Report - luluvdoo.com/5wnda9dqqyw5

Report Overview

Visited public
2025-06-11 08:27:14
Tags
Submit Tags
URL
luluvdoo.com/5wnda9dqqyw5
Finishing URL
luluvdoo.com/5wnda9dqqyw5
IP / ASN
104.21.78.184
#13335 CLOUDFLARENET
Title
eW9BLqgTX4jFydGf - Lulustream.mp4

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
luluvdoo.com	unknown	2025-05-08	2025-05-12	2025-06-09	11 kB	1.6 MB	188.114.97.1
a.lulucdn.com	unknown	2023-12-19	2023-12-26	2025-06-02	1.7 kB	18 kB	188.114.96.1
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-06-05	2.0 kB	3.4 kB	104.18.41.22
qonko3llh2tq.l4.adsco.re	unknown	2017-02-14	2025-06-11	2025-06-11	456 B	463 B	185.200.118.62
c.adsco.re	16577	2017-02-14	2017-11-29	2025-06-05	509 B	80 kB	104.17.167.186
appointeeivyspongy.com	unknown	2024-05-21	2024-08-05	2025-06-08	3.1 kB	160 kB	94.242.247.24
cm65.com	unknown	2015-03-22	2025-04-24	2025-06-11	1.2 kB	3.5 kB	139.45.196.64
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	1.4 kB	36 kB	142.250.74.10
bobapsoabauns.com	unknown	2025-01-23	2025-03-26	2025-06-10	910 B	29 kB	104.21.73.203
img.lulucdn.com	unknown	2023-12-19	2024-07-31	2025-06-09	441 B	148 kB	188.114.96.1
naupsakiwhy.com	unknown	2024-10-29	2024-11-06	2025-06-02	3.7 kB	167 kB	139.45.197.107
storage.lulu-row1.com	unknown	2025-04-01	2025-04-26	2025-06-02	2.2 kB	250 kB	37.27.230.125
ohalmfaap.com	unknown	2025-06-10	2025-06-11	2025-06-11	951 B	1.2 kB	139.45.197.112
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2025-06-10	560 B	139 B	174.137.133.17
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2025-06-10	560 B	139 B	174.137.133.17
pop.admpire.com	unknown	2023-03-09	2023-04-02	2025-06-02	5.8 kB	8.4 kB	104.21.34.161
qonko3llh2tq.s4.adsco.re	unknown	2017-02-14	2025-06-11	2025-06-11	456 B	463 B	185.200.116.60
tzegilo.com	unknown	2022-01-14	2022-01-14	2025-06-09	407 B	19 kB	172.67.193.52
xadsmart.com	85874	2020-04-18	2020-04-19	2025-06-08	1.8 kB	257 B	104.153.197.251
www.xadsmart.com	151441	2020-04-18	2020-04-18	2025-06-08	453 B	38 kB	95.173.205.14
6.adsco.re	17812	2017-02-14	2018-01-15	2025-06-05	849 B	993 B	104.17.166.186
cdn.tapioni.com	167297	2021-05-27	2021-07-01	2025-06-06	409 B	2.8 kB	172.67.31.117
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-04	433 B	398 kB	142.250.74.136
rbov.rqyebojzwaywq.top	unknown	unknown	No data	No data	432 B	1.4 kB	23.109.170.12
xml.acertb.com	80351	2020-04-01	2020-04-15	2025-06-02	559 B	139 B	174.137.133.16
qonko3llh2tq.n4.adsco.re	unknown	unknown	No data	No data	456 B	463 B	38.132.109.126
4.adsco.re	19179	2017-02-14	2021-01-04	2025-06-06	849 B	860 B	162.252.214.5
adsco.re	8541	2017-02-14	2017-04-03	2025-06-05	444 B	1.8 kB	162.252.214.5
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	3.2 kB	117 kB	142.250.74.35
xml.revrtb.net	398197	2019-01-20	2019-01-31	2025-06-02	559 B	139 B	174.137.133.16
fleraprt.com	unknown	2022-01-14	2022-01-14	2025-06-06	1.2 kB	902 B	139.45.195.252
xml.popviking.com	unknown	2025-01-04	2025-03-07	2025-06-02	562 B	139 B	173.239.53.20
ccg90.com	unknown	2021-03-14	2025-04-24	2025-06-07	2.2 kB	116 kB	139.45.197.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-11 08:26:53	medium	23.109.170.12	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.top)
2025-06-11 08:26:53	low	23.109.170.12	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2025-06-11 08:26:56	low	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-11 08:26:56	low	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2025-06-11 08:26:56	low	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-11	medium	bobapsoabauns.com	Sinkholed
2025-06-11	medium	naupsakiwhy.com	Sinkholed
2025-06-11	medium	naupsakiwhy.com	Sinkholed
2025-06-11	medium	naupsakiwhy.com	Sinkholed
2025-06-11	medium	rqyebojzwaywq.top	Sinkholed
2025-06-11	medium	naupsakiwhy.com	Sinkholed
2025-06-11	medium	bobapsoabauns.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (61)

	URL	From	Size	First Seen	Last Seen
	luluvdoo.com/static/js/xupload.js?10	ScriptElement	11 kB	2024-11-19	2025-07-15
Pretty URL luluvdoo.com/static/js/xupload.js?10 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-19 00:13 Last Seen2025-07-15 21:15 Times Seen101 Hash e4636fbf8635505188a382d9f776df1e c7bdf7e766905f43986077cfec829ffd8d38ceaf db15935f397c8566260e3f6a4978e41db5b31055976fa4c7265907e4390ae101 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	49 B	2024-05-15	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-15 22:21 Last Seen2025-07-16 09:18 Times Seen8661 Hash 0ac7fe824fc01da2eae66c69cde47673 12c7d2596939ad5d05162d227907c9bf707559b0 c259f617c5131add5a2a6c588f31e278b6c9443eddfa2399888a0d786712f20c Loading...

	tzegilo.com/stattag.js	ScriptElement	18 kB	2024-07-11	2025-07-16
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 16:28 Last Seen2025-07-16 07:33 Times Seen2653 Hash 01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	30 B	2024-02-12	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-02-12 20:00 Last Seen2025-07-16 09:18 Times Seen10291 Hash e969e6981adb7ab1cb174994a5c8c627 5f534a259a6f3754d1d392028fd4cbb344fb6563 5cb18f9c0eebf644c0bc27e5224177984121b4c4a3f8189861a6d797a15a2e7a Loading...

	luluvdoo.com/static/js/app.js	ScriptElement	124 B	2024-02-16	2025-07-15
Pretty URL luluvdoo.com/static/js/app.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 00:02 Last Seen2025-07-15 21:15 Times Seen122 Hash a07895ac86cac1a78949c8ca136d18ed c70ffb13c719c6baec0d8826cf8d6a39bddb2f26 fdf1596c977e88a73f0ae807281f05e173e65fced4cd5bc1a9f2e8fa0f7a9690 Loading...

	luluvdoo.com/js/jquery.cookie.js	ScriptElement	4.3 kB	2023-03-07	2025-07-15
Pretty URL luluvdoo.com/js/jquery.cookie.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-15 22:39 Times Seen1926 Hash ae0c2c5d8f01f7d35bb698bb618a62f7 63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Loading...

	luluvdoo.com/js/xupload.js	ScriptElement	11 kB	2024-12-01	2025-07-15
Pretty URL luluvdoo.com/js/xupload.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-01 00:07 Last Seen2025-07-15 22:39 Times Seen102 Hash 36d53d0f509d1642267ebb68b36165a6 18534c979b23a500124e316d07db0f42e4d72bdd 435e82278b5b2cf7980b025827e97d4edeb310b8fe31ef18f8a4535f36ba298f Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	24 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 09:18 Times Seen14413 Hash aaf72876f0d5e8a677a383fd45bf938b d8b2ca3c238c933223f4a6313c5c0561f99e0c1c 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	20 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 09:18 Times Seen14583 Hash fb440b8133f21c3e5d3e39624e7bda94 1b46d8568f9bd8a2be944d6a61924a21ec0b6e4f a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc Loading...

	storage.lulu-row1.com/api/users/491223?host=luluvdoo.com&ev=220&wh=450&ww=800&uuid=&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=1&referrer=luluvdoo.com&s1=Tukanggorengan&fs1=1&s2=82250&fs2=1&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5	ScriptElement	653 B	2025-06-11	2025-06-11
Pretty URL storage.lulu-row1.com/api/users/491223?host=luluvdoo.com&ev=220&wh=450&ww=800&uuid=&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=1&referrer=luluvdoo.com&s1=Tukanggorengan&fs1=1&s2=82250&fs2=1&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5 IP 37.27.230.125 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash 3eda3e87473893d823107b766b8d4df6 a9d86640f73915fb271797ddd71e3801286fbdaf 2fdda71de3894d03e016af02d79709d4101dcb1ec693af715b1ce819929f7a6f Loading...

	ccg90.com/5/6568874	ScriptElement	113 kB	2025-06-11	2025-06-11
Pretty URL ccg90.com/5/6568874 IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash 7075ef88b592075e3c989566ed92e52e ffed2a88c01dce65cdc4af07744eec906bc665f4 d34e9eed1dbe7d93a25af4474d5ecfb3cecf8415be12b9ee994b7a3451bca8b2 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	633 B	2024-12-25	2025-06-11
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-25 12:29 Last Seen2025-06-11 08:27 Times Seen43 Hash 7e59387282d409fd6080c0fbfd18e988 c7dca6f486b30e22f9160118f2695a3f95dd502d 8a5793edcc79d2ef405012a1d5b9a2f5b5e25cef8536e31fcbf67226d77d50f6 Loading...

	luluvdoo.com/5wnda9dqqyw5	ScriptElement	107 B	2025-06-11	2025-06-11
Pretty URL luluvdoo.com/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash 8ef5d9cc322f1a4eee0ab42c8029c78b 7995f4df11ef42508058efca31a1155f95416ffb 07c4d2373c3e5a11d954480656599559e4158cbe5b476c61ec4a2dc1a8e82349 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	15 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 09:18 Times Seen14425 Hash d720eef71edef78b948a643d5712ec07 ea5eb334bd6ddb0f04abafb700dc2ecb30070c76 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae Loading...

	luluvdoo.com/5wnda9dqqyw5	ScriptElement	6.1 kB	2025-06-11	2025-06-11
Pretty URL luluvdoo.com/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash 3e7eef83c4652fbb9ff3bdda37082409 ffee6ed0879d0de7824d171fb51be600aa629ef3 5645e0123ab17c9136dea0ab0af7679c8599a1dbef365b883844e2f57a11dc69 Loading...

	luluvdoo.com/5wnda9dqqyw5	ScriptElement	716 B	2024-04-15	2025-07-12
Pretty URL luluvdoo.com/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 00:22 Last Seen2025-07-12 00:54 Times Seen52 Hash d786349adcac211245b8de7874c5850f 232759dadc0be02de3afbf56b6c155873ef55a04 3dfc933510a5276cf575aa6e9e6b7a568d44f8a4e01c68c20346ca8bc985ec91 Loading...

	c.adsco.re/#0.22651866188043324	ScriptElement	486 B	2023-03-07	2025-07-16
Pretty URL c.adsco.re/#0.22651866188043324 IP 104.17.167.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 09:18 Times Seen2029 Hash 77c8287be10ff4b66a8490ca4d999917 7fccb364c5e22958503bcd8b92cdb648d5c4c96e c2d43195d015b5856873b3b0c6e717ee21599ca3f03f820b7c325f27b9b6a31d Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-07-16
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 09:18 Times Seen31334 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	23 B	2024-02-12	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-02-12 20:00 Last Seen2025-07-16 09:18 Times Seen10271 Hash 41310478a380eaf7e07dbad9b4f81a97 1714b6ef86e90b5b23e2aaa1e7728ed9c59f4d34 848e5342d9196c0f64861ab926a3c5aecce9294750febbd22e5d8df859bdb144 Loading...

	appointeeivyspongy.com/aas/r45d/vki/2003354/78215968.js?var=Tukanggorengan	ScriptElement	153 kB	2025-06-11	2025-06-11
Pretty URL appointeeivyspongy.com/aas/r45d/vki/2003354/78215968.js?var=Tukanggorengan IP 94.242.247.24 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash 3bc3a8d007022be7703fb5778436ef47 b3272b2a93e51bc11419506bb8bb4512a1f22941 ec6fd6c7b49deb5e33c04bf1c339b7d1a1c9e293d3f0201edc2e1e5062c6ca48 Loading...

	a.lulucdn.com/js/tabber.js	ScriptElement	6.1 kB	2023-03-07	2025-07-12
Pretty URL a.lulucdn.com/js/tabber.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-07-12 00:54 Times Seen219 Hash f6be5160018c4101fa76b42650b5a1a6 d8d3efdadf32bb4fd6daac619575969b241d2864 c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	49 B	2024-05-15	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-15 22:21 Last Seen2025-07-16 09:18 Times Seen8765 Hash 6dc0afc5aee21e3a2c7ba20fcbbc5502 b0b548e52b180b7ac2fbac80962700dcd226b31f 97e8f3fb205c8b155c8c6370121edddfad4baf9da50783c9b7efc9ed120bf41b Loading...

	luluvdoo.com/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http	ScriptElement	38 B	2023-03-07	2025-07-15
Pretty URL luluvdoo.com/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59 Last Seen2025-07-15 22:39 Times Seen948 Hash 99eccae6afa72c589ae54b5c3890282a 0f102f8f5b556635de65d16cf70fa8269c6761b4 b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3 Loading...

	www.xadsmart.com/psvg.connectable.min.css	ScriptElement	37 kB	2025-06-07	2025-06-12
Pretty URL www.xadsmart.com/psvg.connectable.min.css IP 95.173.205.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 02:42 Last Seen2025-06-12 15:51 Times Seen9 Hash 74079f991ae353857c71405b1d78001d 3b2f4c37ebe0277b68f8e0057589b433fd2ebeee cab60f4043b41006b96ba9ae7b7181e01d38dc1ee96af764f10b470ade85f424 Loading...

	luluvdoo.com/player/jw8/provider.hlsjs.js	ScriptElement	386 kB	2023-03-08	2025-07-15
Pretty URL luluvdoo.com/player/jw8/provider.hlsjs.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31 Last Seen2025-07-15 22:39 Times Seen297 Hash e133e8e7b97079d4bc7ec71fae611795 14f34839087df4a3a09ba2f11a768f0d14af979d f0d08bd0271c5d085f5d1419b1af887eb9c250aac800cadc4d5ea64c3a348e97 Loading...

	naupsakiwhy.com/401/7850681	ScriptElement	162 kB	2025-06-11	2025-06-11
Pretty URL naupsakiwhy.com/401/7850681 IP 139.45.197.107 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash d8f34322612c45d23b1b461530b4d1a1 3dd818dbe7f4507bc82f21122183ae9fd266c678 fe5212290f5ea650cd7c9d6c7d8a634fe03e9366acfc2bd8f6639528c00acb3c Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	4 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 00:06 Times Seen17538 Hash 2eed1fe0db36d674643b5f84d2adf46e 822bc13e2d55b402eb4233cb23c9d414a7a03bc1 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1 Loading...

	xadsmart.com/gpifpofecjlclemool?GVkKfyFB=BQOCAAAAAAAACZUAAnG01PUi5NMKFJb45nLXMoVXkiguRrt5nPpJkURGMXQheSWQjtmHCwD-Zk4S9WES1SZq6KpEDQyFy1J5e95Adx-JBUR7bvOGqude0H3cvJ5kI90hiXjNg3oKhJ5qSfucLpI2_zkaRy8sG4nEJew1Dp0uvYzhKX7pj9hSPbPDijT7sg_aLe32INqt0GhTT6I3IsajtjnEBty1cGa_r2ePr0kTLu21Peh6fC-bMXTK9nttIkQg1EtUM3VcPJVgWIkpRb_jemYHfWGmI0azrMGDI_-W1bKnnzHGNezlVLZUisOkxtWHSpAhCkEXpn3mq2DYcKOYN-DsWlqeKx0FSwFtiDl0ZSl4eosKOctpJ6eQb2YQq08slA1zAJVVqAiyWdjgKFo-bIpX7dxfpYA2_Mr-WGadwogQ5JiotQd22ghWciTHIRJQi64NdyWCUndvROU96bSlfyn3rOenziWmthH27HOOl9-WVUr5GfR6kNe2bFDdMEuiZjQvbHuyS_aO9yxf5oLhVifg5R_TH3FiuRqI3EqqntWEpTjFEAWc31WyduoepTkjYydgayXRna3xYr0ZOKXnv0H_YRDfHmJZLfOAZy0W89PnhTijpXx0gETWd9QsoUUWFMYov0EwNlKbEa-Hwz4q2pGSmVfUOee54YgiAQXpzMB5ci-ArhNCvkMn4THqWMNBCUEwbeEG0w7hj00qViAwe2Ks8OieU07-0gLkHDCQH12-Aim2JuVlMYQbkjzKL_AyHdOoe2WBMTWRdfYWkG9e-qmYfM-GMpxRjI-qVreHkwigwTxe98fOgoIGcMJ5YytY7AMJsrOCSxtlIAz4VPe-0-3tt6kfQfpLOWX9zlXcld-ZGqPxDpB7ljoSDqKGNK_nsh5i5eVmnB3WHuM6Q7FHupUjg_q0nNzlIaTW4TVt9v3rtOExXO9u2rolfRTXkGh0JAzlu-C7z-aYE5lB6xOMl2peuZaacWjupSgKyjw3Y_LKdHs6FzaR3hprqXQ09z6deCwH1QhdcUF4op9NQCqIxAioNxtdRHOvyk2-FTnuBA2jFMKtUPt-4yGlkMYQFsffHpzlOXyXNi76cZD5YS0yilheAWANs-qKefLHs54Nn4xSaRTkmelwQ9cxVYPyzxG7Ms5TiAjgnEMj45By_x0Hc9YsSvUdGL67guPVmFHI81ucy3ekavoHWg5rJv-V&EgUzoBrY=4&PUyklWYj=4998988&sipLkXQd=&MoPaLbqU=0,0&hrEMHfQA=&pJFnjlXd=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&s=1280,1024,1,1280,1024,1	ScriptElement	44 B	2023-03-07	2025-07-16
Pretty URL xadsmart.com/gpifpofecjlclemool?GVkKfyFB=BQOCAAAAAAAACZUAAnG01PUi5NMKFJb45nLXMoVXkiguRrt5nPpJkURGMXQheSWQjtmHCwD-Zk4S9WES1SZq6KpEDQyFy1J5e95Adx-JBUR7bvOGqude0H3cvJ5kI90hiXjNg3oKhJ5qSfucLpI2_zkaRy8sG4nEJew1Dp0uvYzhKX7pj9hSPbPDijT7sg_aLe32INqt0GhTT6I3IsajtjnEBty1cGa_r2ePr0kTLu21Peh6fC-bMXTK9nttIkQg1EtUM3VcPJVgWIkpRb_jemYHfWGmI0azrMGDI_-W1bKnnzHGNezlVLZUisOkxtWHSpAhCkEXpn3mq2DYcKOYN-DsWlqeKx0FSwFtiDl0ZSl4eosKOctpJ6eQb2YQq08slA1zAJVVqAiyWdjgKFo-bIpX7dxfpYA2_Mr-WGadwogQ5JiotQd22ghWciTHIRJQi64NdyWCUndvROU96bSlfyn3rOenziWmthH27HOOl9-WVUr5GfR6kNe2bFDdMEuiZjQvbHuyS_aO9yxf5oLhVifg5R_TH3FiuRqI3EqqntWEpTjFEAWc31WyduoepTkjYydgayXRna3xYr0ZOKXnv0H_YRDfHmJZLfOAZy0W89PnhTijpXx0gETWd9QsoUUWFMYov0EwNlKbEa-Hwz4q2pGSmVfUOee54YgiAQXpzMB5ci-ArhNCvkMn4THqWMNBCUEwbeEG0w7hj00qViAwe2Ks8OieU07-0gLkHDCQH12-Aim2JuVlMYQbkjzKL_AyHdOoe2WBMTWRdfYWkG9e-qmYfM-GMpxRjI-qVreHkwigwTxe98fOgoIGcMJ5YytY7AMJsrOCSxtlIAz4VPe-0-3tt6kfQfpLOWX9zlXcld-ZGqPxDpB7ljoSDqKGNK_nsh5i5eVmnB3WHuM6Q7FHupUjg_q0nNzlIaTW4TVt9v3rtOExXO9u2rolfRTXkGh0JAzlu-C7z-aYE5lB6xOMl2peuZaacWjupSgKyjw3Y_LKdHs6FzaR3hprqXQ09z6deCwH1QhdcUF4op9NQCqIxAioNxtdRHOvyk2-FTnuBA2jFMKtUPt-4yGlkMYQFsffHpzlOXyXNi76cZD5YS0yilheAWANs-qKefLHs54Nn4xSaRTkmelwQ9cxVYPyzxG7Ms5TiAjgnEMj45By_x0Hc9YsSvUdGL67guPVmFHI81ucy3ekavoHWg5rJv-V&EgUzoBrY=4&PUyklWYj=4998988&sipLkXQd=&MoPaLbqU=0,0&hrEMHfQA=&pJFnjlXd=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&s=1280,1024,1,1280,1024,1 IP 104.153.197.251 ASN #53334 TUT-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-07-16 09:18 Times Seen10894 Hash d5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Loading...

	a.lulucdn.com/js/jdadbl.js	ScriptElement	2.6 kB	2023-05-22	2025-07-15
Pretty URL a.lulucdn.com/js/jdadbl.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:51 Last Seen2025-07-15 22:39 Times Seen161 Hash 95fd065c887d003f9a169dee9876532c 0f111b6d5e142fadb966a1feb264d519c12a59d9 4d4c84ad505bddf4d49b1222db984d7aaa425c6702c79029801632bf31f2b80d Loading...

	luluvdoo.com/player/jw8/jwplayer.core.controls.js	ScriptElement	333 kB	2023-12-06	2025-07-15
Pretty URL luluvdoo.com/player/jw8/jwplayer.core.controls.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 18:00 Last Seen2025-07-15 22:39 Times Seen187 Hash a8889c5f9e2492b9c3d6f73b5bad08fe 6b942336401bc4ecd598f91fcaa7db96c889e6b4 43502aabf4a1ce166cb2a84a177579663aa32e1ea7db8666bc67534a53a0f368 Loading...

	appointeeivyspongy.com/check.html	ScriptElement	762 B	2025-03-07	2025-07-16
Pretty URL appointeeivyspongy.com/check.html IP 94.242.247.24 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-07 08:34 Last Seen2025-07-16 09:06 Times Seen1446 Hash 8f2e0cd22b41fa7c9212af0b11f449d3 6c552632a2eeaa712496444594c3e8c68eadbbb0 d7ca5af269e02e5109a61ef55df0196e2206204d6c742daba5a153defc097fda Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	6 B	2023-03-07	2025-07-13
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 17:32 Times Seen15802 Hash 599eba19aa93a929cb8589f148b8a6c4 35b19fa87f2e1737880f09f8ebb26557068a156d 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560 Loading...

	rbov.rqyebojzwaywq.top/keljmqkzwykzb/jzzmqq?d=0	ScriptElement	5 B	2025-04-24	2025-07-16
Pretty URL rbov.rqyebojzwaywq.top/keljmqkzwykzb/jzzmqq?d=0 IP 23.109.170.12 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 10:17 Last Seen2025-07-16 09:18 Times Seen1489 Hash 848667c49f5d3aef59cd65ed276cd7ae bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763 cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8 Loading...

	luluvdoo.com/player/jw8/polyfills.webvtt.js	ScriptElement	11 kB	2023-06-27	2025-07-15
Pretty URL luluvdoo.com/player/jw8/polyfills.webvtt.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 00:33 Last Seen2025-07-15 22:39 Times Seen191 Hash b3e139c07aac361115e8ec41bde7d2a5 0c3fc8d31887dafb86ba778da788ece5cbf76f18 1ff5585bdbea001d37f3647975a645f0594090f070915831286de90dd45949d5 Loading...

	luluvdoo.com/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 09:22 Times Seen244783 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	17 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 09:18 Times Seen14360 Hash d9f9b0f82813d813afe0d450e9fab4d6 cb6ce93dd97adc3649f697ff49681f5aaf8b1671 d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b Loading...

	a.lulucdn.com/js/jquery.cookie.js	ScriptElement	4.3 kB	2023-03-07	2025-07-15
Pretty URL a.lulucdn.com/js/jquery.cookie.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-15 22:39 Times Seen1926 Hash ae0c2c5d8f01f7d35bb698bb618a62f7 63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	632 B	2024-08-02	2025-06-11
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-02 20:54 Last Seen2025-06-11 08:27 Times Seen24 Hash 3c73091b33caefd04c8f3e0589112bf8 72f7991c2c81efa93e0f13355039a56c04198046 afce84f824dad0b693ad97602e802f36a07472998441159586dbb9081ec4b2c4 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	38 B	2024-12-27	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-27 13:53 Last Seen2025-07-16 08:22 Times Seen161 Hash 8bf7b38523024c85ba7d58adce06782d e59fece7ba043dc5e369cd5e109eb848c43b7bc6 ead6750342664e83f06fb64f826a27a5a7e896aceda7c7f419e170222d837508 Loading...

	www.googletagmanager.com/gtag/js?id=G-RFESL45RJX	ScriptElement	397 kB	2025-06-11	2025-06-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-RFESL45RJX IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash cb7e8b8913c1dd94f48df021a6be8e5d 4447a91766507aa883acc1a520574158b09056a1 e7672ef8504c790576cebe4e816a91d0c446fc8cfd89ba32d96bd2731bab2778 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	23 B	2023-03-07	2025-07-12
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-12 02:33 Times Seen13505 Hash cb12e2bae39e65c9d2941532f47d984c c7d0055b2b2eb35e946b09ba87011065b445b1ba 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	9 B	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 08:08 Times Seen3576 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	631 B	2024-10-04	2025-06-11
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-04 10:52 Last Seen2025-06-11 08:27 Times Seen8 Hash 7cdf306fae7411a3c103f55e59f92073 7d6eb1d7887bf551d6465d3bb75ba1fc37520039 657c426f52141875acd72f4817da2834ea0e82ec3c12b54507200b7e3c4e6105 Loading...

	luluvdoo.com/static/js/jquery-3.2.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/static/js/jquery-3.2.1.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 09:19 Times Seen42966 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	a.lulucdn.com/js/new100.js	ScriptElement	1.5 kB	2024-12-27	2025-07-15
Pretty URL a.lulucdn.com/js/new100.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-27 13:53 Last Seen2025-07-15 22:39 Times Seen90 Hash a404d12258254e435583a10baa32a8b8 a7bde7e90a122cc61a016e3e4f94339ca866d6c3 32df889d6099045ed25a5e32fbf53de6fbc07ff4b82ccc3363b6d06acb254b84 Loading...

	luluvdoo.com/player/jw8/jwplayer.js?v=2	ScriptElement	121 kB	2023-06-27	2025-07-15
Pretty URL luluvdoo.com/player/jw8/jwplayer.js?v=2 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-27 00:33 Last Seen2025-07-15 22:39 Times Seen284 Hash e596630eff0374adebc068352ed362ae 156895e17acd4652f5816db5b310b341960edbbc 816c99b4a2b3c2d2d7adca35b602c2b1f5ef56ffed67ae1a4d29bbeefa55ee90 Loading...

	luluvdoo.com/js/pop.js	ScriptElement	36 B	2023-03-07	2025-07-15
Pretty URL luluvdoo.com/js/pop.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-15 22:39 Times Seen311 Hash 2f8fefc6a5aed3327c395f43db6be62d 8594728c9e75e88e1a759e8c8466df832323d963 ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	49 B	2024-05-15	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-15 22:21 Last Seen2025-07-16 09:18 Times Seen8692 Hash 93128c282499b9ac18b63d0170ef3d44 20a9c22e9546d49fc54c41ecbfa82880934f45f3 f58ab76f9bc7003d1eaa68b8ca01bc723da2137cac1536511da193bd3062f86c Loading...

	luluvdoo.com/5wnda9dqqyw5	ScriptElement	34 B	2024-04-15	2025-07-12
Pretty URL luluvdoo.com/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 00:22 Last Seen2025-07-12 00:54 Times Seen52 Hash cfb928a5d40f3bda4f1d5f235ee2473d 5380e1670b59066b55a84df013783d6b2d009f89 4966af1e3c720b9bf033936f75b52a243d5d94bb7baf549b86daaeb3f4c7dd1e Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	49 B	2024-05-15	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-15 22:21 Last Seen2025-07-16 09:18 Times Seen8727 Hash 265fbd04531d9cf5fd767b4e3149a5d1 9df7368252b2b411d8472e2a6cc46fd5557ac415 1b5a1da3648fc66667a67e766f23683675655e69a2f5186d65e750c7af80fa01 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	29 B	2023-03-07	2025-07-13
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 22:45 Times Seen13423 Hash 2b9acf9223e6d60c206388ea2035fd3a b8ba77d712fa01527c73875a37e290ebc133d924 9c27754d9297bf8d4022ded2628940ae5a837c7d7d130b197c3dc80627a453e2 Loading...

	luluvdoo.com/static/js/bootstrap.bundle.min.js	ScriptElement	80 kB	2023-03-07	2025-07-16
Pretty URL luluvdoo.com/static/js/bootstrap.bundle.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-07-16 07:28 Times Seen1222 Hash 2faceb2d3db75ced808545e78fab94ed c663baa051856b64d746629a961e23bbf0fbaf8c c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f Loading...

	storage.lulu-row1.com/2jiGc77.js	ScriptElement	248 kB	2025-05-20	2025-06-23
Pretty URL storage.lulu-row1.com/2jiGc77.js IP 37.27.230.125 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-20 22:49 Last Seen2025-06-23 06:37 Times Seen111 Hash d21cc54c55f74c347f0e22ea516d1594 d997d3b1583de52b0f116419679e17d8d53bcac3 6ea5019aa17b8666e68c050669100296404df8f2b1e21defe01ed284c10901d2 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	Eval	31 B	2024-12-27	2025-07-16
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-27 13:53 Last Seen2025-07-16 08:22 Times Seen161 Hash d8c81442e74e2aee0929479d20170ae0 9de4f4b80c02779e4ae982e0638d2075b48db354 a5a0d9be349f2f79e82bb0780285442f54e42939e5e4783db7843956e2ced445 Loading...

	luluvdoo.com/e/5wnda9dqqyw5	ScriptElement	170 B	2025-06-11	2025-06-11
Pretty URL luluvdoo.com/e/5wnda9dqqyw5 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 08:27 Last Seen2025-06-11 08:27 Times Seen1 Hash d982494fb0c4c6b2055ab0c39db91906 0ff287bd86327255dfe1c1d583d544ad98038886 59f140fb87574676cc5bda452bb4153f631dedb2eef47dd87bd3d5eb6be395f3 Loading...

	cdn.tapioni.com/adgpt.js	ScriptElement	2.4 kB	2025-06-06	2025-06-23
Pretty URL cdn.tapioni.com/adgpt.js IP 172.67.31.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-06 20:55 Last Seen2025-06-23 09:58 Times Seen618 Hash c8353a641602ac900bafa496ff76e18c 3ac832327c6f7e906d569b0f19180171f6da53ba 03f32871a596ccf145436c0c232c51ea74b2267a747edcd0f7a1eeb5828ca676 Loading...

		Size	First Seen	Last Seen
	#1 Write - 4ddc07a2d5248efe5ccfaa48a1f4a63a	608 B	2024-07-15 23:28	2025-06-14 14:43
Pretty Observations First Seen2024-07-15 23:28 Last Seen2025-06-14 14:43 Times Seen115 Hash 4ddc07a2d5248efe5ccfaa48a1f4a63a ab09b092c5cfb87b4ce1cc137bc0956403e94f3c f7d5d95e152831038d11483e361fd12006453d18e02933fbab702bae0b5b427c Loading...

	#2 Write - 54ea304edbbb682a6f54ee5a177cec31	608 B	2024-07-15 23:28	2025-06-14 14:43
Pretty Observations First Seen2024-07-15 23:28 Last Seen2025-06-14 14:43 Times Seen115 Hash 54ea304edbbb682a6f54ee5a177cec31 bd30c83cfaff0da54dbcf587066a34bf96eeaf84 c9411a469ec598948cfcb760999e9130a9ba7f2733de167e14d47e60f8d9fb77 Loading...

	#3 Write - f2506a31e5aed5fbb114cf98ebb35bb2	608 B	2024-08-13 07:52	2025-06-14 14:43
Pretty Observations First Seen2024-08-13 07:52 Last Seen2025-06-14 14:43 Times Seen106 Hash f2506a31e5aed5fbb114cf98ebb35bb2 90f4ceb8bda24f659322448e0c84a0c5c1a8ab6e c15ca4f6cafe92e883407089cbfdfb93b510e0210f481b70c7e993c91e1cb696 Loading...

	#4 Write - b1625fb5049b7143e44f09915424e3cf	608 B	2025-03-07 10:15	2025-06-14 14:43
Pretty Observations First Seen2025-03-07 10:15 Last Seen2025-06-14 14:43 Times Seen28 Hash b1625fb5049b7143e44f09915424e3cf 2d1d32d300c7b785f57ba721a8e01965e15f1962 8e567cd402f0b20ddbf778d84ec2a302261b63200f1ef6cf3c48a93537773252 Loading...

	#5 Write - 49f3c9c181de3486e9c907bf86a3cec0	608 B	2024-07-15 23:28	2025-06-14 14:43
Pretty Observations First Seen2024-07-15 23:28 Last Seen2025-06-14 14:43 Times Seen109 Hash 49f3c9c181de3486e9c907bf86a3cec0 2d1ff004307fde0aaad9be8abb2ed3c249906803 aa3d90a6b90b363decbf4a32e35da829057ef479dd7f280590b7f44ddec0fdfd Loading...

HTTP Transactions (93)

URL IP Response Size

GET fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

142.250.74.10

200 OK

3.6 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
3.6 kB (3591 bytes)
Hash
35d825bbfa06a00722474414bc5ef193
261399984a263223d6a6d05bdc7f1f8dd4408b57
9ceebd00ce42c01cbbe9ade915ff99832c71d12bd44caf48f4c813df001ffc2b

HTTP Headers

GET /css2?family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jun 2025 08:26:53 GMT
date: Wed, 11 Jun 2025 08:26:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET xml.acertb.com/redirect?feed=754922&auth=Mc2A&pubid=207411

174.137.133.16

200 OK

0 B

URL GET
xml.acertb.com/redirect?feed=754922&auth=Mc2A&pubid=207411
IP
174.137.133.16:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.acertb.com
FingerprintFF:F6:89:60:08:E2:96:75:14:D9:DB:62:A0:1A:A3:C3:6B:1A:47:72
ValidityTue, 11 Mar 2025 00:00:00 GMT - Wed, 11 Mar 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=754922&auth=Mc2A&pubid=207411 HTTP/1.1
Host: xml.acertb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pop.admpire.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

GET 6.adsco.re/

104.17.166.186

200 OK

45 B

URL GET
6.adsco.re/
IP
104.17.166.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:56 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://luluvdoo.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 94dfb9f7c9fa1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
0a61f19b59a41d92ca1d4f255c965067
7872117c6d4fc4eb6d5be3fb8f39cf9a08658110
d592435815d6ddb947f361030f41b4f8cc1dc3c8c725e7d9fb1eb68ef82ed6f2

HTTP Headers

GET /gid.js?userId=f5mu127261tf145716635e7p6thsu057 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: ID=0801e55b68eb439ef90c9f9d65d77725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luluvdoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 94dfb9fa5ffcb4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

OPTIONS ccg90.com/wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725

139.45.197.106

204 No Content

0 B

URL OPTIONS
ccg90.com/wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectccg90.com
Fingerprint56:09:8B:A2:B0:CC:2D:94:BB:34:A2:E9:A2:FD:C7:53:D9:F4:20:83
ValidityWed, 23 Apr 2025 09:55:55 GMT - Tue, 22 Jul 2025 09:55:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725 HTTP/1.1
Host: ccg90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://luluvdoo.com/
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jun 2025 08:26:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://luluvdoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET luluvdoo.com/static/images/logo.svg

188.114.97.1

200 OK

3.9 kB

URL GET
luluvdoo.com/static/images/logo.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3947 bytes)
Hash
dec9afc4fee8170cbaf0edc5a24f0825
8a268426ff8ce8ffb5165cb2aca6de66fa53a2fa
9b7bb5f5992ad0f1f87f182ad54b9fd99efe03a893f930c567e2eb65cc27b1f3

HTTP Headers

GET /static/images/logo.svg HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: image/svg+xml
server: cloudflare
last-modified: Tue, 28 Nov 2023 10:13:03 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eJ9%2FE9vV88%2FVLryFfCHvRd2kdVYPaN8yL72V8mgUEFv%2BUojI8p%2FBS663cF1rNOkqMi975W5vuCs2wAM7CKiz0I9PBFANSavXftM%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
vary: accept-encoding
etag: W/"f6b-60b33a9fca420"
content-encoding: br
cf-ray: 94dfb9da9a9f0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET a.lulucdn.com/js/jquery.cookie.js

188.114.96.1

200 OK

4.3 kB

URL GET
a.lulucdn.com/js/jquery.cookie.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectlulucdn.com
Fingerprint75:66:DA:9D:02:A3:01:18:48:B6:FC:1B:C1:DD:AD:2C:5E:18:0C:DA
ValidityTue, 03 Jun 2025 07:21:50 GMT - Mon, 01 Sep 2025 08:20:05 GMT

File type
ASCII text
Size
4.3 kB (4331 bytes)
Hash
ae0c2c5d8f01f7d35bb698bb618a62f7
63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: a.lulucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 31 May 2011 12:53:56 GMT
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xa0%2BUC5TVVTj1TKPtlhKXBd6StbG81IhexZ9HXCuve4Ft%2BxcirCt%2BRHdzhu5VhoVf60I%2BBWnfGTkH5JDXBzA2nDxn2zwysR9W6Wc"}]}
age: 6029
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"10eb-4a491e5980100"
content-encoding: br
cf-ray: 94dfb9db0e7e0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET a.lulucdn.com/js/new100.js

188.114.96.1

200 OK

1.5 kB

URL GET
a.lulucdn.com/js/new100.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectlulucdn.com
Fingerprint75:66:DA:9D:02:A3:01:18:48:B6:FC:1B:C1:DD:AD:2C:5E:18:0C:DA
ValidityTue, 03 Jun 2025 07:21:50 GMT - Mon, 01 Sep 2025 08:20:05 GMT

File type
ASCII text
Size
1.5 kB (1473 bytes)
Hash
a404d12258254e435583a10baa32a8b8
a7bde7e90a122cc61a016e3e4f94339ca866d6c3
32df889d6099045ed25a5e32fbf53de6fbc07ff4b82ccc3363b6d06acb254b84

HTTP Headers

GET /js/new100.js HTTP/1.1
Host: a.lulucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 27 Dec 2024 03:46:02 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 3048
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sKl7vDlkJwXH42FRfEgi4z0Le0E0xfqmXDGAtVjQpmGpxSTeJB8afjXMxTVf21qU7EihzUfW27gZ58iURxiGc4A4S3O515thqgL2"}]}
etag: W/"5c1-62a384d3361f7"
content-encoding: br
cf-ray: 94dfb9de3f6a56a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET pop.admpire.com/sub/5BOqQVD

104.21.34.161

200 OK

231 B

URL GET
pop.admpire.com/sub/5BOqQVD
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type
HTML document, ASCII text
Size
231 B (231 bytes)
Hash
636bc107fdc6ffa10e2584d2107cd199
fae6d62b16673005b117c01a826120b1cbc8e7ae
38f4c3d0ca9cf6d0973860aad0c04e50441897f7e48790430aa7eba21ed7d663

HTTP Headers

GET /sub/5BOqQVD HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LljBPyJMtDa17uxWPrXYc%2Bye9VQmPvqqKljZvSeYTP4%2FRNTWBBm6alnG%2BaoiJkJStbBqr5IbIiB9X559yiLWv%2BgLkXDvc8qRYGb8QvI%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 94dfb9e2a8b056bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST pop.admpire.com/load

104.21.34.161

302 Found

0 B

URL POST
pop.admpire.com/load
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /load HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://pop.admpire.com
DNT: 1
Connection: keep-alive
Referer: https://pop.admpire.com/sub/NqD7qY8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdBvqX629Oc2RPnlYZH4rksGqeOqR4%2FImLahGVWzt%2BgqoLHUeiocnusaMwB0MzuvAgqYhTN%2FYc%2FQC7eLEfZT%2B1pVkW4XuSkL1y7Sa5VlmRH3JKRBCKjESptMc6SjDKTmVsA%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.zeusadx.com/redirect?feed=754911&auth=SdZN&pubid=207410
cf-cache-status: DYNAMIC
cf-ray: 94dfb9e5ba617131-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3350&min_rtt=672&rtt_var=1433&sent=101&recv=125&lost=0&retrans=0&sent_bytes=8568&recv_bytes=7846&delivery_rate=493225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=636f36533148183d&ts=445&inflight_dur=35&x=80"

GET luluvdoo.com/srt/empty.srt

188.114.97.1

200 OK

42 B

URL GET
luluvdoo.com/srt/empty.srt
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
SubRip, ASCII text, with CRLF line terminators
Size
42 B (42 bytes)
Hash
7f8501e8cf0fd2262e1ec59fa6653797
5ea9200f583b21ec2008fc44447b2a15ab31f246
f3adadb235f7ecab4a68f4d0961640c155c0d2057d28fe24e19d36b04904ddc6

HTTP Headers

GET /srt/empty.srt HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250; _ga_RFESL45RJX=GS2.1.s1749630413$o1$g0$t1749630413$j60$l0$h0; _ga=GA1.1.707617054.1749630413; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/vtt; charset=utf-8
content-length: 42
server: cloudflare
last-modified: Fri, 08 Jul 2016 15:03:06 GMT
etag: "2a-537211991fe80"
accept-ranges: bytes
access-control-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NWBNw61IjCtv3ugi5vlFH%2Fw%2BovWcXlf5ZUAEbbyveqjRLIZf5Y3SmUI3rGnXhVpXiLu1mHwZ9uxCB%2FF4Pmj%2Fq%2BTh7tOD4esFAXI%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94dfb9e5fb450b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 10:26:17 GMT
expires: Fri, 05 Jun 2026 10:26:17 GMT
cache-control: public, max-age=31536000
age: 511236
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bobapsoabauns.com/www/images/f84f7f22e56dc46af84109f825842b8e.jpg

104.21.73.203

200 OK

14 kB

URL GET
bobapsoabauns.com/www/images/f84f7f22e56dc46af84109f825842b8e.jpg
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
14 kB (13657 bytes)
Hash
f84f7f22e56dc46af84109f825842b8e
6fa0c83f27087e1f4fafb34b583c9b439a6a721f
7ef2826e068e2918f492ec73109b936f1dcb5f119f17c0961b95d1ce6f5a0c8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/f84f7f22e56dc46af84109f825842b8e.jpg HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:59 GMT
content-type: image/jpeg
content-length: 13657
server: cloudflare
last-modified: Thu, 27 Feb 2025 04:01:53 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67bfe3b1-3559"
expires: Wed, 11 Jun 2025 10:23:33 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 79405
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BBFT2Y2sSWBZPURAdSghvxMXa8ORJjkJgs1XwDpJZX6hMlEEZc941mhtQQrLl6I2A9xdYGeyoPDFZBjz1bWigDIKJHS6oEzVp%2FZ1xFLAgg%3D%3D"}]}
cf-ray: 94dfba097fd756b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET luluvdoo.com/player/jw8/jwplayer.js?v=2

188.114.97.1

200 OK

121 kB

URL GET
luluvdoo.com/player/jw8/jwplayer.js?v=2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65502)
Size
121 kB (120878 bytes)
Hash
e596630eff0374adebc068352ed362ae
156895e17acd4652f5816db5b310b341960edbbc
816c99b4a2b3c2d2d7adca35b602c2b1f5ef56ffed67ae1a4d29bbeefa55ee90

HTTP Headers

GET /player/jw8/jwplayer.js?v=2 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 07 Jun 2023 23:02:18 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pGHIrwi4IkUB0h35jrqRYChF7%2FhmKgoU6aQG955bYuNBQRsozaQH%2FCtNjA%2BSAUxbbvgo7hiUjQFKfZUb9j%2Fvtb7wv%2FT15KlvAkA%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 675
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
etag: W/"1d82e-5fd9220ac069a"
content-encoding: br
cf-ray: 94dfb9de4db40b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET img.lulucdn.com/5wnda9dqqyw5_xt.jpg

188.114.96.1

200 OK

147 kB

URL GET
img.lulucdn.com/5wnda9dqqyw5_xt.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectlulucdn.com
Fingerprint75:66:DA:9D:02:A3:01:18:48:B6:FC:1B:C1:DD:AD:2C:5E:18:0C:DA
ValidityTue, 03 Jun 2025 07:21:50 GMT - Mon, 01 Sep 2025 08:20:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 677x1200, components 3
Size
147 kB (147184 bytes)
Hash
7934c56b291e8d59359f71c8ab21dd0b
c915de311d13e1850c9d8daa471b2513fba3e522
a6164b0d61ecef931975e4048b347ffe664f3d20aa9575e41676ab1ffeb02c8a

HTTP Headers

GET /5wnda9dqqyw5_xt.jpg HTTP/1.1
Host: img.lulucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: image/jpeg
content-length: 147184
server: cloudflare
last-modified: Tue, 10 Jun 2025 03:59:44 GMT
etag: "6847adb0-23ef0"
expires: Tue, 17 Jun 2025 03:59:45 GMT
cache-control: max-age=604800
access-control-allow-origin: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
priority: u=4,i=?0
speculation-rules: "/cdn-cgi/speculation"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sNoU80XfBWVPPfhmTuVnCjTi56TyzzcVvjrfeoAodZWt7FSztek0J991ieOVAavBF4hQ1O0Atn%2FSyjKLrD12cjmnFUcufngfPQQvVP8%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94dfb9de6fa656a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET appointeeivyspongy.com/aas/r45d/vki/2003354/78215968.js?var=Tukanggorengan

94.242.247.24

200 OK

153 kB

URL GET
appointeeivyspongy.com/aas/r45d/vki/2003354/78215968.js?var=Tukanggorengan
IP
94.242.247.24:443
ASN
#7979 SERVERS-COM

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30
ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
153 kB (152675 bytes)
Hash
3bc3a8d007022be7703fb5778436ef47
b3272b2a93e51bc11419506bb8bb4512a1f22941
ec6fd6c7b49deb5e33c04bf1c339b7d1a1c9e293d3f0201edc2e1e5062c6ca48

HTTP Headers

GET /aas/r45d/vki/2003354/78215968.js?var=Tukanggorengan HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 27 May 2025 12:14:42 GMT
vary: Accept-Encoding
etag: W/"6835acb2-254fe"
x-js-ab2: var834
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

GET luluvdoo.com/static/css/style.css?10

188.114.97.1

200 OK

226 kB

URL GET
luluvdoo.com/static/css/style.css?10
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text, with very long lines (651)
Size
226 kB (226454 bytes)
Hash
1b4507def8a57bd49a3771a7aa652b74
1eb5791beb1efd06c37bba705ffb0c7d36a45e3f
5f6073a9d98763b8a66a181248201ee3234c514d1fe60e4d6e92ab1197f5ce27

HTTP Headers

GET /static/css/style.css?10 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 01 Dec 2023 13:44:30 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H10Z211AkPUTuRK4jBO8fhHeqlLN%2BMkcMAnmeLmhT4Tb3puT9ca1U8RwWPWM%2FCReedH8rc%2F%2B3LrAZuNfD87NR%2BCiuoCKwT54N%2Bg%3D"}]}
etag: W/"37496-60b72f7baa4ba"
content-encoding: br
cf-ray: 94dfb9da8a900b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET c.adsco.re/#0.22651866188043324

104.17.167.186

200 OK

79 kB

URL GET
c.adsco.re/#0.22651866188043324
IP
104.17.167.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (689)
Size
79 kB (79103 bytes)
Hash
f0e71ebb1e2c90b307c171052ca517d0
1a1950b1868c0bfb8629f6f81b81439160727a79
adbce95b9ac0da66ea3a1d707494d9c74876e1c9186c446b4b5a22d15adc1ee5

HTTP Headers

GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:56 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 12 Jul 2025 08:26:56 GMT
etag: W/"8Oceux4skLMHwXEFLKUX0A=="
content-encoding: gzip
cf-cache-status: HIT
age: 536477
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 94dfb9f79bf27129-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET xml.revrtb.net/redirect?feed=754887&auth=GYis&pubid=207717

174.137.133.16

200 OK

0 B

URL GET
xml.revrtb.net/redirect?feed=754887&auth=GYis&pubid=207717
IP
174.137.133.16:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.revrtb.net
Fingerprint63:52:32:39:0E:57:2B:C3:D9:FE:55:BA:88:DF:C0:F3:CD:EA:FE:A6
ValiditySat, 04 Jan 2025 00:00:00 GMT - Sun, 04 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=754887&auth=GYis&pubid=207717 HTTP/1.1
Host: xml.revrtb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pop.admpire.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

GET luluvdoo.com/player/jw8/provider.hlsjs.js

188.114.97.1

200 OK

386 kB

URL GET
luluvdoo.com/player/jw8/provider.hlsjs.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
386 kB (386462 bytes)
Hash
e133e8e7b97079d4bc7ec71fae611795
14f34839087df4a3a09ba2f11a768f0d14af979d
f0d08bd0271c5d085f5d1419b1af887eb9c250aac800cadc4d5ea64c3a348e97

HTTP Headers

GET /player/jw8/provider.hlsjs.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 07 Jun 2023 06:30:49 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ETiTjm1wTcJnw7A7oRaF0TkoQzLgi76fIoocEtogP%2BCC2tEJyJNmwIQABvxyPV6HsCwe8VueG3qa7Dw97HIqrYbUMBwCjxrHsfs%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5899
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
etag: W/"5e59e-5fd8446d199fb"
content-encoding: br
cf-ray: 94dfb9e06f6b0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET pop.admpire.com/sub/qp2aprP

104.21.34.161

200 OK

232 B

URL GET
pop.admpire.com/sub/qp2aprP
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type
HTML document, ASCII text
Size
232 B (232 bytes)
Hash
d76098a9c07f2d1b24397aad01c35699
a56c3861182715270d460697799fb1f67ada12c6
e62cf6966bbba9d9fed75d9f769e21bc54523026ed72b6d75c2c056e0f67529d

HTTP Headers

GET /sub/qp2aprP HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HlFEV6v1xzaw9op%2BKQy1hmLRu3rAP3WmJf5yIi5qVVsmXTdSjKco4bdhKVtLeDZf8xn5DF4y0tL2GRqD9w6vSi6jjeLujR7FsEAJbSY%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 94dfb9e2a8b556bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET appointeeivyspongy.com/check.html

94.242.247.24

200 OK

926 B

URL GET
appointeeivyspongy.com/check.html
IP
94.242.247.24:443
ASN
#7979 SERVERS-COM

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30
ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT

File type
HTML document, ASCII text
Size
926 B (926 bytes)
Hash
088dba8e97eede53134c93219f7ebbae
adb707654d1fe0af7d0d7a9f55660d22bd3625e4
6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff

HTTP Headers

GET /check.html HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 19 May 2025 09:48:34 GMT
vary: Accept-Encoding
etag: W/"682afe72-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

POST appointeeivyspongy.com/solid.gif?z=2003354&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2

94.242.247.24

200 OK

43 B

URL POST
appointeeivyspongy.com/solid.gif?z=2003354&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2
IP
94.242.247.24:443
ASN
#7979 SERVERS-COM

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30
ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=2003354&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2 HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 15 Jul 2026 08:26:55 GMT; Secure; SameSite=None
UID=25061103260f4ebe3021f24a83b18d3f61cb; Path=/; Expires=Wed, 15 Jul 2026 08:26:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

GET cm65.com/?rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714%3D&request_ab2=0&zoneid=6568874&js_build=iclick-v1.1457.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=450&wiw=800&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=800&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1457.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=d5f430ee-508e-409d-8133-4bf750dfc3ef&userId=0801e55b68eb439ef90c9f9d65d77725&m=link

139.45.196.64

200 OK

2.3 kB

URL GET
cm65.com/?rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714%3D&request_ab2=0&zoneid=6568874&js_build=iclick-v1.1457.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=450&wiw=800&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=800&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1457.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=d5f430ee-508e-409d-8133-4bf750dfc3ef&userId=0801e55b68eb439ef90c9f9d65d77725&m=link
IP
139.45.196.64:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectcm65.com
FingerprintBD:01:8C:80:04:37:F6:D8:A9:22:23:1C:50:86:41:99:E2:44:32:B9
ValidityTue, 22 Apr 2025 12:53:57 GMT - Mon, 21 Jul 2025 12:53:56 GMT

File type
JSON text data
Size
2.3 kB (2323 bytes)
Hash
980aeaa440e7832bef0d2e25f65009f2
90ec5b6ab98715755778008bd0839a9305195daa
474c8216634d1e701dea2893173f6de2791cb5ca1323ab1d13cc78e277e5c592

HTTP Headers

GET /?rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714%3D&request_ab2=0&zoneid=6568874&js_build=iclick-v1.1457.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=450&wiw=800&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=800&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=4&wgl=llvmpipe&js_build=iclick-v1.1457.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&wasm=-1&bs=d5f430ee-508e-409d-8133-4bf750dfc3ef&userId=0801e55b68eb439ef90c9f9d65d77725&m=link HTTP/1.1
Host: cm65.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdoo.com/
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:58 GMT
content-type: application/json
x-trace-id: b64c815be79de60fc63bc6236780458e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://luluvdoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:58 GMT; path=/; secure; SameSite=None
oaidts=1749630418; expires=Thu, 11 Jun 2026 08:26:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 18 Jun 2025 08:26:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET luluvdoo.com/static/js/jquery-3.2.1.min.js

188.114.97.1

200 OK

87 kB

URL GET
luluvdoo.com/static/js/jquery-3.2.1.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /static/js/jquery-3.2.1.min.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 04 Oct 2024 21:06:44 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vfN4JJgycbeP7EY6iJwIzL4nsfUhv%2BFf7RJHoUQ1XUe3Ivgz1pcY3QUJoD79xoUmgVQWDijx5PuJDIBEFCk0YdoWpRL0Yp1%2B3tI%3D"}]}
etag: W/"15283-623ad0c5e1252"
content-encoding: br
cf-ray: 94dfb9da8a920b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jun 2025 20:17:34 GMT
expires: Thu, 04 Jun 2026 20:17:34 GMT
cache-control: public, max-age=31536000
age: 562158
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pop.admpire.com/sub/NqD7qY8

104.21.34.161

200 OK

232 B

URL GET
pop.admpire.com/sub/NqD7qY8
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type
HTML document, ASCII text
Size
232 B (232 bytes)
Hash
3fb6ecd2de32690480ec4a11c09c0d00
1f2f6fa158f0c21d86f7f6c18ddce47a9bc86675
4fdbf4b1601d1f7aa58744aebd3363ab5faa3382720e3c31d928833a0f615c30

HTTP Headers

GET /sub/NqD7qY8 HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0t2TR4UOIY6awlGVaqtCPwEqG8EQ1t0wbG8ad8ezl4lj9lMpG41i7xROjcNALhoVNdXtII86T8yhNSZvTT0wQi5Pa%2FY%2BqiZJ3ltlegc%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 94dfb9e2989756bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST pop.admpire.com/load

104.21.34.161

302 Found

0 B

URL POST
pop.admpire.com/load
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /load HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://pop.admpire.com
DNT: 1
Connection: keep-alive
Referer: https://pop.admpire.com/sub/5BOqQVD
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcqIk0p17G93KAtU3p93utQWpQtKZ%2BPiNUJpaj3%2FirvJ37jQfb90%2Fk9pPoOC4rvgeviIVUjQoq8xHugtwN7UNo8pIS3U9gUVCFsIcxuvHkXxWbRt8FBsPy3CcJdwNjxfLdY%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.revrtb.net/redirect?feed=754887&auth=GYis&pubid=207717
cf-cache-status: DYNAMIC
cf-ray: 94dfb9e67a677131-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3214&min_rtt=672&rtt_var=1523&sent=107&recv=129&lost=0&retrans=0&sent_bytes=11748&recv_bytes=8839&delivery_rate=493225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=636f36533148183d&ts=563&inflight_dur=65&x=80"

POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d

139.45.195.252

200 OK

12 B

URL POST
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1446
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 11 Jun 2025 08:26:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.35

200 OK

7.9 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 10:26:17 GMT
expires: Fri, 05 Jun 2026 10:26:17 GMT
cache-control: public, max-age=31536000
age: 511235
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET luluvdoo.com/player/jw8/jw8-theme.css

188.114.97.1

200 OK

24 kB

URL GET
luluvdoo.com/player/jw8/jw8-theme.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text, with very long lines (938), with CRLF line terminators
Size
24 kB (24379 bytes)
Hash
fe5e9757de5bbdd3f8157ce67950d325
f7e4ea57093c9f84ecb4b2e11f5f548cfd62bad7
0422fca1202e71e489ae82a3b4c530935be8b8685c532cfcafeced89f08d537b

HTTP Headers

GET /player/jw8/jw8-theme.css HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 05 Mar 2024 05:34:02 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5899
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Uxn9XqKAlG4HT8XRYGem2POaHN%2B0GEmfVnEoVfRmG%2BvZCxfDJGpAhcCguT%2Fi8wpBh2yVYipnkctUo%2B9O0L7LDJvuJ3OARFOEEmQ%3D"}]}
etag: W/"5f3b-612e330968823"
content-encoding: br
cf-ray: 94dfb9e06f6a0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST pop.admpire.com/load

104.21.34.161

302 Found

0 B

URL POST
pop.admpire.com/load
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /load HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://pop.admpire.com
DNT: 1
Connection: keep-alive
Referer: https://pop.admpire.com/sub/31aqKVe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb%2F1s15IL%2FovcI1Xpoz%2F%2B0hJfEyjF8GdAV74vPzenxVm3mp71cBMp50%2B3CULq0Q33UhdnTJsR1q4SeCUAtxzof6t%2FeI%2BlgHl59IAVo7ctgPK4RlSHOzYtV3W8tbPJl4usP0%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.popviking.com/redirect?feed=755905&auth=ZJCz&pubid=216461
cf-cache-status: DYNAMIC
cf-ray: 94dfb9e61a647131-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3067&min_rtt=672&rtt_var=1640&sent=104&recv=127&lost=0&retrans=0&sent_bytes=10670&recv_bytes=8344&delivery_rate=493225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=636f36533148183d&ts=508&inflight_dur=59&x=80"

POST qonko3llh2tq.l4.adsco.re/

185.200.118.62

200 OK

0 B

URL POST
qonko3llh2tq.l4.adsco.re/
IP
185.200.118.62:443
ASN
#9009 M247 Europe SRL

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject*.l4.adsco.re
Fingerprint76:AD:98:EA:A8:8F:6F:6D:58:92:36:07:6D:91:B6:67:41:97:C1:4E
ValiditySat, 19 Apr 2025 09:14:33 GMT - Fri, 18 Jul 2025 09:14:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: qonko3llh2tq.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:56 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ccg90.com/5/6568874

139.45.197.106

200 OK

113 kB

URL GET
ccg90.com/5/6568874
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectccg90.com
Fingerprint56:09:8B:A2:B0:CC:2D:94:BB:34:A2:E9:A2:FD:C7:53:D9:F4:20:83
ValidityWed, 23 Apr 2025 09:55:55 GMT - Tue, 22 Jul 2025 09:55:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112852 bytes)
Hash
7075ef88b592075e3c989566ed92e52e
ffed2a88c01dce65cdc4af07744eec906bc665f4
d34e9eed1dbe7d93a25af4474d5ecfb3cecf8415be12b9ee994b7a3451bca8b2

HTTP Headers

GET /5/6568874 HTTP/1.1
Host: ccg90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: application/javascript
x-trace-id: 7a07936b7ccb4cf4b5b75fc70d61bde9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0081e582ff0b4ab7f96824bd688897cf; expires=Thu, 11 Jun 2026 08:26:57 GMT; path=/; secure; SameSite=None
oaidts=1749630417; expires=Thu, 11 Jun 2026 08:26:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET luluvdoo.com/e/5wnda9dqqyw5

188.114.97.1

200 OK

86 kB

URL GET
luluvdoo.com/e/5wnda9dqqyw5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (30872), with CRLF, LF line terminators
Size
86 kB (86261 bytes)
Hash
a57928b53784614866f16fc7f48243ae
1896dcf84445ae0a38635efd2c0bf8e1612c8902
27fbada9aaa1330f47d230e01eb5a91a0acca1d368ace447d02cdcce02a06a07

HTTP Headers

GET /e/5wnda9dqqyw5 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
expires: Tue, 10 Jun 2025 08:26:52 GMT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AJ6qRf2e2jM37OAtdeVvgPGGLMeLvO%2FYzAXKQe6ithk%2Bw25bMDxny2jBvpEw3i8ovibOLB6UClOcxxxeqObt0FnwZJbfgr5UMws%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 94dfb9dc8c220b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET naupsakiwhy.com/401/7850681

139.45.197.107

200 OK

162 kB

URL GET
naupsakiwhy.com/401/7850681
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectnaupsakiwhy.com
FingerprintCC:6B:E7:B0:9A:C5:A8:D2:FC:E6:F7:61:8F:37:B2:90:85:C3:E0:C7
ValidityMon, 07 Apr 2025 05:39:45 GMT - Sun, 06 Jul 2025 05:39:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
162 kB (162428 bytes)
Hash
d8f34322612c45d23b1b461530b4d1a1
3dd818dbe7f4507bc82f21122183ae9fd266c678
fe5212290f5ea650cd7c9d6c7d8a634fe03e9366acfc2bd8f6639528c00acb3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/7850681 HTTP/1.1
Host: naupsakiwhy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: application/javascript
x-trace-id: 061e9d2e0fdb3f4324a13854c604fe90
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301e5eb24004064ecd2c9d39618451b; expires=Thu, 11 Jun 2026 08:26:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET cdn.tapioni.com/adgpt.js

172.67.31.117

200 OK

2.4 kB

URL GET
cdn.tapioni.com/adgpt.js
IP
172.67.31.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectcdn.tapioni.com
Fingerprint9D:5E:8D:89:3F:44:95:41:D4:6B:BF:25:E3:95:5E:B8:BE:81:F7:17
ValidityThu, 22 May 2025 00:42:30 GMT - Wed, 20 Aug 2025 01:42:27 GMT

File type
ASCII text, with very long lines (2391), with no line terminators
Size
2.4 kB (2391 bytes)
Hash
c8353a641602ac900bafa496ff76e18c
3ac832327c6f7e906d569b0f19180171f6da53ba
03f32871a596ccf145436c0c232c51ea74b2267a747edcd0f7a1eeb5828ca676

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: application/javascript
content-length: 879
cf-ray: 94dfb9e1d8a556b5-OSL
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-36f"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 547265
accept-ranges: bytes
server: cloudflare
X-Firefox-Spdy: h2

GET luluvdoo.com/player/jw8/jwplayer.core.controls.js

188.114.97.1

200 OK

333 kB

URL GET
luluvdoo.com/player/jw8/jwplayer.core.controls.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65143)
Size
333 kB (333439 bytes)
Hash
a8889c5f9e2492b9c3d6f73b5bad08fe
6b942336401bc4ecd598f91fcaa7db96c889e6b4
43502aabf4a1ce166cb2a84a177579663aa32e1ea7db8666bc67534a53a0f368

HTTP Headers

GET /player/jw8/jwplayer.core.controls.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 28 Nov 2023 20:20:44 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5HEtdzwn8Y1hxFh%2BYz3IG60zcwU02d8WTgc2fIQ7cwGStWJZUWnDiMf7koeIy1f%2Fi%2Fm7X3HYogWaXuSulupSYE6kFH8SvncajBE%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 572
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
etag: W/"5167f-60b3c274227f4"
content-encoding: br
cf-ray: 94dfb9e06f630b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/player/jw8/polyfills.webvtt.js

188.114.97.1

200 OK

11 kB

URL GET
luluvdoo.com/player/jw8/polyfills.webvtt.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10393)
Size
11 kB (10791 bytes)
Hash
b3e139c07aac361115e8ec41bde7d2a5
0c3fc8d31887dafb86ba778da788ece5cbf76f18
1ff5585bdbea001d37f3647975a645f0594090f070915831286de90dd45949d5

HTTP Headers

GET /player/jw8/polyfills.webvtt.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250; _ga_RFESL45RJX=GS2.1.s1749630413$o1$g0$t1749630413$j60$l0$h0; _ga=GA1.1.707617054.1749630413; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 07 Jun 2023 06:30:47 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3uvHPG%2BfkYn3Hgka2A%2BRdFBcnjT9MHrB5WMhSG2UBHml9DWKlMcu0x%2FwuEoR30jhk%2BQ1x8njhHe3iyI97kOgZ1wlI2ky0z0cFJA%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 573
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
etag: W/"2a27-5fd8446b4edf7"
content-encoding: br
cf-ray: 94dfb9e60b510b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET 6.adsco.re:2087/

104.17.166.186

200 OK

45 B

URL GET
6.adsco.re:2087/
IP
104.17.166.186:2087
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:56 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: https://luluvdoo.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 94dfb9f7dd1b56a8-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2

POST qonko3llh2tq.n4.adsco.re/

38.132.109.126

200 OK

0 B

URL POST
qonko3llh2tq.n4.adsco.re/
IP
38.132.109.126:443
ASN
#9009 M247 Europe SRL

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject*.n4.adsco.re
FingerprintA4:A0:A6:46:DF:45:B1:CC:DD:05:80:89:4C:8B:F3:44:48:A8:D5:89
ValidityMon, 19 May 2025 09:14:22 GMT - Sun, 17 Aug 2025 09:14:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: qonko3llh2tq.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.10

200 OK

27 kB

URL GET
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
27 kB (26935 bytes)
Hash
c1dfd96443eb2be2a1f91f6adb6f9dbb
34fcc9ca9febd9112aeeb81b053d0d2bb6ab4b9c
59e10836dc5089dc4aa2f54b882ceb39184f2970d915a5de1a594d502876143a

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jun 2025 08:27:09 GMT
date: Wed, 11 Jun 2025 08:27:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.xadsmart.com/psvg.connectable.min.css

95.173.205.14

200 OK

37 kB

URL GET
www.xadsmart.com/psvg.connectable.min.css
IP
95.173.205.14:443
ASN
#60068 Datacamp Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject1376341044.rsc.cdn77.org
Fingerprint0B:6C:90:13:86:63:9E:9A:77:0E:59:C0:5B:FC:BF:83:A0:EB:98:F3
ValidityWed, 16 Apr 2025 02:51:46 GMT - Tue, 15 Jul 2025 02:51:45 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37168 bytes)
Hash
74079f991ae353857c71405b1d78001d
3b2f4c37ebe0277b68f8e0057589b433fd2ebeee
cab60f4043b41006b96ba9ae7b7181e01d38dc1ee96af764f10b470ade85f424

HTTP Headers

GET /psvg.connectable.min.css HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: application/x-javascript
popads-node: wb8
expires: Fri, 13 Jun 2025 15:24:38 GMT
access-control-allow-origin: https://luluvdoo.com
link: <https://xadsmart.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQH3kjUGAAwBuUwKCQH3BAAAAAwBJRPCVwG3AQAAAA
x-77-nzt-ray: 2a494a159ba90dd1f23d4968806e5700
x-77-cache: HIT
x-77-age: 406930
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

GET storage.lulu-row1.com/api/settings/491223

37.27.230.125

200 OK

33 B

URL GET
storage.lulu-row1.com/api/settings/491223
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject5f-hj8-5d2g.dnsdf.com
Fingerprint8F:60:B0:BA:1A:37:56:94:0F:D8:3C:05:81:DE:BC:53:03:90:AC:B6
ValidityTue, 03 Jun 2025 08:28:39 GMT - Mon, 01 Sep 2025 08:28:38 GMT

File type
JSON text data
Size
33 B (33 bytes)
Hash
1be64b6d6652effba7dcf744e90def6a
d9fbc7d1fa49fa4733f90a3739882d63972c2352
72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f

HTTP Headers

GET /api/settings/491223 HTTP/1.1
Host: storage.lulu-row1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdoo.com/
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

GET luluvdoo.com/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http

188.114.97.1

200 OK

38 B

URL GET
luluvdoo.com/js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text, with CRLF line terminators
Size
38 B (38 bytes)
Hash
99eccae6afa72c589ae54b5c3890282a
0f102f8f5b556635de65d16cf70fa8269c6761b4
b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3

HTTP Headers

GET /js/dnsads.js?ads=1&AdType=1&cbrandom=2&clicktag=http HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 13 Sep 2021 15:50:14 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xXSwdyNuXQcja0IbP%2FXW4r1y37xxzHvSWRYiY5aFFkFsdMcyeIF%2Bj5yVFXQGrF9ohfDYU%2BndSNX60a%2FnUXkI1FY9PDrbFWOcY0c%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 6269
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
etag: W/"26-5cbe26bbab980"
content-encoding: br
cf-ray: 94dfb9de4db60b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET appointeeivyspongy.com/get/2003354?zoneid=2003354&var=Tukanggorengan&jp=_cltwlgcjdceybdrkpuvaxc&dr=49&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0

94.242.247.24

200 OK

3.4 kB

URL GET
appointeeivyspongy.com/get/2003354?zoneid=2003354&var=Tukanggorengan&jp=_cltwlgcjdceybdrkpuvaxc&dr=49&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0
IP
94.242.247.24:443
ASN
#7979 SERVERS-COM

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30
ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT

File type
ASCII text, with very long lines (3356), with no line terminators
Size
3.4 kB (3356 bytes)
Hash
d89ba3ec1d9b1764efb192b37572fffe
70f2c4ec43b99aa9bc54d25b921a01666345c18c
6b0d4beba77cd0afb74faee029279b1cc5c49c78d159d6e38897435abcdd35a5

HTTP Headers

GET /get/2003354?zoneid=2003354&var=Tukanggorengan&jp=_cltwlgcjdceybdrkpuvaxc&dr=49&nojs=0&abvar=834&febuild=cf77eccd6b50e4d6711f008979aea3c1553ed996&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=q5v3uN3pV&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=Ya5J6ggaHR0cHM6Ly9sdWx1dmRvby5jb20vNXduZGE5ZHFxeXc1&ix=0&x=801&y=801&md=0&psu=DPM6UR6aHR0cHM6Ly9sdWx1dmRvby5jb20vZS81d25kYTlkcXF5dzU&afid=5744163312981504&eclog=0&snc=0&ssc=0&vp=8&dto=2&im=1&noch=1&de=0&cs=2&uf=0 HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:55 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 15 Jul 2026 08:26:55 GMT; Secure; SameSite=None
UID=2506110326bedb65d82f1e42efa99500805c; Path=/; Expires=Wed, 15 Jul 2026 08:26:55 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

GET 4.adsco.re:2087/

162.252.214.5

200 OK

45 B

URL GET
4.adsco.re:2087/
IP
162.252.214.5:2087
ASN
#53334 TUT-AS

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 11 Jun 2025 08:26:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

GET 4.adsco.re/

162.252.214.5

200 OK

45 B

URL GET
4.adsco.re/
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
5b41cb22f84f645a103acc7bfbf084ff
bac3967b26d5ec4a0d09a580714e8219796816bd
709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc

HTTP Headers

GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 11 Jun 2025 08:26:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip

POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d

139.45.195.252

200 OK

0 B

URL POST
fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=40c95699-b6ac-4dc2-9d74-fffed3faf49d HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 451
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 11 Jun 2025 08:26:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET a.lulucdn.com/js/tabber.js

188.114.96.1

200 OK

6.1 kB

URL GET
a.lulucdn.com/js/tabber.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectlulucdn.com
Fingerprint75:66:DA:9D:02:A3:01:18:48:B6:FC:1B:C1:DD:AD:2C:5E:18:0C:DA
ValidityTue, 03 Jun 2025 07:21:50 GMT - Mon, 01 Sep 2025 08:20:05 GMT

File type
ASCII text, with very long lines (538)
Size
6.1 kB (6147 bytes)
Hash
f6be5160018c4101fa76b42650b5a1a6
d8d3efdadf32bb4fd6daac619575969b241d2864
c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a

HTTP Headers

GET /js/tabber.js HTTP/1.1
Host: a.lulucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 06 Jul 2010 18:48:14 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IItnKDgDv4cdAc%2BizjiJq3ZJk%2Fs1xBwJ1at78YmuaISMMMJwbQqeekPGX1Hq4EicwYWa%2Fu2zyyJxj0AzuBIjIelk53To5Bsi43l6"}]}
access-control-allow-origin: *
age: 2525
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
etag: W/"1803-48abc7ee0f780"
content-encoding: br
cf-ray: 94dfb9db0e760b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET luluvdoo.com/static/images/favicon/favicon-16x16.png

188.114.97.1

200 OK

548 B

URL GET
luluvdoo.com/static/images/favicon/favicon-16x16.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
548 B (548 bytes)
Hash
6838878cfde9e9d78c330105a6ab932d
06a95c23af93b6153dfcda092f40e80c88fd0e22
f3dae2a6361188dbf5d7d5e8a5757075359af6c18917b287f2b3ccc2fa53f370

HTTP Headers

GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: image/png
content-length: 548
server: cloudflare
last-modified: Tue, 28 Nov 2023 10:14:08 GMT
etag: "224-60b33addbd988"
accept-ranges: bytes
access-control-allow-origin: *
age: 5300
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=6,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bNDtJ0INB8VwRwOCmQFNXPHlX0qacrbLHgvyXYu7keN4kEmIeeAru9%2F2kOPbBw2%2FWE8KfciqlXFEi4Q3YOqdaKFYPppGtSIe%2FxU%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94dfb9ddad280b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/js/xupload.js

188.114.97.1

200 OK

11 kB

URL GET
luluvdoo.com/js/xupload.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text
Size
11 kB (10768 bytes)
Hash
36d53d0f509d1642267ebb68b36165a6
18534c979b23a500124e316d07db0f42e4d72bdd
435e82278b5b2cf7980b025827e97d4edeb310b8fe31ef18f8a4535f36ba298f

HTTP Headers

GET /js/xupload.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 13 Nov 2024 21:12:37 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bTfQUgCaWyGq7DOV%2FplQNkWZ4RjyzAakfVd11qlhM98VurRjh158qQ0hH7lXxgAiBofeHsi%2F4IQw%2FYDNYZbu2%2F37wqMBYMjsJAg%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 2721
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
etag: W/"2a10-626d1cb18bf4f"
content-encoding: br
cf-ray: 94dfb9de1d8c0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET naupsakiwhy.com/impression/W3j70slZwNM7JubVJNiizfBc0raVMszqA7QE5-OAVd6-G3HFlpiUVLXa0yocMc-zApHOyG2GcOWRBg2Q9SW7PapQbO6e8Rnfw8Opf22mZyLIxu9tsBp77uaz9VeDnYajkaIzsIwwmLqH5mMvcb4_mhVRTPnoge8Yh3Al9z8tqkxscsHlJEGfUi0ERCndrxy5drP-IzofCcdYj4PGkzm4UCx7MIn8rG4HOQZOYKXhX61KiP9rXpDylluPNAj8dGprRtazd9n2lRaIayo8HS3L1GlimgRisj5AYAnmB35tI6qqhRCO148mvTWzRdJ2hec2q_0jU5mJ3pRgr-3S7CJY0s53upe5mafJ1JlsOO_alHSBhx_zOYNAxCZQfW9PQyPgkWQP58YNU0-qpr3qcwIAJgjX8rlT1bgT5xFCrgok9iMRNcVtiRG6S1mgiYavApLyC8LKVQPpUF48r9n306LrAuLANGkKAtNWsYoPB9RDblrHS77JsbWP7JHA4xrTDg-DhB8BZMbv3-UjW-mf7TVSdVqG9ysVhNMz_BDGzn9w_fLsKoS9U4IRHhhj9LJ3KSFi9Mem_w3zely7CvdeXIm7jVHA1Buq0MKcRhIr2YPrlJsz8NyqP-oDSo6FDF29SCWj8ViQavnVeysyldIiTr42HajHQ8g00kwnSA614ZqH_rGr_p3o?_z=7850681&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

43 B

URL GET
naupsakiwhy.com/impression/W3j70slZwNM7JubVJNiizfBc0raVMszqA7QE5-OAVd6-G3HFlpiUVLXa0yocMc-zApHOyG2GcOWRBg2Q9SW7PapQbO6e8Rnfw8Opf22mZyLIxu9tsBp77uaz9VeDnYajkaIzsIwwmLqH5mMvcb4_mhVRTPnoge8Yh3Al9z8tqkxscsHlJEGfUi0ERCndrxy5drP-IzofCcdYj4PGkzm4UCx7MIn8rG4HOQZOYKXhX61KiP9rXpDylluPNAj8dGprRtazd9n2lRaIayo8HS3L1GlimgRisj5AYAnmB35tI6qqhRCO148mvTWzRdJ2hec2q_0jU5mJ3pRgr-3S7CJY0s53upe5mafJ1JlsOO_alHSBhx_zOYNAxCZQfW9PQyPgkWQP58YNU0-qpr3qcwIAJgjX8rlT1bgT5xFCrgok9iMRNcVtiRG6S1mgiYavApLyC8LKVQPpUF48r9n306LrAuLANGkKAtNWsYoPB9RDblrHS77JsbWP7JHA4xrTDg-DhB8BZMbv3-UjW-mf7TVSdVqG9ysVhNMz_BDGzn9w_fLsKoS9U4IRHhhj9LJ3KSFi9Mem_w3zely7CvdeXIm7jVHA1Buq0MKcRhIr2YPrlJsz8NyqP-oDSo6FDF29SCWj8ViQavnVeysyldIiTr42HajHQ8g00kwnSA614ZqH_rGr_p3o?_z=7850681&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectnaupsakiwhy.com
FingerprintCC:6B:E7:B0:9A:C5:A8:D2:FC:E6:F7:61:8F:37:B2:90:85:C3:E0:C7
ValidityMon, 07 Apr 2025 05:39:45 GMT - Sun, 06 Jul 2025 05:39:44 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/W3j70slZwNM7JubVJNiizfBc0raVMszqA7QE5-OAVd6-G3HFlpiUVLXa0yocMc-zApHOyG2GcOWRBg2Q9SW7PapQbO6e8Rnfw8Opf22mZyLIxu9tsBp77uaz9VeDnYajkaIzsIwwmLqH5mMvcb4_mhVRTPnoge8Yh3Al9z8tqkxscsHlJEGfUi0ERCndrxy5drP-IzofCcdYj4PGkzm4UCx7MIn8rG4HOQZOYKXhX61KiP9rXpDylluPNAj8dGprRtazd9n2lRaIayo8HS3L1GlimgRisj5AYAnmB35tI6qqhRCO148mvTWzRdJ2hec2q_0jU5mJ3pRgr-3S7CJY0s53upe5mafJ1JlsOO_alHSBhx_zOYNAxCZQfW9PQyPgkWQP58YNU0-qpr3qcwIAJgjX8rlT1bgT5xFCrgok9iMRNcVtiRG6S1mgiYavApLyC8LKVQPpUF48r9n306LrAuLANGkKAtNWsYoPB9RDblrHS77JsbWP7JHA4xrTDg-DhB8BZMbv3-UjW-mf7TVSdVqG9ysVhNMz_BDGzn9w_fLsKoS9U4IRHhhj9LJ3KSFi9Mem_w3zely7CvdeXIm7jVHA1Buq0MKcRhIr2YPrlJsz8NyqP-oDSo6FDF29SCWj8ViQavnVeysyldIiTr42HajHQ8g00kwnSA614ZqH_rGr_p3o?_z=7850681&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: naupsakiwhy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: OAID=0801e55b68eb439ef90c9f9d65d77725
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:27:09 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9e4e85b3077bfff1732f864856b3a535
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 107297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET storage.lulu-row1.com/api/users/491223?host=luluvdoo.com&ev=220&wh=450&ww=800&uuid=&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=1&referrer=luluvdoo.com&s1=Tukanggorengan&fs1=1&s2=82250&fs2=1&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5

37.27.230.125

200 OK

653 B

URL GET
storage.lulu-row1.com/api/users/491223?host=luluvdoo.com&ev=220&wh=450&ww=800&uuid=&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=1&referrer=luluvdoo.com&s1=Tukanggorengan&fs1=1&s2=82250&fs2=1&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject5f-hj8-5d2g.dnsdf.com
Fingerprint8F:60:B0:BA:1A:37:56:94:0F:D8:3C:05:81:DE:BC:53:03:90:AC:B6
ValidityTue, 03 Jun 2025 08:28:39 GMT - Mon, 01 Sep 2025 08:28:38 GMT

File type
ASCII text, with very long lines (349)
Size
653 B (653 bytes)
Hash
3eda3e87473893d823107b766b8d4df6
a9d86640f73915fb271797ddd71e3801286fbdaf
2fdda71de3894d03e016af02d79709d4101dcb1ec693af715b1ce819929f7a6f

HTTP Headers

GET /api/users/491223?host=luluvdoo.com&ev=220&wh=450&ww=800&uuid=&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=1&referrer=luluvdoo.com&s1=Tukanggorengan&fs1=1&s2=82250&fs2=1&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5 HTTP/1.1
Host: storage.lulu-row1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=HcEoTep0GsRMqQI7JaSe; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

OPTIONS ohalmfaap.com/

139.45.197.112

200 OK

0 B

URL OPTIONS
ohalmfaap.com/
IP
139.45.197.112:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectohalmfaap.com
FingerprintA3:47:77:BE:1D:D0:82:42:CF:F8:E6:84:DE:36:27:11:EC:84:2B:48
ValidityTue, 10 Jun 2025 11:19:57 GMT - Mon, 08 Sep 2025 11:19:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: ohalmfaap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: HEAD
Access-Control-Request-Headers: content-type
Referer: https://luluvdoo.com/
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://luluvdoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

OPTIONS naupsakiwhy.com/500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

0 B

URL OPTIONS
naupsakiwhy.com/500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectnaupsakiwhy.com
FingerprintCC:6B:E7:B0:9A:C5:A8:D2:FC:E6:F7:61:8F:37:B2:90:85:C3:E0:C7
ValidityMon, 07 Apr 2025 05:39:45 GMT - Sun, 06 Jul 2025 05:39:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: naupsakiwhy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://luluvdoo.com/
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:59 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://luluvdoo.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

HEAD luluvdoo.com/e/5wnda9dqqyw5

188.114.97.1

403 Forbidden

0 B

URL HEAD
luluvdoo.com/e/5wnda9dqqyw5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/5wnda9dqqyw5 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: file_id=10597612; aff=82250; ref_url=luluvdoo.com; lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=27pDdjsz8SZ%2BCnmniBFXXuzOa4VWgNupXG7D6mc3in4W4kiPYKl0quPaRcCpHTeMLOhp7G1YSKlKNPYdMbWfLU0e0Y9b6MuoivE%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 94dfb9e09f870b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL GET
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jun 2025 13:20:36 GMT
expires: Fri, 05 Jun 2026 13:20:36 GMT
cache-control: public, max-age=31536000
age: 500776
last-modified: Wed, 23 Apr 2025 16:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET a.lulucdn.com/js/jdadbl.js

188.114.96.1

200 OK

2.6 kB

URL GET
a.lulucdn.com/js/jdadbl.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectlulucdn.com
Fingerprint75:66:DA:9D:02:A3:01:18:48:B6:FC:1B:C1:DD:AD:2C:5E:18:0C:DA
ValidityTue, 03 Jun 2025 07:21:50 GMT - Mon, 01 Sep 2025 08:20:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2579)
Size
2.6 kB (2631 bytes)
Hash
95fd065c887d003f9a169dee9876532c
0f111b6d5e142fadb966a1feb264d519c12a59d9
4d4c84ad505bddf4d49b1222db984d7aaa425c6702c79029801632bf31f2b80d

HTTP Headers

GET /js/jdadbl.js HTTP/1.1
Host: a.lulucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 13 Sep 2021 21:39:44 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 6923
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rgrpW9Dbo23CCrgx4M8TpDHbUFIGe5rk4T5kBfeizjEnllt2tdF4yvrYXTnVJsjyiDY5Z4uVWNgri4paVDLxkEHKHbTSXuKX5419"}]}
etag: W/"a47-5cbe74da38800"
content-encoding: br
cf-ray: 94dfb9de2f5456a5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/js/jquery.min.js

188.114.97.1

200 OK

90 kB

URL GET
luluvdoo.com/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 03 Mar 2021 00:27:20 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 2723
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7paZO26WW2jlN2gMccGMQeA22%2BrAwilz9WcmJ2uIzE%2BaTk1ILogLFPUPAGQLvpfijkHHgNuZA56mXTCYpMr6uCOIPSwJKJbQK2U%3D"}]}
etag: W/"15d9d-5bc96e9f7ca00"
content-encoding: br
cf-ray: 94dfb9de1d8a0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET www.googletagmanager.com/gtag/js?id=G-RFESL45RJX

142.250.74.136

200 OK

397 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-RFESL45RJX
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (6004)
Size
397 kB (397257 bytes)
Hash
cb7e8b8913c1dd94f48df021a6be8e5d
4447a91766507aa883acc1a520574158b09056a1
e7672ef8504c790576cebe4e816a91d0c446fc8cfd89ba32d96bd2731bab2778

HTTP Headers

GET /gtag/js?id=G-RFESL45RJX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jun 2025 08:26:52 GMT
expires: Wed, 11 Jun 2025 08:26:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 132228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
0a61f19b59a41d92ca1d4f255c965067
7872117c6d4fc4eb6d5be3fb8f39cf9a08658110
d592435815d6ddb947f361030f41b4f8cc1dc3c8c725e7d9fb1eb68ef82ed6f2

HTTP Headers

GET /gid.js?userId=f5mu127261tf145716635e7p6thsu057 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: ID=0801e55b68eb439ef90c9f9d65d77725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luluvdoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 94dfb9f0dd73b4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js?userId=f5mu127261tf145716635e7p6thsu057
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
0a61f19b59a41d92ca1d4f255c965067
7872117c6d4fc4eb6d5be3fb8f39cf9a08658110
d592435815d6ddb947f361030f41b4f8cc1dc3c8c725e7d9fb1eb68ef82ed6f2

HTTP Headers

GET /gid.js?userId=f5mu127261tf145716635e7p6thsu057 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: ID=0801e55b68eb439ef90c9f9d65d77725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luluvdoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 94dfb9fa4fdcb4f3-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

HEAD ohalmfaap.com/

139.45.197.112

200 OK

0 B

URL HEAD
ohalmfaap.com/
IP
139.45.197.112:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectohalmfaap.com
FingerprintA3:47:77:BE:1D:D0:82:42:CF:F8:E6:84:DE:36:27:11:EC:84:2B:48
ValidityTue, 10 Jun 2025 11:19:57 GMT - Mon, 08 Sep 2025 11:19:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: ohalmfaap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: text/html
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: text/html
x-t24r99a72c59e43-54i95d93: 00000000000000000000000000000000
vary: Accept-Encoding, Origin
access-control-allow-origin: https://luluvdoo.com
access-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
access-control-allow-credentials: true
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
x-application-key: 17dx3Z1jjJotukyx8yd68
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

GET luluvdoo.com/static/js/bootstrap.bundle.min.js

188.114.97.1

200 OK

80 kB

URL GET
luluvdoo.com/static/js/bootstrap.bundle.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
80 kB (79790 bytes)
Hash
2faceb2d3db75ced808545e78fab94ed
c663baa051856b64d746629a961e23bbf0fbaf8c
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

HTTP Headers

GET /static/js/bootstrap.bundle.min.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: application/javascript
server: cloudflare
last-modified: Fri, 04 Oct 2024 21:05:27 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=W1sAup4esR6toTkPi2glbAZqMMMPnEzqYl7rwU9Yfrb3u5imZUYqrfFMlOyFIttcfhP9EPLQPLG0LbB35kCQ%2F6%2BmHWSr2NiM1oQ%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
etag: W/"137ae-623ad07ce5ec4"
content-encoding: br
cf-ray: 94dfb9da8a930b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/static/js/app.js

188.114.97.1

200 OK

124 B

URL GET
luluvdoo.com/static/js/app.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text, with CRLF line terminators
Size
124 B (124 bytes)
Hash
a07895ac86cac1a78949c8ca136d18ed
c70ffb13c719c6baec0d8826cf8d6a39bddb2f26
fdf1596c977e88a73f0ae807281f05e173e65fced4cd5bc1a9f2e8fa0f7a9690

HTTP Headers

GET /static/js/app.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 28 Nov 2023 10:13:33 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NyBJwRFpLlFdOk4mcl%2F4z9pa69pfrb4X3R6TA0tf%2F9Q603FC70ctB%2BfWndTle0DgOGyqjTVJa%2FA5FHsehMIpAWsPa0PGH6WaAPA%3D"}]}
etag: W/"7c-60b33abc30095"
content-encoding: br
cf-ray: 94dfb9da8a960b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/static/js/xupload.js?10

188.114.97.1

200 OK

11 kB

URL GET
luluvdoo.com/static/js/xupload.js?10
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
JavaScript source, ASCII text
Size
11 kB (10824 bytes)
Hash
e4636fbf8635505188a382d9f776df1e
c7bdf7e766905f43986077cfec829ffd8d38ceaf
db15935f397c8566260e3f6a4978e41db5b31055976fa4c7265907e4390ae101

HTTP Headers

GET /static/js/xupload.js?10 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 13 Nov 2024 21:12:40 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 5289
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TnTbUgzLUzx66wzwEPXVDXUtKsZ3eaNnR%2B4EanGxOzrtj5GwnNo%2FRe9%2FFkYiaFjy1ErgSNn21LJzBahkKIGqhKQOiDe7uKq6D0w%3D"}]}
etag: W/"2a48-626d1cb458887"
content-encoding: br
cf-ray: 94dfb9da9a9e0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET rbov.rqyebojzwaywq.top/keljmqkzwykzb/jzzmqq?d=0

23.109.170.12

200 OK

5 B

URL GET
rbov.rqyebojzwaywq.top/keljmqkzwykzb/jzzmqq?d=0
IP
23.109.170.12:443
ASN
#7979 SERVERS-COM

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerZeroSSL
Subjectrbov.rqyebojzwaywq.top
FingerprintF3:84:8C:90:9F:FA:BB:59:63:36:A5:8C:04:D0:D9:E0:D3:C0:11:9A
ValidityFri, 30 May 2025 00:00:00 GMT - Thu, 28 Aug 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
848667c49f5d3aef59cd65ed276cd7ae
bd12c0ca2dfaa249586f1b9b8d48b02a1b9e3763
cc5a5851251dd8052292557ba0231c51363ff1474f60b7a4af3be144cb1327c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /keljmqkzwykzb/jzzmqq?d=0 HTTP/1.1
Host: rbov.rqyebojzwaywq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:53 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Thu, 12-Jun-2025 08:26:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 12-Jun-2025 08:26:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET naupsakiwhy.com/500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.107

200 OK

1.4 kB

URL GET
naupsakiwhy.com/500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectnaupsakiwhy.com
FingerprintCC:6B:E7:B0:9A:C5:A8:D2:FC:E6:F7:61:8F:37:B2:90:85:C3:E0:C7
ValidityMon, 07 Apr 2025 05:39:45 GMT - Sun, 06 Jul 2025 05:39:44 GMT

File type
JSON text data
Size
1.4 kB (1422 bytes)
Hash
dffff46464345b7d53ea1385da1164a9
aec80340859ef6a25a1fff17970f8e8927566159
614ca4d64663d9306f477d45ebd5dcdeda3d9e40bec4eaca342dfc0ca15d12ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/7850681?excludes=&oaid=0801e55b68eb439ef90c9f9d65d77725&var=&ymid=&tgp=&js_build=8&sw_version=v1.646.0&dmn=naupsakiwhy.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=800&wiw=800&wih=450&wfc=1&pl=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&drf=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: naupsakiwhy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: OAID=0301e5eb24004064ecd2c9d39618451b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:59 GMT
content-type: application/javascript
x-trace-id: 58fb4ee164e43e6d51844b8c5baea83c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://luluvdoo.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET luluvdoo.com/5wnda9dqqyw5

188.114.97.1

200 OK

14 kB

URL User Request GET
luluvdoo.com/5wnda9dqqyw5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (669), with CRLF, LF line terminators
Size
14 kB (14413 bytes)
Hash
3495fc74fc9e76fa36abec4d936f0754
2c537799c5f381bcc944e108798b07872da7aef5
b2527f3d8b19ac2abc96e5ef7d4266d51267b0b8ae9f321558262592edfd7f99

HTTP Headers

GET /5wnda9dqqyw5 HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:51 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
expires: Tue, 10 Jun 2025 08:26:51 GMT
x-frame-options: DENY
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=t%2FMevtD47%2BXFyFL6JijluNXTHdWHKSXIjhnlAv6vQfPyUDuRJanf2GKIh5QGs8xeMOlW5gQ2SBdxNRwaB1ld%2FqqQkktVdG7kRaE%3D"}]}
content-encoding: br
set-cookie: lang=1; HttpOnly; Path=/; Domain=luluvdoo.com
cf-ray: 94dfb9d7fc22b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET luluvdoo.com/js/jquery.cookie.js

188.114.97.1

200 OK

4.3 kB

URL GET
luluvdoo.com/js/jquery.cookie.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text
Size
4.3 kB (4331 bytes)
Hash
ae0c2c5d8f01f7d35bb698bb618a62f7
63556a22ddea1c5f23a5cf7d0b6d35c7aab54e20
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 31 May 2011 12:53:56 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 6269
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hs2JnitRD0X2X6Yu1lH4q7%2F1j9HuYuFjAS%2FuZhGk6a1sLWvRYjNB0oYj%2FCK322EVDsWhse99Qgs0HJmotPsG9W5%2BfqhZGb%2BOPzQ%3D"}]}
etag: W/"10eb-4a491e5980100"
content-encoding: br
cf-ray: 94dfb9de2d8e0b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET pop.admpire.com/sub/31aqKVe

104.21.34.161

200 OK

234 B

URL GET
pop.admpire.com/sub/31aqKVe
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type
HTML document, ASCII text
Size
234 B (234 bytes)
Hash
386ed6b4abd8e72933b626b3a6759b8c
9083c09e5a3fe2c72ce7e61fdf43b6c1b11830ed
51dd284f3f31d59c48b9687134ce9701a0289f5a0f62c26a756ddac57e4b7a97

HTTP Headers

GET /sub/31aqKVe HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=D%2F9q89zRq21Z7HFYhbqOnFHvPOjHUkl2dhBiYmniQJRV7B87Wn47SqAAAkAF6J67rpa%2BedzIdkXeVOY5viixO%2FPb0YtrcrOWOKJA38E%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 94dfb9e2c8cf56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET xml.zeusadx.com/redirect?feed=754911&auth=SdZN&pubid=207410

174.137.133.17

200 OK

0 B

URL GET
xml.zeusadx.com/redirect?feed=754911&auth=SdZN&pubid=207410
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintB6:CE:F6:86:30:F6:C6:02:DE:C2:AB:6A:F8:96:D2:51:69:AE:B0:DB
ValiditySat, 19 Oct 2024 00:00:00 GMT - Tue, 18 Nov 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=754911&auth=SdZN&pubid=207410 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pop.admpire.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

POST pop.admpire.com/load

104.21.34.161

302 Found

0 B

URL POST
pop.admpire.com/load
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /load HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://pop.admpire.com
DNT: 1
Connection: keep-alive
Referer: https://pop.admpire.com/sub/XqVRq1x
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DDUi9b6kQredMev7Hm5vYqPSVjYZfUGjJ%2FnRqduYga132WkJNDJM7CoAYaHNMMdVLh7O4D3Z0YzdDpXs6JhecIiDjxoFCEzg1bL1uDogYaafWbRWikvOlY4o%2F4ZD0O%2FSPg%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.acertb.com/redirect?feed=754922&auth=Mc2A&pubid=207411
cf-cache-status: DYNAMIC
cf-ray: 94dfb9e6ea697131-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2945&min_rtt=672&rtt_var=1680&sent=110&recv=131&lost=0&retrans=0&sent_bytes=12814&recv_bytes=9334&delivery_rate=493225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=636f36533148183d&ts=634&inflight_dur=71&x=80"

GET xml.popviking.com/redirect?feed=755905&auth=ZJCz&pubid=216461

173.239.53.20

200 OK

0 B

URL GET
xml.popviking.com/redirect?feed=755905&auth=ZJCz&pubid=216461
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.popviking.com
Fingerprint9A:6F:D5:4B:15:47:E6:F0:AF:7E:F2:B2:DE:16:DB:32:4E:BF:65:CC
ValidityWed, 08 Jan 2025 00:00:00 GMT - Thu, 08 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=755905&auth=ZJCz&pubid=216461 HTTP/1.1
Host: xml.popviking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pop.admpire.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

GET my.rtmark.net/gid.js

104.18.41.22

200 OK

65 B

URL GET
my.rtmark.net/gid.js
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82
ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
0a61f19b59a41d92ca1d4f255c965067
7872117c6d4fc4eb6d5be3fb8f39cf9a08658110
d592435815d6ddb947f361030f41b4f8cc1dc3c8c725e7d9fb1eb68ef82ed6f2

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://luluvdoo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801e55b68eb439ef90c9f9d65d77725; expires=Thu, 11 Jun 2026 08:26:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 94dfb9e8f9670b61-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET luluvdoo.com/static/images/favicon/apple-touch-icon.png

188.114.97.1

200 OK

9.2 kB

URL GET
luluvdoo.com/static/images/favicon/apple-touch-icon.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9220 bytes)
Hash
7a7b4fa976c5a0dfeb1713a820494350
bbb3555840bdf8a038725bd02f6b0950d9228a82
3b79273d95893ccab9b10a4b8385fead35da74e72d083b324fa2e95b1e72f09b

HTTP Headers

GET /static/images/favicon/apple-touch-icon.png HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: image/png
content-length: 9220
server: cloudflare
last-modified: Tue, 28 Nov 2023 10:14:14 GMT
etag: "2404-60b33ae35e38c"
accept-ranges: bytes
access-control-allow-origin: *
age: 2041
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=6,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8oyveP8PHr0wIAJeQbFc%2F3yxN8Xf2%2FSkmcrDoF7VtRBJAn8qOLO%2Br%2BHvyTMj5XUR0aFbqEahdPhSozFdsrkXMwEeUGG36mn0Jl0%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94dfb9ddad260b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET luluvdoo.com/js/pop.js

188.114.97.1

200 OK

36 B

URL GET
luluvdoo.com/js/pop.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
ASCII text, with CRLF line terminators
Size
36 B (36 bytes)
Hash
2f8fefc6a5aed3327c395f43db6be62d
8594728c9e75e88e1a759e8c8466df832323d963
ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba

HTTP Headers

GET /js/pop.js HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 14 May 2015 19:57:56 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 781
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MKwpyIdiWVam98ajFwCwLGN4sw%2BHS7KxBeBhgdIvpgzFIa1AHaMBhRmiBXlwOW4jQVNnyvmkgoeFiNRZhmmeKdPXqG%2BcHM2t4Fo%3D"}]}
etag: W/"24-5161024c91900"
content-encoding: br
cf-ray: 94dfb9de4db90b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET pop.admpire.com/sub/XqVRq1x

104.21.34.161

200 OK

231 B

URL GET
pop.admpire.com/sub/XqVRq1x
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type
HTML document, ASCII text
Size
231 B (231 bytes)
Hash
b52d79ded9ef2a9f553fbcb7cdf66842
812e231111428fd66c4de21697bb3b05e4f659f1
4843690434c63ccbde37041c9c88b9e9d1cd6c37ad0c2925d088917367195355

HTTP Headers

GET /sub/XqVRq1x HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=49t0H1fX4h0EXDLclzLJYHc2mWuUWPsz0RFmJyq%2FdOlfwZpwxyM2EXY%2BcVFJpcw2WuK1sV1l4%2FuI3QSVY%2Fst9dh%2Fcrauz1jpLRBNC6s%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 94dfb9e2b8bf56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET xml.xmlking.com/redirect?feed=754939&auth=lCq8&pubid=195184

174.137.133.17

200 OK

0 B

URL GET
xml.xmlking.com/redirect?feed=754939&auth=lCq8&pubid=195184
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint5F:CA:E1:A6:CB:14:F1:BB:52:66:BC:7B:3C:0E:33:A4:89:70:E1:5F
ValidityMon, 22 Jul 2024 00:00:00 GMT - Tue, 22 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=754939&auth=lCq8&pubid=195184 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pop.admpire.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jun 2025 08:26:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

POST adsco.re/p

162.252.214.5

200 OK

1.2 kB

URL POST
adsco.re/p
IP
162.252.214.5:443
ASN
#53334 TUT-AS

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subject*.adsco.re
Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT

File type
ASCII text, with very long lines (1212), with no line terminators
Size
1.2 kB (1212 bytes)
Hash
5541a47bf25ff4f07b54dc9de7384ae4
fe13472a01d0dba1055d30d4a34a3822777997f2
c238ff3cb6e68f6d5f78f68cab6045c2dd889d1f11746c70417283051cf4e5bc

HTTP Headers

POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2511
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 11 Jun 2025 08:26:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK nyc123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://luluvdoo.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

POST ccg90.com/wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725

139.45.197.106

204 No Content

0 B

URL POST
ccg90.com/wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subjectccg90.com
Fingerprint56:09:8B:A2:B0:CC:2D:94:BB:34:A2:E9:A2:FD:C7:53:D9:F4:20:83
ValidityWed, 23 Apr 2025 09:55:55 GMT - Tue, 22 Jul 2025 09:55:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /wrr?z=6568874&p_rid=d5f430ee-508e-409d-8133-4bf750dfc3ef&rb=3zY0T_Ag0j50QKkQwqC2C_4Vbwe9N_r2uLpuJQaFsWWVkk0wyYVRZYaWaorFFZUYhJ7NveX_fXc7iqEHCRkFhtsbZK1h7g5K4KcCAmhBdb6pM36w1yOr-fvueTt0kz29zNNuseaPadBX_VgfG9vL7O-Lc2gpeAXf1jqpxvd3rBLLkVaYn4FRBTWS5JOiZlz1QdQ-cSDTXQlhAsrcjAOurb_WeKsxlabWot0LlASzmbdS2Fg0p236UwXYhzzcYTzxrheWf86N4dHAPdusY28TJzjbDk6AlWsX1GO6PlWL714=&dmn=ccg90.com&userId=0801e55b68eb439ef90c9f9d65d77725 HTTP/1.1
Host: ccg90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luluvdoo.com/
content-type: application/json
Content-Length: 2676
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Wed, 11 Jun 2025 08:26:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://luluvdoo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

POST pop.admpire.com/load

104.21.34.161

302 Found

0 B

URL POST
pop.admpire.com/load
IP
104.21.34.161:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectadmpire.com
FingerprintC1:BA:09:F1:53:B5:F3:D0:3F:F5:9C:1E:87:F4:AF:FD:1F:E2:1E:0B
ValidityThu, 24 Apr 2025 22:13:10 GMT - Wed, 23 Jul 2025 23:10:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /load HTTP/1.1
Host: pop.admpire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://pop.admpire.com
DNT: 1
Connection: keep-alive
Referer: https://pop.admpire.com/sub/qp2aprP
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 11 Jun 2025 08:26:53 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbZKR1UTvGNqBA7eBIQZqdJ6rMXwplVNRsaDCYMGLaK2%2FMTDwVrwuoe6QE4%2B5fHxJ88yD2l%2BrD%2BMMcNzIoj494NoAoNtiiXn8gXrF9L%2FvFAnAizuJqkVEbkKaO9IT8J5saM%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.xmlking.com/redirect?feed=754939&auth=lCq8&pubid=195184
cf-cache-status: DYNAMIC
cf-ray: 94dfb9e5da637131-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3350&min_rtt=672&rtt_var=1433&sent=102&recv=125&lost=0&retrans=0&sent_bytes=9624&recv_bytes=7846&delivery_rate=493225&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=636f36533148183d&ts=468&inflight_dur=35&x=80"

GET tzegilo.com/stattag.js

172.67.193.52

200 OK

18 kB

URL GET
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A
ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT

File type
JavaScript source, ASCII text, with very long lines (17229)
Size
18 kB (17879 bytes)
Hash
01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DAVKkuwD7iKN8Jo5nY%2B43WGZWjVLV%2BEZIAGSwvpYWsCtvaV1M95HF%2BOwWx22yeF3Q9RiNudSDBHTseD%2BGx5LaMZ%2BgMwLzWnEbg%3D%3D"}]}
age: 3727
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 94dfb9f13924b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST qonko3llh2tq.s4.adsco.re/

185.200.116.60

200 OK

0 B

URL POST
qonko3llh2tq.s4.adsco.re/
IP
185.200.116.60:443
ASN
#9009 M247 Europe SRL

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject*.s4.adsco.re
Fingerprint1B:E8:4E:02:C6:2C:FB:13:48:08:17:BF:61:FB:19:19:3D:11:3E:57
ValidityMon, 19 May 2025 09:14:19 GMT - Sun, 17 Aug 2025 09:14:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: qonko3llh2tq.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 11 Jun 2025 08:26:57 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2

POST storage.lulu-row1.com/api/pageview/491223?s1=Tukanggorengan&s2=82250&host=luluvdoo.com&ev=220&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=true&referrer=luluvdoo.com

37.27.230.125

200 OK

0 B

URL POST
storage.lulu-row1.com/api/pageview/491223?s1=Tukanggorengan&s2=82250&host=luluvdoo.com&ev=220&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=true&referrer=luluvdoo.com
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject5f-hj8-5d2g.dnsdf.com
Fingerprint8F:60:B0:BA:1A:37:56:94:0F:D8:3C:05:81:DE:BC:53:03:90:AC:B6
ValidityTue, 03 Jun 2025 08:28:39 GMT - Mon, 01 Sep 2025 08:28:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/pageview/491223?s1=Tukanggorengan&s2=82250&host=luluvdoo.com&ev=220&url=https%3A%2F%2Fluluvdoo.com%2Fe%2F5wnda9dqqyw5&sid=4b15c877-96b5-4b98-a178-69a1c484707d&i=true&referrer=luluvdoo.com HTTP/1.1
Host: storage.lulu-row1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Cookie: nauid=HcEoTep0GsRMqQI7JaSe
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:57 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

GET xadsmart.com/gpifpofecjlclemool?GVkKfyFB=BQOCAAAAAAAACZUAAnG01PUi5NMKFJb45nLXMoVXkiguRrt5nPpJkURGMXQheSWQjtmHCwD-Zk4S9WES1SZq6KpEDQyFy1J5e95Adx-JBUR7bvOGqude0H3cvJ5kI90hiXjNg3oKhJ5qSfucLpI2_zkaRy8sG4nEJew1Dp0uvYzhKX7pj9hSPbPDijT7sg_aLe32INqt0GhTT6I3IsajtjnEBty1cGa_r2ePr0kTLu21Peh6fC-bMXTK9nttIkQg1EtUM3VcPJVgWIkpRb_jemYHfWGmI0azrMGDI_-W1bKnnzHGNezlVLZUisOkxtWHSpAhCkEXpn3mq2DYcKOYN-DsWlqeKx0FSwFtiDl0ZSl4eosKOctpJ6eQb2YQq08slA1zAJVVqAiyWdjgKFo-bIpX7dxfpYA2_Mr-WGadwogQ5JiotQd22ghWciTHIRJQi64NdyWCUndvROU96bSlfyn3rOenziWmthH27HOOl9-WVUr5GfR6kNe2bFDdMEuiZjQvbHuyS_aO9yxf5oLhVifg5R_TH3FiuRqI3EqqntWEpTjFEAWc31WyduoepTkjYydgayXRna3xYr0ZOKXnv0H_YRDfHmJZLfOAZy0W89PnhTijpXx0gETWd9QsoUUWFMYov0EwNlKbEa-Hwz4q2pGSmVfUOee54YgiAQXpzMB5ci-ArhNCvkMn4THqWMNBCUEwbeEG0w7hj00qViAwe2Ks8OieU07-0gLkHDCQH12-Aim2JuVlMYQbkjzKL_AyHdOoe2WBMTWRdfYWkG9e-qmYfM-GMpxRjI-qVreHkwigwTxe98fOgoIGcMJ5YytY7AMJsrOCSxtlIAz4VPe-0-3tt6kfQfpLOWX9zlXcld-ZGqPxDpB7ljoSDqKGNK_nsh5i5eVmnB3WHuM6Q7FHupUjg_q0nNzlIaTW4TVt9v3rtOExXO9u2rolfRTXkGh0JAzlu-C7z-aYE5lB6xOMl2peuZaacWjupSgKyjw3Y_LKdHs6FzaR3hprqXQ09z6deCwH1QhdcUF4op9NQCqIxAioNxtdRHOvyk2-FTnuBA2jFMKtUPt-4yGlkMYQFsffHpzlOXyXNi76cZD5YS0yilheAWANs-qKefLHs54Nn4xSaRTkmelwQ9cxVYPyzxG7Ms5TiAjgnEMj45By_x0Hc9YsSvUdGL67guPVmFHI81ucy3ekavoHWg5rJv-V&EgUzoBrY=4&PUyklWYj=4998988&sipLkXQd=&MoPaLbqU=0,0&hrEMHfQA=&pJFnjlXd=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&s=1280,1024,1,1280,1024,1

104.153.197.251

200 OK

44 B

URL GET
xadsmart.com/gpifpofecjlclemool?GVkKfyFB=BQOCAAAAAAAACZUAAnG01PUi5NMKFJb45nLXMoVXkiguRrt5nPpJkURGMXQheSWQjtmHCwD-Zk4S9WES1SZq6KpEDQyFy1J5e95Adx-JBUR7bvOGqude0H3cvJ5kI90hiXjNg3oKhJ5qSfucLpI2_zkaRy8sG4nEJew1Dp0uvYzhKX7pj9hSPbPDijT7sg_aLe32INqt0GhTT6I3IsajtjnEBty1cGa_r2ePr0kTLu21Peh6fC-bMXTK9nttIkQg1EtUM3VcPJVgWIkpRb_jemYHfWGmI0azrMGDI_-W1bKnnzHGNezlVLZUisOkxtWHSpAhCkEXpn3mq2DYcKOYN-DsWlqeKx0FSwFtiDl0ZSl4eosKOctpJ6eQb2YQq08slA1zAJVVqAiyWdjgKFo-bIpX7dxfpYA2_Mr-WGadwogQ5JiotQd22ghWciTHIRJQi64NdyWCUndvROU96bSlfyn3rOenziWmthH27HOOl9-WVUr5GfR6kNe2bFDdMEuiZjQvbHuyS_aO9yxf5oLhVifg5R_TH3FiuRqI3EqqntWEpTjFEAWc31WyduoepTkjYydgayXRna3xYr0ZOKXnv0H_YRDfHmJZLfOAZy0W89PnhTijpXx0gETWd9QsoUUWFMYov0EwNlKbEa-Hwz4q2pGSmVfUOee54YgiAQXpzMB5ci-ArhNCvkMn4THqWMNBCUEwbeEG0w7hj00qViAwe2Ks8OieU07-0gLkHDCQH12-Aim2JuVlMYQbkjzKL_AyHdOoe2WBMTWRdfYWkG9e-qmYfM-GMpxRjI-qVreHkwigwTxe98fOgoIGcMJ5YytY7AMJsrOCSxtlIAz4VPe-0-3tt6kfQfpLOWX9zlXcld-ZGqPxDpB7ljoSDqKGNK_nsh5i5eVmnB3WHuM6Q7FHupUjg_q0nNzlIaTW4TVt9v3rtOExXO9u2rolfRTXkGh0JAzlu-C7z-aYE5lB6xOMl2peuZaacWjupSgKyjw3Y_LKdHs6FzaR3hprqXQ09z6deCwH1QhdcUF4op9NQCqIxAioNxtdRHOvyk2-FTnuBA2jFMKtUPt-4yGlkMYQFsffHpzlOXyXNi76cZD5YS0yilheAWANs-qKefLHs54Nn4xSaRTkmelwQ9cxVYPyzxG7Ms5TiAjgnEMj45By_x0Hc9YsSvUdGL67guPVmFHI81ucy3ekavoHWg5rJv-V&EgUzoBrY=4&PUyklWYj=4998988&sipLkXQd=&MoPaLbqU=0,0&hrEMHfQA=&pJFnjlXd=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&s=1280,1024,1,1280,1024,1
IP
104.153.197.251:443
ASN
#53334 TUT-AS

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerSectigo Limited
Subjectxadsmart.com
Fingerprint57:60:97:0C:DC:E6:0F:0D:1B:04:5B:46:03:77:64:46:88:C5:CF:87
ValidityFri, 04 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

HTTP Headers

GET /gpifpofecjlclemool?GVkKfyFB=BQOCAAAAAAAACZUAAnG01PUi5NMKFJb45nLXMoVXkiguRrt5nPpJkURGMXQheSWQjtmHCwD-Zk4S9WES1SZq6KpEDQyFy1J5e95Adx-JBUR7bvOGqude0H3cvJ5kI90hiXjNg3oKhJ5qSfucLpI2_zkaRy8sG4nEJew1Dp0uvYzhKX7pj9hSPbPDijT7sg_aLe32INqt0GhTT6I3IsajtjnEBty1cGa_r2ePr0kTLu21Peh6fC-bMXTK9nttIkQg1EtUM3VcPJVgWIkpRb_jemYHfWGmI0azrMGDI_-W1bKnnzHGNezlVLZUisOkxtWHSpAhCkEXpn3mq2DYcKOYN-DsWlqeKx0FSwFtiDl0ZSl4eosKOctpJ6eQb2YQq08slA1zAJVVqAiyWdjgKFo-bIpX7dxfpYA2_Mr-WGadwogQ5JiotQd22ghWciTHIRJQi64NdyWCUndvROU96bSlfyn3rOenziWmthH27HOOl9-WVUr5GfR6kNe2bFDdMEuiZjQvbHuyS_aO9yxf5oLhVifg5R_TH3FiuRqI3EqqntWEpTjFEAWc31WyduoepTkjYydgayXRna3xYr0ZOKXnv0H_YRDfHmJZLfOAZy0W89PnhTijpXx0gETWd9QsoUUWFMYov0EwNlKbEa-Hwz4q2pGSmVfUOee54YgiAQXpzMB5ci-ArhNCvkMn4THqWMNBCUEwbeEG0w7hj00qViAwe2Ks8OieU07-0gLkHDCQH12-Aim2JuVlMYQbkjzKL_AyHdOoe2WBMTWRdfYWkG9e-qmYfM-GMpxRjI-qVreHkwigwTxe98fOgoIGcMJ5YytY7AMJsrOCSxtlIAz4VPe-0-3tt6kfQfpLOWX9zlXcld-ZGqPxDpB7ljoSDqKGNK_nsh5i5eVmnB3WHuM6Q7FHupUjg_q0nNzlIaTW4TVt9v3rtOExXO9u2rolfRTXkGh0JAzlu-C7z-aYE5lB6xOMl2peuZaacWjupSgKyjw3Y_LKdHs6FzaR3hprqXQ09z6deCwH1QhdcUF4op9NQCqIxAioNxtdRHOvyk2-FTnuBA2jFMKtUPt-4yGlkMYQFsffHpzlOXyXNi76cZD5YS0yilheAWANs-qKefLHs54Nn4xSaRTkmelwQ9cxVYPyzxG7Ms5TiAjgnEMj45By_x0Hc9YsSvUdGL67guPVmFHI81ucy3ekavoHWg5rJv-V&EgUzoBrY=4&PUyklWYj=4998988&sipLkXQd=&MoPaLbqU=0,0&hrEMHfQA=&pJFnjlXd=https%3A%2F%2Fluluvdoo.com%2F5wnda9dqqyw5&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Wed, 11 Jun 2025 08:26:57 GMT
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap

142.250.74.10

200 OK

3.6 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
3.6 kB (3591 bytes)
Hash
35d825bbfa06a00722474414bc5ef193
261399984a263223d6a6d05bdc7f1f8dd4408b57
9ceebd00ce42c01cbbe9ade915ff99832c71d12bd44caf48f4c813df001ffc2b

HTTP Headers

GET /css2?family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jun 2025 08:26:52 GMT
date: Wed, 11 Jun 2025 08:26:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET luluvdoo.com/css/main.css

188.114.97.1

200 OK

49 kB

URL GET
luluvdoo.com/css/main.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectluluvdoo.com
Fingerprint6F:50:88:57:6C:44:EB:01:7C:14:14:70:E8:95:95:F2:62:76:6C:BD
ValidityThu, 08 May 2025 19:09:50 GMT - Wed, 06 Aug 2025 20:07:27 GMT

File type
assembler source, Unicode text, UTF-8 text
Size
49 kB (49243 bytes)
Hash
40fa099cd62886ddda0afde4ef18cc84
4c53f2b1e903260eeeff8c4f78b1562e015e1951
57fd276195b1343bb4664915c74396b2331de23b3a778e05e85c149db2332d55

HTTP Headers

GET /css/main.css HTTP/1.1
Host: luluvdoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/e/5wnda9dqqyw5
Cookie: lang=1; file_id=10597612; aff=82250
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: text/css
server: cloudflare
last-modified: Thu, 18 May 2023 18:01:36 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
age: 6029
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YVVXQ9fRc09hzcl7tvtwil7Z2jQRMcU3hur3TsN%2B9DiyXXlXc%2Bxq9pKiC20xpD%2BXkebXvmH%2BemO%2FhEIMIk6Ft8OlEdZhnuo5opk%3D"}]}
etag: W/"c05b-5fbfb986a0000"
content-encoding: br
cf-ray: 94dfb9de1d880b69-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET storage.lulu-row1.com/2jiGc77.js

37.27.230.125

200 OK

248 kB

URL GET
storage.lulu-row1.com/2jiGc77.js
IP
37.27.230.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerLet's Encrypt
Subject5f-hj8-5d2g.dnsdf.com
Fingerprint8F:60:B0:BA:1A:37:56:94:0F:D8:3C:05:81:DE:BC:53:03:90:AC:B6
ValidityTue, 03 Jun 2025 08:28:39 GMT - Mon, 01 Sep 2025 08:28:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
248 kB (247835 bytes)
Hash
d21cc54c55f74c347f0e22ea516d1594
d997d3b1583de52b0f116419679e17d8d53bcac3
6ea5019aa17b8666e68c050669100296404df8f2b1e21defe01ed284c10901d2

HTTP Headers

GET /2jiGc77.js HTTP/1.1
Host: storage.lulu-row1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luluvdoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 08:26:52 GMT
content-type: application/javascript
content-length: 79343
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-135ef"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 62
cf-ray: 942af002bef24e15-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bobapsoabauns.com/www/images/f84f7f22e56dc46af84109f825842b8e.jpg

104.21.73.203

200 OK

14 kB

URL GET
bobapsoabauns.com/www/images/f84f7f22e56dc46af84109f825842b8e.jpg
IP
104.21.73.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subjectbobapsoabauns.com
Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9
ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
14 kB (13657 bytes)
Hash
f84f7f22e56dc46af84109f825842b8e
6fa0c83f27087e1f4fafb34b583c9b439a6a721f
7ef2826e068e2918f492ec73109b936f1dcb5f119f17c0961b95d1ce6f5a0c8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/f84f7f22e56dc46af84109f825842b8e.jpg HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 11 Jun 2025 08:27:09 GMT
content-type: image/jpeg
content-length: 13657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O670YmccyusUNtQHPYIEGPRxcJQsPnHnSbWkvWwFRuI%2F3KC6eHV4TUKE1pKuI6G3VBju1lQKXFdObLvZW1Ll9embg%2B7c54csrawQfKmkiV0IGKHVubo8%2B%2F379Z0jaTBANyUCEA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 27 Feb 2025 04:01:53 GMT
etag: "67bfe3b1-3559"
expires: Wed, 11 Jun 2025 10:23:33 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 79415
cf-cache-status: HIT
cf-ray: 94dfba489e6b5690-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8934&min_rtt=6158&rtt_var=4766&sent=28&recv=28&lost=0&retrans=0&sent_bytes=4592&recv_bytes=2232&delivery_rate=342402&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=acef6ce4bbd95279&ts=10098&inflight_dur=54&x=80"

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://luluvdoo.com/e/5wnda9dqqyw5
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://luluvdoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 107297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (61)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML