfBrzQnMJzOsLIp3Uys%2FKMmygfmO8uY7wWXON2ctW%2FHIAN2aoOFVXzXAIJQdJl%2BTagv7LrIWuMN0l%2BYcqAXqJMhgHzRarmY2GBA0ZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6890eb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.luulu.org/player/jw8/polyfills.webvtt.js
200 OK 11 kB URL GET HTTP/3 cdn.luulu.org/player/jw8/polyfills.webvtt.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectluulu.org
Fingerprint69:29:E4:3C:6C:E5:A8:F1:F8:5E:9C:86:0E:28:55:63:A6:38:47:1F
ValiditySun, 05 Nov 2023 22:40:49 GMT - Sat, 03 Feb 2024 22:40:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/polyfills.webvtt.js HTTP/1.1
Host: cdn.luulu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/javascript
last-modified: Wed, 07 Jun 2023 06:30:47 GMT
etag: W/"2a27-5fd8446b4edf7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 677369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HL1U1Uue4f3P33mIuNLFwHxa88DlxM5D31UwE%2BYpKJP1S5MZzQDGUR2tqLC7k5B5BgiY10KTdJ31oDXKGZrKSoErQUvwZ1HTb8y4JrQOmnPZeNXFAlDAi6KSEOWWryFG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614dbcbaa56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
storage.multstorage.com/log/count.html
200 OK 882 B URL GET HTTP/2 storage.multstorage.com/log/count.html
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint1F:90:8C:BB:6B:B0:99:41:3A:23:DF:A4:57:1A:25:0F:88:BA:C6:DE
ValidityMon, 20 Nov 2023 10:07:51 GMT - Sun, 18 Feb 2024 10:07:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (919), with no line terminators
Hash 053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 1520f838971b015dc979c3507a7dfd31
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daqPqEYPlcutCDE2XpINbh0IVNCBKyv%2FuTM7bwJAEECQ7B9U9sU2yo9eXD13%2FFMsIAt6SP1HZ4yQWgLjgScm8JSssoVPxQRpPejIBX69myQBN0qzOiJ%2F1i6c29zhhr7KrfQYScXYjqu8Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614e7ff597743-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.xadsmart.com/tabby.min.js
200 OK 35 kB URL GET HTTP/2 www.xadsmart.com/tabby.min.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject1376341044.rsc.cdn77.org
Fingerprint9E:00:8B:B5:0E:76:AD:0B:E5:63:88:89:93:D0:07:5F:40:2B:28:81
ValidityMon, 02 Oct 2023 18:57:36 GMT - Sun, 31 Dec 2023 18:57:35 GMT
File type HTML document, ASCII text, with very long lines (1568)
Hash d6a5fac1a6edc771377f9e1da11dddc1
483db57975d4df4de572355d43bbf901d1586de5
6aabcbee8df5b459ea7a774758b025f74ae154ad35337332ac50ab15168592e3
GET /tabby.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:48 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
expires: Wed, 13 Dec 2023 14:01:50 GMT
access-control-allow-origin: https://luluvdo.com
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EgwBeX8tUAH3MRYAAAwB1GY4CQH3hRMAAA
x-77-nzt-ray: c1fb981926e38d8884a87065efb2e905
x-accel-expires: @1702476110
x-accel-date: 1701876307
x-77-cache: HIT
x-77-age: 10678
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 5681
x-77-pop: copenhagenDK
X-Firefox-Spdy: h2
idwulufqm2k5.n4.adsco.re/
200 OK 0 B URL POST HTTP/2 idwulufqm2k5.n4.adsco.re/
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintAF:10:8A:4D:72:FD:FC:08:77:84:8F:BE:F7:48:3B:D0:52:53:23:0A
ValidityFri, 29 Sep 2023 17:35:50 GMT - Thu, 28 Dec 2023 17:35:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: idwulufqm2k5.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
904f5ddbe2.78387c2566.com/4fb8b12bd84dce49ed026f75ab25b619.js
200 OK 90 kB URL GET HTTP/2 904f5ddbe2.78387c2566.com/4fb8b12bd84dce49ed026f75ab25b619.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject904f5ddbe2.78387c2566.com
Fingerprint10:4B:63:61:7B:F8:5C:C8:5D:5D:10:3E:CB:3C:73:08:2A:A8:1B:40
ValiditySun, 03 Dec 2023 02:20:23 GMT - Sat, 02 Mar 2024 02:20:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /4fb8b12bd84dce49ed026f75ab25b619.js HTTP/1.1
Host: 904f5ddbe2.78387c2566.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 06 Dec 2023 08:39:45 GMT
etag: W/"65703351-1600a"
content-encoding: gzip
expires: Wed, 06 Dec 2023 17:04:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ossmightyenar.net/impression/4eERiAg2-YqszxEYdCkftXMtoqXL4n_aIryBIgU9ZEHW9-OxMCTxaHIuG_fez95dKlyAp5gFPHhwEkIx8xYYSu-UJVJjUSnomJDWt94X2FAHidMLrH3WkFE0mIRjc69ATxvNugbGclie-lgQViJzM_PvICSwzivRVtEbY2nyDZiFUNB8kx1bUU85BXNCBXjDJmHITEPr5smPU15VHJFyd3P6G_R_Sw-TncXSca509Lq6DK3CxcAL8yCYnFG_2h5ql0N2r2_KzLANtUNzN6sRu29zhAJHBWTBQAXaONulonve_0153ZEOzXIxKPHeBDiIK4XypUMMna3kLuubhIqv-NZMxmXRBlvr7vFbtsPTAMZ7vLNGG7N9b3DXTLaRsIfyjqkQBT_WI2iF9NVMjRrrEKpLcAsIcFTBhzQseaVPf7_qqdTuGCRK9jNjdm_Grr9G5UDMgmMcGleY5iNw1qqvgGNwPceHVSh10f23WcrbD6J_JZ6JTNWiZ-sh37Oz8lI4xGuljVi4MsQY-2tFzciAGqNJI1coHacmMcl7FihwfHZ6-yc5sLAcgfF3-JgOwkgwd9uUwNWKSAQbLQRz6tEPszpz9TrORZOWoRbLg25kTHHSzMWZcvOx4zUIQjz_-SJOZxVSZqHX9mIqXpPq-mS2wUeIo73sHXgqAETImBTzsVrykqdmYauKNiF63Qhis-3QxpkbcBsVKrpznwoGcNm-wlWF1L0FNP6ExoldM031DWDvYa6sLFRx_ct0_fmIqGlG2bY5QgKKjm7MnMF4Hwpd6amW_kuMSOwZCMeoCQ==?_z=6047829&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
200 OK 43 B URL GET HTTP/2 ossmightyenar.net/impression/4eERiAg2-YqszxEYdCkftXMtoqXL4n_aIryBIgU9ZEHW9-OxMCTxaHIuG_fez95dKlyAp5gFPHhwEkIx8xYYSu-UJVJjUSnomJDWt94X2FAHidMLrH3WkFE0mIRjc69ATxvNugbGclie-lgQViJzM_PvICSwzivRVtEbY2nyDZiFUNB8kx1bUU85BXNCBXjDJmHITEPr5smPU15VHJFyd3P6G_R_Sw-TncXSca509Lq6DK3CxcAL8yCYnFG_2h5ql0N2r2_KzLANtUNzN6sRu29zhAJHBWTBQAXaONulonve_0153ZEOzXIxKPHeBDiIK4XypUMMna3kLuubhIqv-NZMxmXRBlvr7vFbtsPTAMZ7vLNGG7N9b3DXTLaRsIfyjqkQBT_WI2iF9NVMjRrrEKpLcAsIcFTBhzQseaVPf7_qqdTuGCRK9jNjdm_Grr9G5UDMgmMcGleY5iNw1qqvgGNwPceHVSh10f23WcrbD6J_JZ6JTNWiZ-sh37Oz8lI4xGuljVi4MsQY-2tFzciAGqNJI1coHacmMcl7FihwfHZ6-yc5sLAcgfF3-JgOwkgwd9uUwNWKSAQbLQRz6tEPszpz9TrORZOWoRbLg25kTHHSzMWZcvOx4zUIQjz_-SJOZxVSZqHX9mIqXpPq-mS2wUeIo73sHXgqAETImBTzsVrykqdmYauKNiF63Qhis-3QxpkbcBsVKrpznwoGcNm-wlWF1L0FNP6ExoldM031DWDvYa6sLFRx_ct0_fmIqGlG2bY5QgKKjm7MnMF4Hwpd6amW_kuMSOwZCMeoCQ==?_z=6047829&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectossmightyenar.net
Fingerprint0E:D3:09:79:9C:DD:16:39:20:44:A5:13:2B:E0:03:A4:E6:4A:A9:CA
ValidityWed, 29 Nov 2023 05:17:05 GMT - Tue, 27 Feb 2024 05:17:04 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/4eERiAg2-YqszxEYdCkftXMtoqXL4n_aIryBIgU9ZEHW9-OxMCTxaHIuG_fez95dKlyAp5gFPHhwEkIx8xYYSu-UJVJjUSnomJDWt94X2FAHidMLrH3WkFE0mIRjc69ATxvNugbGclie-lgQViJzM_PvICSwzivRVtEbY2nyDZiFUNB8kx1bUU85BXNCBXjDJmHITEPr5smPU15VHJFyd3P6G_R_Sw-TncXSca509Lq6DK3CxcAL8yCYnFG_2h5ql0N2r2_KzLANtUNzN6sRu29zhAJHBWTBQAXaONulonve_0153ZEOzXIxKPHeBDiIK4XypUMMna3kLuubhIqv-NZMxmXRBlvr7vFbtsPTAMZ7vLNGG7N9b3DXTLaRsIfyjqkQBT_WI2iF9NVMjRrrEKpLcAsIcFTBhzQseaVPf7_qqdTuGCRK9jNjdm_Grr9G5UDMgmMcGleY5iNw1qqvgGNwPceHVSh10f23WcrbD6J_JZ6JTNWiZ-sh37Oz8lI4xGuljVi4MsQY-2tFzciAGqNJI1coHacmMcl7FihwfHZ6-yc5sLAcgfF3-JgOwkgwd9uUwNWKSAQbLQRz6tEPszpz9TrORZOWoRbLg25kTHHSzMWZcvOx4zUIQjz_-SJOZxVSZqHX9mIqXpPq-mS2wUeIo73sHXgqAETImBTzsVrykqdmYauKNiF63Qhis-3QxpkbcBsVKrpznwoGcNm-wlWF1L0FNP6ExoldM031DWDvYa6sLFRx_ct0_fmIqGlG2bY5QgKKjm7MnMF4Hwpd6amW_kuMSOwZCMeoCQ==?_z=6047829&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=942&wfc=6&pl=https%3A%2F%2Fluluvdo.com%2Fe%2F658e6avdw962&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=0&js_build=8&sw_version=v1.312.0 HTTP/1.1
Host: ossmightyenar.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Cookie: OAID=850c204af1be46bb826132c95d2381f2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: e552f8b0fc5500579b0c024cd381d447
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
achcdn.com/script/suv4.js
200 OK 203 kB URL GET HTTP/2 achcdn.com/script/suv4.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectachcdn.com
Fingerprint52:9D:4F:AD:60:0D:A1:64:0A:07:87:97:4E:F6:92:D9:02:CF:2A:D6
ValidityTue, 24 Oct 2023 11:00:13 GMT - Mon, 22 Jan 2024 11:00:12 GMT
Size 203 kB (202851 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/suv4.js HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPru6VpE9HStkyqJwcW8KvL1a1Rg2S7QpD6lIijuA1Hk5awASbEvoYXFFLfLX_Opj_rS0wk-3-YiudrojK6OptHCxG4cFqvF
x-goog-generation: 1701698650971889
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 202851
x-goog-hash: crc32c=fPIuDw==, md5=Rv5zFxRDR4imtCOPKinSIQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 06 Dec 2023 16:46:59 GMT
cache-control: public, max-age=14400
age: 2688
last-modified: Mon, 04 Dec 2023 14:04:11 GMT
etag: W/"46fe731714434788a6b4238f2a29d221"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvSp8glhtoazCAK57uuvXm4lnAl4BQx1r2HxbM1ZmojwvIvTibG5SSbxyRDwe17SxTFXySntkZz6sBgRPr76ASs8x0O7tibO72ui3Z%2BjGrGZVq70K6BWFMYWYUck"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6c823569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mcpuwpsh.com/get/
200 OK 4.0 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint79:28:0D:09:80:3E:01:BE:E8:41:79:A2:E0:E5:67:B2:C1:EB:49:E0
ValidityWed, 11 Oct 2023 14:14:07 GMT - Tue, 09 Jan 2024 14:14:06 GMT
File type troff or preprocessor input, ASCII text, with very long lines (4012), with no line terminators
Hash a88504c36c826a5ef16a69679f63f1a9
99549167c41103f21b7c8ebe35d4eade567961fd
e5fdb6bed4e9df966b132bb3ac66bc60c62653386ffb64f96ee176752a9c04b2
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdo.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 961
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 06 Dec 2023 16:59:52 GMT
content-type: application/json
content-length: 4000
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
luluvdo.com/js/xupload.js
200 OK 8.1 kB URL GET HTTP/3 luluvdo.com/js/xupload.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
File type ASCII text, with very long lines (8234), with no line terminators
Hash f0ee8f81b932f96847de36e09b092022
aee065f6f4658d6e6a30e6251ea1b045f5e10d51
f6049f67c920c8ad693f41801eed315e6a2cef7bfac8fd8d8c66b5566b23a2b0
GET /js/xupload.js HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=10790
etag: W/"2a26-5f20f47c3d180"
last-modified: Thu, 12 Jan 2023 11:18:46 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiaUWs8H%2FNw0V6vHA68kQWQcFlxvJ1CRn9DeLuPTvQ487Ik5TIA6PaLM0%2FhSPqcCDDK4iGZ4C9uZ%2F0aJLUwQ3hYP3O1PkJt0OPCvXWwWU0%2Fd15y3I2A2JsGgg7fblA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d6890bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gmxvmvptfm.com/aas/r45d/vki/2003355/6955aa66.js?var=delusion910358
200 OK 90 kB URL GET HTTP/2 gmxvmvptfm.com/aas/r45d/vki/2003355/6955aa66.js?var=delusion910358
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint14:D3:45:CB:D6:04:24:B4:40:49:4E:38:1B:23:CD:D2:47:9A:0D:FD
ValiditySun, 29 Oct 2023 21:18:37 GMT - Thu, 25 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (65106)
Hash 7b4b652216c7d12e9de624e01fcd3988
579b6e5863c4557a489c0979440e7ba61319acbc
b691347919c509fe36f2e9fbaf1bdd7acc5700f01648d46ab9ed11835588ad6a
GET /aas/r45d/vki/2003355/6955aa66.js?var=delusion910358 HTTP/1.1
Host: gmxvmvptfm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 11:34:35 GMT
vary: Accept-Encoding
etag: W/"6565d04b-15e20"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
gmxvmvptfm.com/get/2003355?zoneid=2003355&var=delusion910358&jp=_cl2s6wu4jbm05fd957c5xm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1&freq=1
200 OK 3.2 kB URL GET HTTP/2 gmxvmvptfm.com/get/2003355?zoneid=2003355&var=delusion910358&jp=_cl2s6wu4jbm05fd957c5xm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1&freq=1
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint14:D3:45:CB:D6:04:24:B4:40:49:4E:38:1B:23:CD:D2:47:9A:0D:FD
ValiditySun, 29 Oct 2023 21:18:37 GMT - Thu, 25 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (3488), with no line terminators
Hash 6e43ffd0754d10d7a462b1bac40a89de
db50b7d353267c17679b01ce12fc6cf89bfd6f4f
624a9b35d5b0c2656477854b744cf094a45a39902a63916033f27557376e65aa
GET /get/2003355?zoneid=2003355&var=delusion910358&jp=_cl2s6wu4jbm05fd957c5xm&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=1237434445217792&eclog=0&sp=1&im=1&freq=1 HTTP/1.1
Host: gmxvmvptfm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Cookie: CHCK=1; UID=231206115990490aeb75e844d7a5393d056c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 08 Jan 2025 16:59:49 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
idwulufqm2k5.l4.adsco.re/
200 OK 0 B URL POST HTTP/2 idwulufqm2k5.l4.adsco.re/
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint30:24:2D:06:44:32:CD:4B:46:E0:81:9A:CF:B1:F6:9B:D2:4F:F3:6F
ValidityMon, 25 Sep 2023 16:35:45 GMT - Sun, 24 Dec 2023 16:35:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: idwulufqm2k5.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.luulu.org/player/jw8/provider.hlsjs.js
200 OK 386 kB URL GET HTTP/3 cdn.luulu.org/player/jw8/provider.hlsjs.js
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerLet's Encrypt
Subjectluulu.org
Fingerprint69:29:E4:3C:6C:E5:A8:F1:F8:5E:9C:86:0E:28:55:63:A6:38:47:1F
ValiditySun, 05 Nov 2023 22:40:49 GMT - Sat, 03 Feb 2024 22:40:48 GMT
Size 386 kB (386462 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/jw8/provider.hlsjs.js HTTP/1.1
Host: cdn.luulu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: application/javascript
last-modified: Wed, 07 Jun 2023 06:30:49 GMT
etag: W/"5e59e-5fd8446d199fb"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 677371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U%2F9XSsznn2C647VK1ZRNS6%2BTwUQh7Wc6fQ2TvYmiQOvwqpS8suB2iz2swNlLJbhdSwxy9ZFXWXSHY6BJCZW4ZrCDIQggYC3MgefRNJhcrFwXV2pvhVATJVttaYMX6EY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831614d8ccdb56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/cdn-cgi/challenge-platform/h/b/jsd/r/831614d349675694
200 OK 0 B URL POST HTTP/3 luluvdo.com/cdn-cgi/challenge-platform/h/b/jsd/r/831614d349675694
IP
Requested by https://luluvdo.com/e/658e6avdw962
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/831614d349675694 HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12197
Origin: https://luluvdo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdo.com/e/658e6avdw962
Cookie: lang=1; __PPU___PPU_SESSION_URL=%2Fe%2F658e6avdw962
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 06 Dec 2023 16:59:49 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=KFErOjxpZmH.Pqp1ErSezA4i7ZJyv2D_U4zxfmSkcwg-1701881989-0-1-730ca2d2.73a07051.5b213570-0.2.1701881989; path=/; expires=Thu, 05-Dec-24 16:59:49 GMT; domain=.luluvdo.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgz9G8K9NgOmEa4vy6RM1L6F3FmJCwdvXbLZQjGbWtVXca4%2BgP08IQhbzvAyf%2BVSqNIvuDXqCt7LEBLGRAh8x0QtX%2Fa1pkZNHmurE%2FCVQ6OhcMQDi%2BdLbsKI0kp9gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614df8e89b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
luluvdo.com/e/658e6avdw962
200 OK 135 kB URL User Request GET HTTP/2 luluvdo.com/e/658e6avdw962
IP
Certificate IssuerGoogle Trust Services LLC
Subjectluluvdo.com
Fingerprint75:FC:DB:58:DB:91:52:1E:E0:8C:EE:47:62:09:54:53:BC:F7:DA:CF
ValidityMon, 04 Dec 2023 08:10:23 GMT - Sun, 03 Mar 2024 08:10:22 GMT
Size 135 kB (135273 bytes)
Hash 033349a3acd76e76741dfa52be82a3bb
91cd88dd6554354c3a3db48f3d09d0e01fd44ae5
605f86eb9b588db5aee94051f7db0aeea1c8242a5ed384f8d8e071c323b7a35a
GET /e/658e6avdw962 HTTP/1.1
Host: luluvdo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:59:47 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 05 Dec 2023 16:59:47 GMT
set-cookie: lang=1; domain=.luluvdo.com; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRYCK2cSN7T3NpcAg%2Frgmw1EEZK9t9CSvWIyRVVHMn5gVmIYDsrTW4XeqvYna8sNS6u3m5S%2B8yjONeV0hAhWtnquZMg4qjCt%2FfiDSWhI8%2BbediNr4vFMbGdq2MtMgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831614d349675694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
188.114.97.1
45.133.44.53
104.17.167.186
148.113.159.232
139.45.195.8
185.200.116.51
212.117.190.201
94.130.197.240
121.127.45.82