tickets.porhubs.com Open in urlscan Pro
172.104.251.198  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

• https://t.ajrkm.link/69881/3788/0?source=porhubs.com&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN HTTP 303
• https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=10260c30842b07b8128443fb53bfb4&subID2=69881&aff_click_id=10260c30842b07b8128443fb53bfb4&affsource=porhubs.com&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 307
• https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=10260c30842b07b8128443fb53bfb4&subID2=69881&aff_click_id=10260c30842b07b8128443fb53bfb4&affsource=porhubs.com&bo=3471%2C3472%2C3473%2C3474%2C3475 HTTP 302
• https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329740&source=10260c30842b07b8128443fb53bfb4&subID2=69881&target=&Site=&Bnr=&cid=wpdgs6pviq7vi0n6jvu8jb14&email=&source=69881_porhubs.com&aff_unique4=vlma HTTP 307
• https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329740&source=10260c30842b07b8128443fb53bfb4&subID2=69881&target=&Site=&Bnr=&cid=wpdgs6pviq7vi0n6jvu8jb14&email=&source=69881_porhubs.com&aff_unique4=vlma HTTP 302
• https://s.sloffer1.com/329740/7172/?aff_sub4=_bucket&aff_sub=1d39c5d5-c5b6-4da0-b01e-1d6650f32d1d&aff_sub2=69881&aff_sub3=wr6b58ig7e9qs0n63pakp13m&aff_click_id=10260c30842b07b8128443fb53bfb4&bo=2753,2754,2755,2756&aff_sub5=_&aff_sub4=_bucket&source=69881_&aff_unique4=vlma HTTP 303
• https://paysale.g2afse.com/sl?id=66f0510e359f812aaf36d694&pid=105285&sub1=102720da68044a3edef7a28529d4cf&sub2=329740_69881_&bo=2753%2C2754%2C2755%2C2756 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=0 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 HTTP 302
• https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tickets.porhubs.com/	2 KB 1 KB	152ms 59ms	Document text/html	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash 8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Tue, 31 Dec 2024 16:51:12 GMT server openresty/1.27.1.1 vary Accept-Encoding
GET H2	200	nrb.js Show response tickets.porhubs.com/_static/	57 KB 19 KB	116ms 116ms	Script text/javascript	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/_static/nrb.js Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash 9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://tickets.porhubs.com/ Response headers strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip etag W/"6769e42d-e308" date Tue, 31 Dec 2024 16:51:12 GMT content-type text/javascript last-modified Mon, 23 Dec 2024 22:29:01 GMT server openresty/1.27.1.1 vary Accept-Encoding
GET H2	200	deliver.js Show response tickets.porhubs.com/_static/	15 KB 4 KB	123ms 123ms	Script text/javascript	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/_static/deliver.js Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash f5aa178612191d9d889844a8ff490e4b40ccde38d959c8f5bb648521d0a21b3c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://tickets.porhubs.com/ Response headers strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip etag W/"6769e42d-3d90" date Tue, 31 Dec 2024 16:51:12 GMT content-type text/javascript last-modified Mon, 23 Dec 2024 22:29:01 GMT server openresty/1.27.1.1 vary Accept-Encoding
POST H2	200	_d Show response tickets.porhubs.com/	697 B 581 B	102ms 101ms	Fetch application/json	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/_d Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash 17736d54dce739b3c4eabe02f6fad5cf0fa0333b50b8f67f503c230089d1ec1c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload Request headers traceparent 00-734b448ec239dad86b4744ea5b194c83-8b2dc41d9a3647f3-01 Referer https://tickets.porhubs.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiI4YjJkYzQxZDlhMzY0N2YzIiwidHIiOiI3MzRiNDQ4ZWMyMzlkYWQ4NmI0NzQ0ZWE1YjE5NGM4MyIsInRpIjoxNzM1NjYzODcyMjkyfX0= tracestate 702135@nr=0-1-702135-718387132-8b2dc41d9a3647f3----1735663872292 Response headers strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip date Tue, 31 Dec 2024 16:51:12 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server openresty/1.27.1.1
GET H2	200	nr-spa-1.273.0.min.js Show response js-agent.newrelic.com/	112 KB 33 KB	155ms 53ms	Script application/javascript	162.247.243.39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1.273.0.min.js Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.247.243.39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed Security Headers Name Value Strict-Transport-Security max-age=300 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://tickets.porhubs.com Referer https://tickets.porhubs.com/ Response headers strict-transport-security max-age=300 cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 content-encoding br etag "38ea02666fda0fcf9ad33eca8b7c5b9c" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * x-cache HIT content-length 33182 date Tue, 31 Dec 2024 16:51:12 GMT last-modified Mon, 11 Nov 2024 18:20:59 GMT content-type application/javascript x-served-by cache-fra-eddf8230124-FRA x-cache-hits 4318 vary Accept-Encoding
GET H3	200	caf.js Show response www.google.com/adsense/domains/	143 KB 52 KB	137ms 56ms	Script text/javascript	142.250.185.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js?abp=1&abpgo=true Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f4.1e100.net Software sffe / Resource Hash 0032125c1364411076e2df7e38ea54824a0296dc342834c616456f7d549b2efd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://tickets.porhubs.com/ Response headers content-encoding gzip etag "10170343719432689485" report-to {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} x-content-type-options nosniff expires Tue, 31 Dec 2024 16:51:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 31 Dec 2024 16:51:12 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding link <https://syndicatedsearch.goog>; rel="preconnect" cache-control private, max-age=3600 cross-origin-opener-policy same-origin; report-to="ads-afs-ui" cross-origin-resource-policy cross-origin accept-ranges bytes x-xss-protection 0 server sffe
POST H/1.1	200	0d385ba8a0 bam.nr-data.net/1/	185 B 640 B	542ms 448ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=497&ck=0&s=34df004f3ef7366c&ref=https://tickets.porhubs.com/&ptid=7bd4c67248fd72d8&af=err,spa,xhr,stn,ins&be=151&fe=155&dc=154&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1735663871988,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:9,%22c%22:9,%22s%22:32,%22ce%22:93,%22rq%22:93,%22rp%22:152,%22rpe%22:173,%22di%22:304,%22ds%22:304,%22de%22:305,%22dc%22:305,%22l%22:305,%22le%22:306%7D,%22navigation%22:%7B%7D%7D&fp=303 Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://tickets.porhubs.com/ Response headers access-control-expose-headers Date timing-allow-origin https://tickets.porhubs.com Connection keep-alive cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS access-control-allow-origin https://tickets.porhubs.com Content-Length 185 date Tue, 31 Dec 2024 16:51:12 GMT content-type text/plain x-served-by cache-fra-eddf8230164-FRA
GET H3	200	cookie.js Show response partner.googleadservices.com/gampad/	376 B 261 B	95ms 48ms	Script text/javascript	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=tickets.porhubs.com&client=partner-dp-giantpanda_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f194.1e100.net Software cafe / Resource Hash fcbca6974ac9cb2b572e30f51353368bfede904cdfb96497cfab6544833722aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://tickets.porhubs.com/ Response headers timing-allow-origin * content-encoding gzip cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 240 date Tue, 31 Dec 2024 16:51:12 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	ads syndicatedsearch.goog/afs/ Frame 46A9	0 0	233ms 125ms	Document text/html	142.250.184.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://syndicatedsearch.goog/afs/ads?adsafe=low&adtest=off&psid=7637993503&pcsa=false&channel=ch1&domain_name=porhubs.com&client=dp-giantpanda_3ph&r=m&hl=pl&ivt=0&rpbu=https%3A%2F%2Ftickets.porhubs.com%2F%3Fafd%3D1&max_radlink_len=50&type=3&swp=as-drid-2439608017877166&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717107&format=r3&nocache=7811735663872581&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=1&u_tz=60&dt=1735663872581&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=704712957&rurl=https%3A%2F%2Ftickets.porhubs.com%2F Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f14.1e100.net Software gws / Resource Hash Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-9i-4QBuF7HduhmNNfw72pQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other X-Xss-Protection 0 Request headers Referer https://tickets.porhubs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-disposition inline content-encoding br content-length 624 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-9i-4QBuF7HduhmNNfw72pQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other content-type text/html; charset=UTF-8 cross-origin-opener-policy same-origin-allow-popups; report-to="gws" date Tue, 31 Dec 2024 16:51:12 GMT expires Tue, 31 Dec 2024 16:51:12 GMT report-to {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} server gws x-xss-protection 0
POST H2	200	_e tickets.porhubs.com/	20 B 199 B	1060ms 1059ms	Fetch application/json	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/_e Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload Request headers traceparent 00-dba2f1a17fe598b82b17c8ad4e24a995-9203836eba6888ca-01 Referer https://tickets.porhubs.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiI5MjAzODM2ZWJhNjg4OGNhIiwidHIiOiJkYmEyZjFhMTdmZTU5OGI4MmIxN2M4YWQ0ZTI0YTk5NSIsInRpIjoxNzM1NjYzODcyOTMwfX0= tracestate 702135@nr=0-1-702135-718387132-9203836eba6888ca----1735663872930 Response headers strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip date Tue, 31 Dec 2024 16:51:13 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server openresty/1.27.1.1
GET		click paysale.g2afse.com/ Redirect Chain https://t.ajrkm.link/69881/3788/0?source=porhubs.com&aff_sub=6293ada6-666a-492a-aae1-e80728bb2400&bo=3471,3472,3473,3474,3475&target=domainredirects&po=6456&aff_sub5=SF_006OG000004lmDN https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=10260c30842b07b8128443fb53bfb4&subID2=69881&aff_click_id=10260c30842b07... https://a.vfghc.com/487c489c-8ee4-40f8-b2ec-dc0e342b5275/2?subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=44542&source=10260c30842b07b8128443fb53bfb4&subID2=69881&aff_click_id=10260c30842b... https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329740&source=10260c30842b07b8128443fb53bfb4&subID2=69881&target=&S... https://a.avlm3.com/6dea95f7-febc-4fec-b477-c5c9e4651559/2?aff_sub4=_bucket&subID1=6293ada6-666a-492a-aae1-e80728bb2400&affiliateID=329740&source=10260c30842b07b8128443fb53bfb4&subID2=69881&target=... https://s.sloffer1.com/329740/7172/?aff_sub4=_bucket&aff_sub=1d39c5d5-c5b6-4da0-b01e-1d6650f32d1d&aff_sub2=69881&aff_sub3=wr6b58ig7e9qs0n63pakp13m&aff_click_id=10260c30842b07b8128443fb53bfb4&bo=275... https://paysale.g2afse.com/sl?id=66f0510e359f812aaf36d694&pid=105285&sub1=102720da68044a3edef7a28529d4cf&sub2=329740_69881_&bo=2753%2C2754%2C2755%2C2756 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=0 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852 https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852	0 0
POST H2	200	_e tickets.porhubs.com/	20 B 199 B	60ms 59ms	Fetch application/json	172.104.251.198 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://tickets.porhubs.com/_e Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.104.251.198 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-104-251-198.ip.linodeusercontent.com Software openresty/1.27.1.1 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload Request headers traceparent 00-c8587b49f7d07cb59ca0ad786c329468-017f50b9e16e2e6c-01 Referer https://tickets.porhubs.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type application/json newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjcwMjEzNSIsImFwIjoiNzE4Mzg3MTMyIiwiaWQiOiIwMTdmNTBiOWUxNmUyZTZjIiwidHIiOiJjODU4N2I0OWY3ZDA3Y2I1OWNhMGFkNzg2YzMyOTQ2OCIsInRpIjoxNzM1NjYzODcyOTMxfX0= tracestate 702135@nr=0-1-702135-718387132-017f50b9e16e2e6c----1735663872931 Response headers strict-transport-security max-age=0; includeSubDomains; preload content-encoding gzip date Tue, 31 Dec 2024 16:51:12 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server openresty/1.27.1.1
POST H/1.1	200	0d385ba8a0 bam.nr-data.net/events/1/	24 B 346 B	167ms 166ms	XHR image/gif	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/0d385ba8a0?a=718387132&sa=1&v=1.273.0&t=Unnamed%20Transaction&rst=1047&ck=0&s=34df004f3ef7366c&ref=https://tickets.porhubs.com/&ptid=7bd4c67248fd72d8 Requested by Host: tickets.porhubs.com URL: https://tickets.porhubs.com/_static/nrb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://tickets.porhubs.com/ Response headers Connection keep-alive access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS access-control-allow-origin https://tickets.porhubs.com Content-Length 24 date Tue, 31 Dec 2024 16:51:13 GMT content-type image/gif x-served-by cache-fra-eddf8230164-FRA
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	155 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

paysale.g2afse.com

URL

https://paysale.g2afse.com/click?pid=105285&offer_id=7852&sub1=7852

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onResize function| setupMobileNav function| assert function| getRandomNum function| getTimeStamp function| CollisionBox function| Runner function| announcePhrase function| getA11yString function| vibrate function| createCanvas function| decodeBase64ToArrayBuffer function| checkForCollision function| createAdjustedCollisionBox function| boxCompare function| toggleHelpBox function| diagnoseErrors function| portalSignin function| updateForDnsProbe function| updateIconClass function| reloadButtonClick function| downloadButtonClick function| detailsButtonClick function| setAutoFetchState function| savePageLaterClick function| cancelSavePageClick function| toggleErrorInformationPopup function| launchDownloadsPage function| toggleOfflineContentListVisibility function| onDocumentLoadOrUpdate function| onDocumentLoad function| jstGetTemplate function| JsEvalContext function| jstProcess object| loadTimeDataRaw object| errorPageController object| certificateErrorPageController object| supervisedUserErrorPageController

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tickets.porhubs.com/	1970-01-21 02:09:10	Name: session_id Value: 79cf02b5c7667fe6d41be2b7dcdf0e65
			tickets.porhubs.com/	1970-01-21 02:07:47	Name: afd_style_id Value: 7637993503
			.porhubs.com/	1970-01-21 11:29:19	Name: __gsas Value: ID=a4c0c045ac1c872e:T=1735663872:RT=1735663872:S=ALNI_MZvxvL9xKcdQuqiE4IePL44k_5tQQ
			t.ajrkm.link/	1970-01-21 11:43:43	Name: enc_aff_session_3788 Value: ENC039199c6ba112444a934b2b865439603b836eafa20c06e48539757fa168f0067fb8681c4fa65a841cfb6b497939640e5dcba15ace38bb5cb2393b271d71864d2e0bdff4cc5653e43f9dc8f294e439b84344cbfa922e8e702f9e47565480576366e845b5ace80d1b37fbc3348068c4c785d1dc05d07a07e92b668a2e7e4342563ebb37293d9c1624477b92cefdb28eb29a9029c6d78e3f0630a627709c6c98ef38f1f38fc0cbe8ebe6fa7466662cb97968513c6e7d4e418697eea38f53e3c8a62f061fedb8f6ef3c9ab2e42411aa4d3e61997840dc99ab100486773825b0c7154073463a45f
			t.ajrkm.link/	1970-01-21 11:43:43	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
			.a.vfghc.com/	1970-01-21 02:09:10	Name: 487c489c-8ee4-40f8-b2ec-dc0e342b5275-v4 Value: xr4IVUvEBmhlXtP9jpN3C3i2_s5g59fgIf4Ht0xATW8
			.a.vfghc.com/	1970-01-21 10:53:19	Name: cc-v4 Value: klQ56f1h%2FfOWIPHWSbrX8gZZ7ObnTy9rqsFqOgjRTrfQx%2BONZEf4c1YFyWGseU2SOrjEgmm85bHX79G%2BO%2Fp%2FKZQL7w4AM6uILAaPAigdKSPbBZcs6ebaX7ab9deCulayQVxfulvjjRBgNgFP0zSgKw%3D%3D
			.a.avlm3.com/	1970-01-21 02:09:10	Name: 6dea95f7-febc-4fec-b477-c5c9e4651559-v4 Value: N7-3Pbsx65Qfor31pLgxVKDqLm_tgciJFBozrOvrLe8
			.a.avlm3.com/	1970-01-21 10:53:19	Name: cc-v4 Value: 8nSh4jjF4di%2F%2BQ8Ej5buatZd4INyksfjjtS2aKxJ2VBuGe73TKQpmOiBu8etQfbFKqfgPt3iigtgaZE8XhVVo%2BIqgVttl0TWwo9IBidg6H6roqLRcI7njrUpMjUIkm67f1kYb2JTsHQR2bVyBHrSLg%3D%3D
			s.sloffer1.com/	1970-01-21 11:43:43	Name: enc_aff_session_9805 Value: ENC0363bbfbd8e6eee57a9e96e29db2c63b95cad888b14b5f4226181a072dc6eb29311e84142ce5cb5340962364bfbe292fe0017cd224dc6a943d60f464bd4b044567bcb4c1f4b430b96e385ea43430523f8e0bc755cdbdc3ee9fb1dbed7a3be38f25c1e70337237606737dfc0ab1844a6346f5bff5212ea14adcf81b1dba517f2ea17917d9b068fd5ea80d9d1462d3c668c5c39413b90ea3b11dfc57259fa7fda0c9ad7de0842d1884f5f29161436f08569ce087a2b6f48f7e344ba6840e1e0a2df1d8c3e8a415491fbebfd19cc1564618ddcb06b9646b3d4c1169bd3024f942875b2b09edd79eb4e593238af96ab9ed5f1d0f86c3bdf64fbcb1ca8306406265911f1f280824
			s.sloffer1.com/	1970-01-21 11:43:43	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
partner.googleadservices.com
paysale.g2afse.com
syndicatedsearch.goog
tickets.porhubs.com
www.google.com
paysale.g2afse.com
142.250.184.206
142.250.185.100
162.247.243.29
162.247.243.39
172.104.251.198
172.217.16.194
0032125c1364411076e2df7e38ea54824a0296dc342834c616456f7d549b2efd
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
17736d54dce739b3c4eabe02f6fad5cf0fa0333b50b8f67f503c230089d1ec1c
5ae4a818071e118ec992196dcd42ae85ee0e320381140eb59d08ceb416402aed
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
8c88ee7c40a98d8410f9c0d0fa1b151bcf0e18ac2d11f6aff210ee00cfc99317
9a9622bf899b7d4a0e3e56f1051aeb09114f1d19cebd4e4b2e6f498d1283b687
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
f5aa178612191d9d889844a8ff490e4b40ccde38d959c8f5bb648521d0a21b3c
fcbca6974ac9cb2b572e30f51353368bfede904cdfb96497cfab6544833722aa