www.tgirl.nl Open in urlscan Pro
104.27.203.89  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request / Show response www.tgirl.nl/	2 KB 2 KB	69ms 45ms	Document text/html	104.27.203.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.tgirl.nl/ Protocol HTTP/1.1 Server 104.27.203.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 033503cf580c6a5c79655f7195f9b57927fcb9406412fabee547b0e1bcf03b98 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host www.tgirl.nl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Frame-Options SAMEORIGIN Cache-Control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires Thu, 01 Jan 1970 00:00:01 GMT cf-request-id 0a69105d0e00000f72c01ce000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wgmE%2BO39GqXUyRVRaJaqjiENF4i4cXsHDvxIgAuWy3Ffl%2F2h6SDMMWTkf53q8GSlJc3ZfsTMpgVNy3rkgo3w4Bjx0m%2FIbKJNlCMuS7VrF8yaYe39DorACYk%3D"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare CF-RAY 6588500e7fe50f72-MXP Content-Encoding gzip
GET H/1.1	200 OK	index.php Show response pto.awecr.com/custom_iframe/ Frame BD8C	13 KB 4 KB	140ms 113ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Requested by Host: www.tgirl.nl URL: http://www.tgirl.nl/ Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash ad39d265b6ba0bb4f0b1c1aa272f8a16cf2969842f4b04692e5b26f0073ae890 Request headers Host pto.awecr.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.tgirl.nl/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.tgirl.nl/ Response headers Server unknown Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Vary Accept-Encoding Cache-Control no-cache Date Tue, 01 Jun 2021 12:05:53 GMT X-Real-Source - Content-Encoding gzip
GET H/1.1	200 OK	advertisement-v284619.js Show response pt-static1.ptwmstc.com/_common/script/adblock/ Frame BD8C	21 B 315 B	99ms 85ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static1.ptwmstc.com/_common/script/adblock/advertisement-v284619.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Last-Modified Tue, 01 Jun 2021 08:22:10 GMT Server unknown ETag "60b5ee32-15" X-Cache-Status R-HIT Content-Type application/javascript Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 21
GET H/1.1	200 OK	cifra-v284619.css pt-static4.ptwmstc.com/cifra/styles/ Frame BD8C	13 KB 3 KB	97ms 85ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static4.ptwmstc.com/cifra/styles/cifra-v284619.css Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash bb19c42b188c7bd075fefeb4176e4a72b14b12e84258996700be35d2ef7b2004 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Content-Encoding gzip Last-Modified Tue, 01 Jun 2021 08:22:10 GMT Server unknown ETag W/"60b5ee32-332f" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	cifra-v284619.js Show response pt-static5.ptwmstc.com/cifra/script/ Frame BD8C	529 KB 184 KB	105ms 87ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static5.ptwmstc.com/cifra/script/cifra-v284619.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash bf461950007f433a436138ffc6afdf240985032e90b3f882304dd3c1b2da7ad4 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Content-Encoding gzip Last-Modified Tue, 01 Jun 2021 08:22:10 GMT Server unknown ETag W/"60b5ee32-84251" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	Pla.gif pt.potwm.com/L0EQ6/ Frame BD8C	43 B 309 B	105ms 93ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt.potwm.com/L0EQ6/Pla.gif?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&categoryName=transgender&cobrandId=214610&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server unknown Content-Type image/gif Cache-Control no-cache X-Real-Source - Connection close Content-Length 43 Expires Tue, 01 Jun 2021 12:05:52 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame BD8C	104 KB 35 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e64e012e1c69d7260d4cc5e5a39ba3ae32202364dde9501dedc672aabca0a039 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 12:05:53 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36103 x-xss-protection 0 expires Tue, 01 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	c982fc7d04888e519ccb47b176c99d72_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame BD8C	27 KB 28 KB	107ms 93ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/c982fc7d04888e519ccb47b176c99d72_glamour_460x345.jpg?cno=210622 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1c84741e8f8a338186c9469b86e4d4b9c1f39ff73082c2b27eba9e87afa8ceb2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Wed, 17 Feb 2021 18:01:09 GMT Server unknown ETag "85eeca07a8fa612d93f3c2b5d52c8b41" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 27971 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	cbc54fb7bd2b1f9e6906adad02cc2e83_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame BD8C	25 KB 26 KB	102ms 89ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/cbc54fb7bd2b1f9e6906adad02cc2e83_glamour_460x345.jpg?cno=210622 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash a82bf6c0f016a5223a60dfed02fbc5bb0662f783812fc794bb63709d7f18ed11 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Wed, 18 Nov 2020 20:50:44 GMT Server unknown ETag "8681348cb5d770db0781821532cf1e44" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 26103 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	290759a166502d2747d8fa97bd7684ac_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/ Frame BD8C	85 KB 85 KB	98ms 85ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/290759a166502d2747d8fa97bd7684ac_glamour_460x345.jpg?cno=210622 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 47376a1ad05c48f2b65477696fc2cf4ffcebdb6d5bc1e8b36e0c2a8017e1b72c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Mon, 13 Jul 2020 07:54:53 GMT Server unknown ETag "b1506eb54e56fc9a51a5c5348421b631" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 86978 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	797df7ca193331c20ff0bbb5c0543c33_glamour_460x345.jpg galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame BD8C	42 KB 42 KB	98ms 85ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/797df7ca193331c20ff0bbb5c0543c33_glamour_460x345.jpg?cno=210622 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3196301c372dcb412ff927c43607fdd2e8799ffd9fb641cfb214feec212e968a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Mon, 13 Jul 2020 14:26:47 GMT Server unknown ETag "5d05c70c45d82af67a94db0d999e1dab" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 42509 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	bff879c66f67668d6e47631abee35c91_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame BD8C	43 KB 43 KB	98ms 86ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/bff879c66f67668d6e47631abee35c91_glamour_460x345.jpg?cno=210622 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1fed5cfe2680826134181c47a46f55cc6b2adb37a7100baa645597bdcc4e0175 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Sun, 28 Feb 2021 07:12:28 GMT Server unknown ETag "18b06f8c4d63ba007c110c1bfb95e567" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 43825 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET H/1.1	200 OK	get Show response api-protected.protoawegw.com/v2/player/performer/ Frame BD8C	264 B 646 B	147ms 131ms	Fetch application/json	93.93.51.225 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&streamType=rtmp&category=transgender&performerIds[]=KendraTopTS Requested by Host: pt-static5.ptwmstc.com URL: http://pt-static5.ptwmstc.com/cifra/script/cifra-v284619.js Protocol HTTP/1.1 Server 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 4c948d0d47a91ba7797a835800ff2dd64852fe00a73e2fa32e4fe24718510b9f Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Content-Encoding gzip Vary Accept-Encoding Server unknown Transfer-Encoding chunked Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE, PATCH Content-Type application/json Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Real-Source - Connection close Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	smilies_ex.png pt-static1.ptwmstc.com/image/ Frame BD8C	8 KB 9 KB	100ms 90ms	Image image/png	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt-static1.ptwmstc.com/image/smilies_ex.png Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 01 Jun 2021 12:05:53 GMT Last-Modified Tue, 20 Apr 2021 07:52:16 GMT Server unknown ETag "607e8830-2155" X-Cache-Status R-HIT Content-Type image/png Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 8533
GET DATA	200 OK	truncated / Frame BD8C	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	cbc54fb7bd2b1f9e6906adad02cc2e83_glamour_896x504.jpg galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame BD8C	55 KB 55 KB	96ms 85ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/cbc54fb7bd2b1f9e6906adad02cc2e83_glamour_896x504.jpg Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 775f444a8cd05089b73b0112a953eb05518415f022040356d817969728e51a58 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Tue, 01 Jun 2021 12:05:53 GMT X-Content-Type-Options nosniff Last-Modified Wed, 18 Nov 2020 20:50:44 GMT Server unknown ETag "785ee0e49dfe614ffe2c74a1ab0d4ec1" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 56102 Expires Tue, 15 Jun 2021 12:05:53 GMT
GET DATA	200 OK	truncated / Frame BD8C	1 KB 1 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128 Request headers Origin http://pto.awecr.com Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/woff

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: http://pt-static5.ptwmstc.com/cifra/script/cifra-v284619.js(Line 21) Message: NanoCore api version: 4.0.6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
galleryn0.awemdia.com
galleryn2.awemdia.com
galleryn3.awemdia.com
pt-static1.ptwmstc.com
pt-static4.ptwmstc.com
pt-static5.ptwmstc.com
pt.potwm.com
pto.awecr.com
www.googletagmanager.com
www.tgirl.nl
104.27.203.89
2a00:1450:4001:82a::2008
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
033503cf580c6a5c79655f7195f9b57927fcb9406412fabee547b0e1bcf03b98
1c84741e8f8a338186c9469b86e4d4b9c1f39ff73082c2b27eba9e87afa8ceb2
1fed5cfe2680826134181c47a46f55cc6b2adb37a7100baa645597bdcc4e0175
3196301c372dcb412ff927c43607fdd2e8799ffd9fb641cfb214feec212e968a
47376a1ad05c48f2b65477696fc2cf4ffcebdb6d5bc1e8b36e0c2a8017e1b72c
4c948d0d47a91ba7797a835800ff2dd64852fe00a73e2fa32e4fe24718510b9f
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
775f444a8cd05089b73b0112a953eb05518415f022040356d817969728e51a58
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128
a82bf6c0f016a5223a60dfed02fbc5bb0662f783812fc794bb63709d7f18ed11
ad39d265b6ba0bb4f0b1c1aa272f8a16cf2969842f4b04692e5b26f0073ae890
bb19c42b188c7bd075fefeb4176e4a72b14b12e84258996700be35d2ef7b2004
bf461950007f433a436138ffc6afdf240985032e90b3f882304dd3c1b2da7ad4
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e64e012e1c69d7260d4cc5e5a39ba3ae32202364dde9501dedc672aabca0a039
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5