Report - 2t38iyzww0.wildcardcloud.solutions/q3bCCwDV?sub1=male&keyword=daniel.boucher@umontreal.ca&sub2=dssiseol.or.kr

Report Overview

Submitted URL
2t38iyzww0.wildcardcloud.solutions/q3bCCwDV?sub1=male&keyword=daniel.boucher@umontreal.ca&sub2=dssiseol.or.kr
IP
46.29.162.82
ASN
#49392 LLC Baxet
Submitted
2024-07-27 02:08:14
Access
public
Website Title
More than just Dating Website
Final URL
pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-07-26	325 B	699 B	142.250.74.131
r10.o.lencr.org	unknown	2020-06-29	2024-06-06	2024-07-26	2.0 kB	5.3 kB	23.36.77.32
2t38iyzww0.wildcardcloud.solutions	unknown	unknown	No data	No data	479 B	870 B	46.29.162.82
www.pornhub.com	10781	2000-10-31	2012-05-21	2024-07-26	838 B	67 kB	66.254.114.41
lh3.google.com	213	1997-09-15	2012-07-21	2024-07-26	430 B	840 B	142.250.74.142
svntrk.com	105291	2018-04-18	2018-04-27	2024-05-01	416 B	698 B	104.21.82.62
pukonikaa.online	unknown	unknown	No data	No data	8.1 kB	1.8 MB	188.114.97.1
pornhub.com	4903	2000-10-31	2012-05-22	2024-07-26	410 B	201 B	66.254.114.41
www.xvideos.com	11464	1997-12-30	2012-05-21	2024-06-06	416 B	17 kB	185.88.181.2
accounts.google.com	81	1997-09-15	2016-03-20	2024-07-26	1.8 kB	12 kB	142.250.150.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-27 02:07:58	high	46.29.162.82	Client IP	ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04	0 B	0001-01-01T00:00:00Z	2024-10-18T03:59:41.167278Z
Pretty URL pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01T00:00:00Z Last Seen2024-10-18T03:59:41.167278Z Times Seen3238535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04	0 B	0001-01-01T00:00:00Z	2024-10-18T03:59:41.167278Z
Pretty URL pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01T00:00:00Z Last Seen2024-10-18T03:59:41.167278Z Times Seen3238535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	svntrk.com/assets/mqmq_66a4567537eef.js	0 B	0001-01-01T00:00:00Z	2024-10-18T03:59:41.167278Z
Pretty URL svntrk.com/assets/mqmq_66a4567537eef.js IP 104.21.82.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01T00:00:00Z Last Seen2024-10-18T03:59:41.167278Z Times Seen3238535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pukonikaa.online/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js	40 kB	2023-04-05T13:38:28Z	2024-10-16T20:14:35.231049Z
Pretty URL pukonikaa.online/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05T13:38:28Z Last Seen2024-10-16T20:14:35.231049Z Times Seen1878 Hash 1d8ad98fe3471d1a74d485f9b4737bfc a1190f7bb41660f682d59e15c2606279da0792f7 9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c Loading...

	pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04	0 B	0001-01-01T00:00:00Z	2024-10-18T03:59:41.167278Z
Pretty URL pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01T00:00:00Z Last Seen2024-10-18T03:59:41.167278Z Times Seen3238535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pukonikaa.online/landings/44/js/vendor.f8ad85bd679257f7baca823f7bbac294.js	103 kB	2023-05-05T23:28:41Z	2024-08-21T08:48:41.16471Z
Pretty URL pukonikaa.online/landings/44/js/vendor.f8ad85bd679257f7baca823f7bbac294.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05T23:28:41Z Last Seen2024-08-21T08:48:41.16471Z Times Seen129 Hash a7d8f9c893a35d600f60ff85606f211c 6cbaf746a3dd15218b67489dd419494fedf1102e e4bfe00cbde71eb0b3f89160adb365838d7267a417d9f575dcbabe8b839362ef Loading...

	pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04	0 B	0001-01-01T00:00:00Z	2024-10-18T03:59:41.167278Z
Pretty URL pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01T00:00:00Z Last Seen2024-10-18T03:59:41.167278Z Times Seen3238535 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (25)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
577f20b1ad1240dc12215f4d93e53b8f
4fb6d79b9c4adb8f712073e9662ceae41a4f097c
523bc00bcd3cc12a640ebce3df80c0aed9fc552c4be5bae1831c00b9027ce0c0

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "523BC00BCD3CC12A640EBCE3DF80C0AED9FC552C4BE5BAE1831C00B9027CE0C0"
Last-Modified: Wed, 24 Jul 2024 18:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7055
Expires: Sat, 27 Jul 2024 04:05:22 GMT
Date: Sat, 27 Jul 2024 02:07:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
559312780d7c69aabb31f612abe74b95
0d0356dc28789b5b2b0164783f2c79b6b7b82f6a
20293009653baaf415bde5c2223feb0a6562281a1dfbcc6af42d844341da6d26

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "20293009653BAAF415BDE5C2223FEB0A6562281A1DFBCC6AF42D844341DA6D26"
Last-Modified: Wed, 24 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16801
Expires: Sat, 27 Jul 2024 06:47:48 GMT
Date: Sat, 27 Jul 2024 02:07:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8f4e7b75de1ed909fa79bbcdafccceac
274c1ea75520a0ea06e19a7e692c034baae2cdc1
62cc974e51b62480f576b53853f8f24bfc873687c02bc23c1713956d4b96c0b1

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "62CC974E51B62480F576B53853F8F24BFC873687C02BC23C1713956D4B96C0B1"
Last-Modified: Wed, 24 Jul 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7380
Expires: Sat, 27 Jul 2024 04:10:48 GMT
Date: Sat, 27 Jul 2024 02:07:48 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0b6f864b0a3d0cf483b0830bdb98cded
12564f2826ce74a640c3b65ef52d12f21c8e6f3c
d32892cb09f33f4057712b1c1b511af5ea5528cd0f23ba90858d659ec4fcd190

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D32892CB09F33F4057712B1C1B511AF5EA5528CD0F23BA90858D659EC4FCD190"
Last-Modified: Wed, 24 Jul 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2877
Expires: Sat, 27 Jul 2024 02:55:45 GMT
Date: Sat, 27 Jul 2024 02:07:48 GMT
Connection: keep-alive

2t38iyzww0.wildcardcloud.solutions/q3bCCwDV?sub1=male&keyword=daniel.boucher@umontreal.ca&sub2=dssiseol.or.kr

46.29.162.82

0 B

URL User Request GET
2t38iyzww0.wildcardcloud.solutions/q3bCCwDV?sub1=male&keyword=daniel.boucher@umontreal.ca&sub2=dssiseol.or.kr
IP
46.29.162.82:0
ASN
#49392 LLC Baxet

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	high	ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)

HTTP Headers

GET /q3bCCwDV?sub1=male&keyword=daniel.boucher@umontreal.ca&sub2=dssiseol.or.kr HTTP/1.1
Host: 2t38iyzww0.wildcardcloud.solutions
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 27 Jul 2024 02:07:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Pragma: no-cache
Set-Cookie: _subid=376l60j37or04; expires=Tue, 27 Aug 2024 02:07:48 GMT; path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4MlwiOjE3MjIwNDYwNjh9LFwiY2FtcGFpZ25zXCI6e1wiMzJcIjoxNzIyMDQ2MDY4fSxcInRpbWVcIjoxNzIyMDQ2MDY4fSJ9.EvFcgPAnTZqkBizguIjOMvGCniXHh3CrNJTEP_Xd8iw; expires=Tue, 21 Feb 2079 04:15:36 GMT; path=/
_token=uuid_376l60j37or04_376l60j37or0466a45674b737a8.47474957; expires=Tue, 27 Aug 2024 02:07:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
91392416ed946eb8b26810ff46d7e57e
8ce21a441df1ac09da4ebf098eaf47e2d74bbff0
5d153b40d51555b8f2717f7e56bfbe3be25b1b38a18b31715eea4ddff345f98a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D153B40D51555B8F2717F7E56BFBE3BE25B1B38A18B31715EEA4DDFF345F98A"
Last-Modified: Wed, 24 Jul 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7495
Expires: Sat, 27 Jul 2024 04:12:45 GMT
Date: Sat, 27 Jul 2024 02:07:50 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
91392416ed946eb8b26810ff46d7e57e
8ce21a441df1ac09da4ebf098eaf47e2d74bbff0
5d153b40d51555b8f2717f7e56bfbe3be25b1b38a18b31715eea4ddff345f98a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D153B40D51555B8F2717F7E56BFBE3BE25B1B38A18B31715EEA4DDFF345F98A"
Last-Modified: Wed, 24 Jul 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7495
Expires: Sat, 27 Jul 2024 04:12:45 GMT
Date: Sat, 27 Jul 2024 02:07:50 GMT
Connection: keep-alive

pukonikaa.online/landings/44/js/vendor.f8ad85bd679257f7baca823f7bbac294.js

188.114.97.1

200 OK

48 kB

URL GET HTTP/3
pukonikaa.online/landings/44/js/vendor.f8ad85bd679257f7baca823f7bbac294.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48222 bytes)
Hash
a7d8f9c893a35d600f60ff85606f211c
6cbaf746a3dd15218b67489dd419494fedf1102e
e4bfe00cbde71eb0b3f89160adb365838d7267a417d9f575dcbabe8b839362ef

HTTP Headers

GET /landings/44/js/vendor.f8ad85bd679257f7baca823f7bbac294.js HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 15 Jul 2024 15:46:39 GMT
etag: W/"6695445f-191d8"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmnrKZlqzUUH2Tfao0Oogq6I5Vur12UkvFQCfTb0ZCUMSA8%2BE8rQ%2FXhMgRAoojUNXaccUXow%2BOK96%2B4%2FgT7Z1XJ74b7u7GoPm8fIIOFYDAyt9kJulVT8qXevSm2Ch9NJl9Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a9913fe496856c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04

188.114.97.1

200 OK

253 kB

URL User Request GET HTTP/2
pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
HTML document, ASCII text
Size
253 kB (252716 bytes)
Hash
fa0e10be1ac25fb3792c50d78497c9c9
6a5b1af39e0bea8ad70eb0b66fb120340e2d7242
bf023c77d8663577b9d8b4b5d9ce30045002728f9247fbb9e24bfad64a961ea1

HTTP Headers

GET /?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04 HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 02:07:49 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; expires=Sat, 27-Jul-2024 04:07:49 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; expires=Sat, 27-Jul-2024 04:07:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w2; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNM0SzL5KbVhzbXEM5Wy045veBnbnMfnMq7mpKpnTQwcaloBZaUa%2FUer%2FzpSAjVLhhoKi%2BL%2BW07MGew9Yz9JkJr0nQUoBpe42gVH1nY%2FWe%2F5RIFJhiLx0fMro%2F71ocCu9tqz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a9913fa7d11b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pukonikaa.online/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js

188.114.97.1

200 OK

324 kB

URL GET HTTP/3
pukonikaa.online/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (40096)
Size
324 kB (324395 bytes)
Hash
1d8ad98fe3471d1a74d485f9b4737bfc
a1190f7bb41660f682d59e15c2606279da0792f7
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

HTTP Headers

GET /scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 15 Jul 2024 15:46:42 GMT
etag: W/"66954462-9ca8"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5hjoMgW1%2BBC%2BICLtB%2BRrHsSkBFvBaLRwGtLDQRTriJvvUO8zf25z1IgIErJbN%2B13RFABkhrgQ2AZIcAGDv9S6NFdZtUwUpjRZR83%2B0Ze5sskaVRs9mttry%2BmQWM%2Be477pu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a9913fe496656c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pukonikaa.online/landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css

188.114.97.1

200 OK

312 kB

URL GET HTTP/3
pukonikaa.online/landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
ASCII text, with very long lines (15852)
Size
312 kB (311564 bytes)
Hash
eef5e867d413af2f9fc64ce7b30776bd
45b6b8fb1346e4f687ffaf326c0a0b0b68088db2
2406cb8173bcfee806764ea2daf430c231ba89850f35911ca09566fcc5a4c36c

HTTP Headers

GET /landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:49 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 15:46:39 GMT
etag: W/"6695445f-3ded"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJAKrTs%2FbdlqvxFnd8ZL%2BpWhGy3KGtT%2FBxKMlgT1%2FfjvMIJ7FqABmOBuM66VlkpKs7J22Fr6%2Fb5APMFQftHfRQpn94ftxG3T1EkDAAa1ErjLQ6cd7wAkVLY9a%2BQdutao%2FBF%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a9913fe496756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pukonikaa.online/landings/44/fonts/Lato/Lato-Regular.woff

188.114.97.1

200 OK

309 kB

URL GET HTTP/3
pukonikaa.online/landings/44/fonts/Lato/Lato-Regular.woff
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
Web Open Font Format, TrueType, length 308680, version 0.0
Size
309 kB (308680 bytes)
Hash
cd6c6aac15595c65e75760bce456198a
43f6b15d9dedd33637cc5f34d80f7f2613bc28a6
7cf624c2cd85b4ac2c7b44b09627034156408931974cdbcec6df1223ea7a24e3

HTTP Headers

GET /landings/44/fonts/Lato/Lato-Regular.woff HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:50 GMT
content-type: application/font-woff
content-length: 308680
last-modified: Mon, 15 Jul 2024 15:46:39 GMT
etag: "6695445f-4b5c8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdlbV4AQvpK%2FK9WxylENo%2F%2B8pK5rDxd79aqcnpD%2BBBlsvtUG1TxyhMGuZBlGxCqfvvPRVmE1SoZbIy5xtFUNRDizFeD6azwlX4S%2Btwk3q6AsJ3KR%2B1T%2F6OlQZ11L0hkUlQcv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a991402daa256c5-OSL
alt-svc: h3=":443"; ma=86400

pukonikaa.online/landings/44/fonts/Lato/Lato-Black.woff

188.114.97.1

200 OK

307 kB

URL GET HTTP/3
pukonikaa.online/landings/44/fonts/Lato/Lato-Black.woff
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
Web Open Font Format, TrueType, length 307448, version 0.0
Size
307 kB (307448 bytes)
Hash
11ccdd05f3122b41c32fdcdb99912633
f7b9181a79a42f46df7f1654b033ab4caddc9bcc
7c5b01bafa24bbb18ea8fcabc795b38230fe3c80987cf1bdbb561369ad4573a6

HTTP Headers

GET /landings/44/fonts/Lato/Lato-Black.woff HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:50 GMT
content-type: application/font-woff
content-length: 307448
last-modified: Mon, 15 Jul 2024 15:46:39 GMT
etag: "6695445f-4b0f8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m69TQeP4%2FPpzHmEwV8Cw7sptVC5MpTzPB3U4sHM1gmn0gVuw7x4GOtkp5jVlJa2%2BpgBoLxmUQNDTWI0GkxYguFe%2FI1xJEF2y45DYCgtg4NOdK6TtoZm0UYnwLV30pCYsHzj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a991402daa356c5-OSL
alt-svc: h3=":443"; ma=86400

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

0 B

URL GET
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

pukonikaa.online/favicon.ico

188.114.97.1

200 OK

0 B

URL GET HTTP/3
pukonikaa.online/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:51 GMT
content-type: image/x-icon
content-length: 0
last-modified: Mon, 15 Jul 2024 15:46:35 GMT
etag: "6695445b-0"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PI3IIgBGnRFpXoL3GJkrdOykZ3lankAv0oNa43td2cExYfuFTetEbTH%2BJqO4OYtVAn74U22LgVhVqFrySeSObFPsudirpluIc3WzaSvQ3J13Dm3rCBjhcMIlKj9be31NXwv4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a991406dc5d56c5-OSL
alt-svc: h3=":443"; ma=86400

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

472 B

URL GET
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
data
Size
472 B (472 bytes)
Hash
2467698d7f074dde984010f088f5f2ed
feead14ddbb4e0ac8190b473a64df73b425589a9
a847cabc3c7f1c6ec0598075b0644f439ae529fba86f1bfd6ad5579e1e7d9e76

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pukonikaa.online/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Sat, 27 Jul 2024 02:07:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: platform=pc; expires=Sat, 03 Aug 2024 02:07:51 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=811413773739683767; expires=Sun, 27 Jul 2025 02:07:51 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__l=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__s=66A45676-42FE722901BB12B338-27CC5C19; Secure; Samesite=None
__l=66A45676-42FE722901BB12B338-27CC5C19; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

142.250.74.142

302 Found

337 B

URL GET HTTP/2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint0E:B6:5C:7B:0B:AC:B5:AF:1F:DF:47:14:61:B7:0D:4C:41:6F:47:53
ValidityMon, 01 Jul 2024 06:35:43 GMT - Mon, 23 Sep 2024 06:35:42 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

HTTP Headers

GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 27 Jul 2024 02:07:51 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.2

404 Not Found

15 kB

URL GET HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.2:443
ASN
#46652 SERVERSTACK-ASN

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerSectigo Limited
Subject*.xvideos.com
Fingerprint2C:4F:6C:92:E4:3F:3E:7B:FD:E2:28:A6:4C:76:4E:23:82:C0:B3:5B
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
data
Size
15 kB (14614 bytes)
Hash
0a1e62767550dd08a7581bde528e3b48
b5f3d0eea19fe5a03d2fa51840c6f60497108358
2e272aeff1d0261abca83ee72e49414e762c5b608135afb39ea8cfc3fdd75549

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sat, 27 Jul 2024 02:07:51 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Accept-Ch: Viewport-Width, Width, Device-Memory, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Report-To: {"group": "csp-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://www.xvideos.com/csp-reports" } ] }
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com 1868565294.rsc.cdn77.org static.cloudflareinsights.com www.google.com www.gstatic.com fonts.gstatic.com fonts.googleapis.com ajax.googleapis.com fcm.googleapis.com accounts.google.com *.cdn77.org  *.nk-img.com  *.segpay.com  *.online-metrix.net *.vscdns.com *.vsmvideo.com www.tjk-njk.com *.exoclick.com *.orbsrv.com *.opoxv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.tf4srv.com *.aacdn.net *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com *.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com *.gtflixtv.com wss://*.1ka.com https://*.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.cdn77.org www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com data-cdn.pornbiz.com *.vscdns.com *.vsmvideo.com *.doubleclick.net *.google.fr *.google.com *.segpay.com *.online-metrix.net cdn.asf4f.us *.gtflixtv.com *.1ka.com *.orbsrv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.justservingfiles.net *.tf4srv.com *.aacdn.net *.rtbsuperhub.com; report-uri https://www.xvideos.com/csp-reports; report-to csp-endpoint
Referrer-Policy: no-referrer-when-downgrade
X-Robots-Tag: noindex
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5dda4387eee57d8cd76f4094d22307b8
9e479210fc7b38f557b3eab39759fe43d2bb0fc6
4c0fa93e50598f05c4792b01b36389c65aa03257823a2395691c35be9d1f693d

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 Jul 2024 02:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

142.250.150.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:fnBjURl8NyygxnjIME2YxvmE7s8GDA:J1Ml3MRQqXGYLbkL; Expires=Mon, 27-Jul-2026 02:07:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 02:07:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I77sUi268jrWbpvVzgjpXn3t-8rrqozDpe2UwxP2hwuknQK4M1ZQqYdr9oFmFr2SaUwhhUg5IA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-qCgrvl_bEQ4KIYw_ApWYrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I77sUi268jrWbpvVzgjpXn3t-8rrqozDpe2UwxP2hwuknQK4M1ZQqYdr9oFmFr2SaUwhhUg5IA

142.250.150.84

302 Found

436 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I77sUi268jrWbpvVzgjpXn3t-8rrqozDpe2UwxP2hwuknQK4M1ZQqYdr9oFmFr2SaUwhhUg5IA
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type
HTML document, ASCII text, with very long lines (396)
Size
436 B (436 bytes)
Hash
c74d3ec139db0072c4bf976f35e396a0
f75e892ee766f64add84b4bea5cc6896177939f2
e32334d955a3593bfdaebc5e1cc5f1f2cd2944d9ad50ea95236f561c5e5eef28

HTTP Headers

GET /InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I77sUi268jrWbpvVzgjpXn3t-8rrqozDpe2UwxP2hwuknQK4M1ZQqYdr9oFmFr2SaUwhhUg5IA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:PTmuwFLHZh2sxBc7UuAsaFjH0hy5aA:KtAlD8aSwrPXZtWC;Path=/;Expires=Mon, 27-Jul-2026 02:07:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 02:07:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I74GF62WP2iWgbB6GUPnMClyZdenr_Da-z1igy1SZdZxqxmx4OenGC0-Q24Xq--LJfUrK6zBmg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393087048%3A1722046071584404&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-sC6-XbyO6fdBxQIUggohrg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 436
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I74GF62WP2iWgbB6GUPnMClyZdenr_Da-z1igy1SZdZxqxmx4OenGC0-Q24Xq--LJfUrK6zBmg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393087048%3A1722046071584404&ddm=0

142.250.150.84

403 Forbidden

5.3 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I74GF62WP2iWgbB6GUPnMClyZdenr_Da-z1igy1SZdZxqxmx4OenGC0-Q24Xq--LJfUrK6zBmg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393087048%3A1722046071584404&ddm=0
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintC7:B5:1D:39:6A:EF:62:C1:4B:8E:27:0C:FC:B1:21:C1:F7:C3:99:FB
ValidityMon, 01 Jul 2024 07:34:55 GMT - Mon, 23 Sep 2024 07:34:54 GMT

File type
gzip compressed data, max compression
Size
5.3 kB (5349 bytes)
Hash
aced03f80aadb61cbc71c669c81e80b7
9d87a4cf7c022f8df654b9f464a3f0e487fcc59a
bd99a3236a64cd1965cbff6a2d5da932901b9dc5a64ad191c9efe23474692590

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AdF4I74GF62WP2iWgbB6GUPnMClyZdenr_Da-z1igy1SZdZxqxmx4OenGC0-Q24Xq--LJfUrK6zBmg&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1393087048%3A1722046071584404&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Jul 2024 02:07:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-_F_W1JoYv0I_0gxGMSe2yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.5_pF0xwhc8s.es5.O/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.pornhub.com/login

66.254.114.41

64 kB

URL GET
www.pornhub.com/login
IP
66.254.114.41:0
ASN
#29789 REFLECTED

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (5572)
Size
64 kB (64280 bytes)
Hash
4777053f56bfd6b10bab5b4d73fd57ba
d579bdcda2fec38eb39d13c3175c26a20a895989
391a77b67a1c99f635e9402e749fa0624049a9c493102c56351334adef1148ba

HTTP Headers

GET /login HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pukonikaa.online/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sat, 27 Jul 2024 02:07:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: platform=pc; expires=Sat, 03 Aug 2024 02:07:51 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=652537169605930568; expires=Sun, 27 Jul 2025 02:07:51 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__l=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__s=66A45677-42FE722901BB12B338-27CC5C57; Secure; Samesite=None
__l=66A45677-42FE722901BB12B338-27CC5C57; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: br
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

svntrk.com/assets/mqmq_66a4567537eef.js

104.21.82.62

200 OK

0 B

URL GET HTTP/2
svntrk.com/assets/mqmq_66a4567537eef.js
IP
104.21.82.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerCloudflare, Inc.
Subjectsvntrk.com
Fingerprint83:5F:B1:05:69:64:18:2B:AF:21:B6:08:6A:BF:B6:F1:B5:95:C8:99
ValidityThu, 28 Dec 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/mqmq_66a4567537eef.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Jul 2024 02:07:49 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=66a45675a47d9; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShOkQr0rsYrRt9sbKIrfWR1Yn28%2BZBeaTIdE3HDGYN0cV9n%2FMcikVdmxWtLxDtkH%2FDWajkWrmaQMvbLABviEErXiYuK3gchYTNU%2BIRIZ2MsHuE4wPMziDYmPE1w%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a9913fe6b53b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pukonikaa.online/landings/44/images/3.png

188.114.97.1

200 OK

251 kB

URL GET HTTP/3
pukonikaa.online/landings/44/images/3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pukonikaa.online/?s1=mqmq&i_ema=daniel.boucher@umontreal.ca&s3=male&s5=376l60j37or04
Certificate
IssuerGoogle Trust Services
Subjectpukonikaa.online
Fingerprint96:A1:E0:75:9A:1E:5A:AE:65:E0:1E:68:56:2D:BA:EB:02:45:E9:3D
ValidityFri, 12 Jul 2024 10:48:44 GMT - Thu, 10 Oct 2024 10:48:43 GMT

File type
PNG image data, 1366 x 818, 8-bit colormap, non-interlaced
Size
251 kB (250614 bytes)
Hash
e8dfe0902ae6c35a27f5f6c6bf837c73
92b9caf0b23872aff80faee6648a06417919d734
b94c917965112f2d2df2f10c5d8823028319b887634832383d49173ebe2b3ae9

HTTP Headers

GET /landings/44/images/3.png HTTP/1.1
Host: pukonikaa.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pukonikaa.online/landings/44/fonts/vendor.857e14bd2eb6e6a5e2c65ca20cc8c76f.css
Cookie: XSRF-TOKEN=eyJpdiI6Iks5eVVOeWh6US9rbEE3R2hsMVhobEE9PSIsInZhbHVlIjoidlpxRzI3TDB0VEhRNm1HQ0ZCMmFSb05LV1JiRHdPSGtEeDdZVUtWUktoRllTVUwzSGZxYXh5V3BlMlhoQ3RvNiIsIm1hYyI6IjBjZDJjY2U5MjhkNjY1YmVhNDdkYmI3NWJjNGUwMjI2ZjNhNjhkYTRjY2M2YjFmMWI4YzNkOTFhOGUzZDcxZjMifQ%3D%3D; laravel_session=eyJpdiI6IjBESzRDSm9jbDZWY1hreUxlSDJsQ3c9PSIsInZhbHVlIjoiclI3QWErRUdJSjBIazk5dlMvSHJpaSsyc0xFUXF1TlczaCtiYko2TCt2c28wQkEzWDVhZENadC94OVYwR2NRcyIsIm1hYyI6IjlkZmJkNGE4ZTY5NGUwNjViZDRmOGZmMjUzNDczNGI4MTNhMWMzODZiODhlZDkxMjNhOGYwZTYwMjdlNzlkNjkifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 Jul 2024 02:07:50 GMT
content-type: image/png
content-length: 250614
last-modified: Mon, 15 Jul 2024 15:46:39 GMT
etag: "6695445f-3d2f6"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTZKCB%2FV2TGKcN4Tdav%2Fw%2BrufoBltUYgiB%2FypKTanCqnkJiyqrm4mY8HPn1WQjmcdmWs4jfflE01b4eMiTU41fuIrAux%2Fk%2FBR1EN756QEkuD65PzIKlyxVQ1vLSudOSjfatl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a991401aa5656c5-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL

IP

ASN

File type