www.tgirl.nl Open in urlscan Pro
104.27.203.89  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request Cookie set / Show response www.tgirl.nl/	2 KB 2 KB	74ms 49ms	Document text/html	104.27.203.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.tgirl.nl/ Protocol HTTP/1.1 Server 104.27.203.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8029bd1414449290cdcb70e7a662074190b005f9b6d851227fd6ec0850ec27f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host www.tgirl.nl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Frame-Options SAMEORIGIN Cache-Control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires Thu, 01 Jan 1970 00:00:01 GMT Set-Cookie __cfduid=dba197ebf6ccd7a27c869c205df216def1617187516; expires=Fri, 30-Apr-21 10:45:16 GMT; path=/; domain=.tgirl.nl; HttpOnly; SameSite=Lax cf-request-id 09297c473900000f5e9a27d000000001 Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z2wBcKZMs2tLvQ9M0PNG4i%2FYXC5AZaIk1%2Fn5EW4H5o1vrp4w36bNnCI3yrXcv%2FpdQTv7LG1%2BJqHD%2FLnBOmW61pxDzUGslPyVfiGQpwo%3D"}],"max_age":604800} NEL {"max_age":604800,"report_to":"cf-nel"} Vary Accept-Encoding Server cloudflare CF-RAY 6388fcb859060f5e-MXP Content-Encoding gzip
GET H/1.1	200 OK	index.php Show response pto.awecr.com/custom_iframe/ Frame E4BF	13 KB 4 KB	160ms 135ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Requested by Host: www.tgirl.nl URL: http://www.tgirl.nl/ Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 79e014a099f21e75d1bff75e126179bd02214b16d7dc7f5371d7ca8888c8ac02 Request headers Host pto.awecr.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.tgirl.nl/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.tgirl.nl/ Response headers Server unknown Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Vary Accept-Encoding Cache-Control no-cache Date Wed, 31 Mar 2021 10:45:16 GMT X-Real-Source - Content-Encoding gzip
GET H/1.1	200 OK	advertisement-v373938.js Show response pt-static2.ptwmstc.com/_common/script/adblock/ Frame E4BF	21 B 315 B	96ms 77ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static2.ptwmstc.com/_common/script/adblock/advertisement-v373938.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Last-Modified Fri, 26 Mar 2021 15:52:33 GMT Server unknown ETag "605e0341-15" X-Cache-Status R-HIT Content-Type application/javascript Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 21
GET H/1.1	200 OK	cifra-v373938.css pt-static5.ptwmstc.com/cifra/styles/ Frame E4BF	13 KB 3 KB	100ms 82ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static5.ptwmstc.com/cifra/styles/cifra-v373938.css Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 55aeb81df7415f065917aa5ae79c6f26f07edd23b6c63b38d6aaf9e7754e4eea Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Content-Encoding gzip Last-Modified Fri, 26 Mar 2021 15:52:33 GMT Server unknown ETag W/"605e0341-332f" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	cifra-v373938.js Show response pt-static5.ptwmstc.com/cifra/script/ Frame E4BF	528 KB 183 KB	101ms 83ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static5.ptwmstc.com/cifra/script/cifra-v373938.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 25fade31a67e78a8c55ca9a3de75bf86407ef1e43c107bff0acaf4ca2399c3e5 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Content-Encoding gzip Last-Modified Fri, 26 Mar 2021 15:52:33 GMT Server unknown ETag W/"605e0341-83e17" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	jtf.gif pt.potwm.com/5JT0n/ Frame E4BF	43 B 309 B	117ms 99ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt.potwm.com/5JT0n/jtf.gif?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&categoryName=transgender&cobrandId=214610&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server unknown Content-Type image/gif Cache-Control no-cache X-Real-Source - Connection close Content-Length 43 Expires Wed, 31 Mar 2021 10:45:15 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame E4BF	101 KB 35 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bbe5301f84eb9afa063a72698d9d3f66e0bafa07b2d314c25b14db2af10bbdef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 31 Mar 2021 10:45:16 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35430 x-xss-protection 0 last-modified Wed, 31 Mar 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 31 Mar 2021 10:45:16 GMT
GET H/1.1	200 OK	08f2720813a0779b95fabecf91d550df_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f10/ Frame E4BF	23 KB 24 KB	96ms 78ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f10/08f2720813a0779b95fabecf91d550df_glamour_460x345.jpg?cno=210313 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1e226d4cdf84a638ea77a43dcb5ccff8313ab005ffad9c8aba014d35c285b84a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:51:29 GMT X-Content-Type-Options nosniff Last-Modified Mon, 29 Mar 2021 10:49:18 GMT Server unknown ETag "7e201d3317f26b81c17bd4846e8a5236" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 23837 Expires Wed, 14 Apr 2021 10:51:29 GMT
GET H/1.1	200 OK	765492fa8096269896b01cc9221b36d6_glamour_460x345.jpg galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame E4BF	37 KB 37 KB	106ms 87ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/765492fa8096269896b01cc9221b36d6_glamour_460x345.jpg?cno=210313 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash a13a5c24a0c882542bfb0c9628b574b9a5b49c50404e08a07b7e77a4ccdd4b41 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:51:29 GMT X-Content-Type-Options nosniff Last-Modified Mon, 07 Dec 2020 08:22:12 GMT Server unknown ETag "9d59de19c2778a574fceaf87b70bd7a7" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 37594 Expires Wed, 14 Apr 2021 10:51:29 GMT
GET H/1.1	200 OK	00da85495c46e74a0a80bf7c105e96ca_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f10/ Frame E4BF	50 KB 50 KB	96ms 78ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f10/00da85495c46e74a0a80bf7c105e96ca_glamour_460x345.jpg?cno=210313 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 0450af2a74a207641c2318742a2adc43d0b8a5083983705afcbabb8bf81fddc2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:51:29 GMT X-Content-Type-Options nosniff Last-Modified Wed, 17 Mar 2021 14:58:23 GMT Server unknown ETag "0ecfc0e5cbcf4db563fe870a6abffb5c" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 50811 Expires Wed, 14 Apr 2021 10:51:29 GMT
GET H/1.1	200 OK	f8dd770138ea53860ac96d4605348025_glamour_460x345.jpg galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/ Frame E4BF	45 KB 45 KB	102ms 84ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/f8dd770138ea53860ac96d4605348025_glamour_460x345.jpg?cno=210313 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 77293395575936ecbcee6a5c1c8488264608dc6b41d20e33e5d66b3e20b83f51 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:50:35 GMT X-Content-Type-Options nosniff Last-Modified Tue, 21 May 2019 16:18:56 GMT Server unknown ETag "29a90dee992a4c4e3ef92516fdc2c4ec" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 45957 Expires Wed, 14 Apr 2021 10:50:35 GMT
GET H/1.1	200 OK	be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame E4BF	30 KB 30 KB	96ms 78ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg?cno=210313 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:51:29 GMT X-Content-Type-Options nosniff Last-Modified Sun, 21 Mar 2021 02:13:47 GMT Server unknown ETag "707270fdce2d8ab07c390371b94bfd8c" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 30655 Expires Wed, 14 Apr 2021 10:51:29 GMT
GET H/1.1	200 OK	get Show response api-protected.protoawegw.com/v2/player/performer/ Frame E4BF	264 B 651 B	140ms 115ms	Fetch application/json	93.93.51.225 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&streamType=rtmp&category=transgender&performerIds[]=UNIversalLADY Requested by Host: pt-static5.ptwmstc.com URL: http://pt-static5.ptwmstc.com/cifra/script/cifra-v373938.js Protocol HTTP/1.1 Server 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 548c2256641fb38f08bf3c70d7635c6897090800d2354cb460b218b717e446bd Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Content-Encoding gzip Vary Accept-Encoding Server unknown Transfer-Encoding chunked Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE, PATCH Content-Type application/json Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Real-Source - Connection close Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	smilies_ex.png pt-static1.ptwmstc.com/image/ Frame E4BF	8 KB 9 KB	97ms 77ms	Image image/png	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt-static1.ptwmstc.com/image/smilies_ex.png Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 31 Mar 2021 10:45:16 GMT Last-Modified Tue, 23 Feb 2021 11:08:55 GMT Server unknown ETag "6034e247-2155" X-Cache-Status R-HIT Content-Type image/png Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 8533
GET DATA	200 OK	truncated / Frame E4BF	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	f8dd770138ea53860ac96d4605348025_glamour_896x504.jpg galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/ Frame E4BF	110 KB 111 KB	101ms 82ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1f/f8dd770138ea53860ac96d4605348025_glamour_896x504.jpg Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 5d931eec80cffa2447693c8b81e41e453907ce3045c14f5ff110a39d7c820303 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Wed, 31 Mar 2021 10:50:35 GMT X-Content-Type-Options nosniff Last-Modified Tue, 21 May 2019 16:18:55 GMT Server unknown ETag "6195453e37ea50b949e394e9911b2ac2" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 113126 Expires Wed, 14 Apr 2021 10:50:35 GMT
GET DATA	200 OK	truncated / Frame E4BF	1 KB 1 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128 Request headers Origin http://pto.awecr.com Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/woff

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tgirl.nl/	1970-01-19 17:56:19	Name: __cfduid Value: dba197ebf6ccd7a27c869c205df216def1617187516

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: http://pt-static5.ptwmstc.com/cifra/script/cifra-v373938.js(Line 21) Message: NanoCore api version: 4.0.6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
galleryn0.awemdia.com
galleryn2.awemdia.com
galleryn3.awemdia.com
pt-static1.ptwmstc.com
pt-static2.ptwmstc.com
pt-static5.ptwmstc.com
pt.potwm.com
pto.awecr.com
www.googletagmanager.com
www.tgirl.nl
104.27.203.89
2a00:1450:4001:813::2008
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
0450af2a74a207641c2318742a2adc43d0b8a5083983705afcbabb8bf81fddc2
1e226d4cdf84a638ea77a43dcb5ccff8313ab005ffad9c8aba014d35c285b84a
25fade31a67e78a8c55ca9a3de75bf86407ef1e43c107bff0acaf4ca2399c3e5
548c2256641fb38f08bf3c70d7635c6897090800d2354cb460b218b717e446bd
55aeb81df7415f065917aa5ae79c6f26f07edd23b6c63b38d6aaf9e7754e4eea
5d931eec80cffa2447693c8b81e41e453907ce3045c14f5ff110a39d7c820303
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
77293395575936ecbcee6a5c1c8488264608dc6b41d20e33e5d66b3e20b83f51
79e014a099f21e75d1bff75e126179bd02214b16d7dc7f5371d7ca8888c8ac02
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128
a13a5c24a0c882542bfb0c9628b574b9a5b49c50404e08a07b7e77a4ccdd4b41
bbe5301f84eb9afa063a72698d9d3f66e0bafa07b2d314c25b14db2af10bbdef
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1
f8029bd1414449290cdcb70e7a662074190b005f9b6d851227fd6ec0850ec27f