URL: http://www.tgirl.nl/
Submission: On May 17 via api from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 104.27.203.89, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tgirl.nl.
This is the only time www.tgirl.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.27.203.89 13335 (CLOUDFLAR...)
2 93.93.51.191 34655 (DOCLER-AS)
4 93.93.51.200 34655 (DOCLER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 93.93.51.190 34655 (DOCLER-AS)
1 93.93.51.225 34655 (DOCLER-AS)
18 7
Domain Requested by
6 galleryn0.awemdia.com pto.awecr.com
2 galleryn3.awemdia.com pto.awecr.com
2 pt-static1.ptwmstc.com pto.awecr.com
2 pt-static4.ptwmstc.com pto.awecr.com
1 api-protected.protoawegw.com pt-static1.ptwmstc.com
1 galleryn1.awemdia.com pto.awecr.com
1 www.googletagmanager.com pto.awecr.com
1 pt.potwm.com pto.awecr.com
1 pto.awecr.com www.tgirl.nl
1 www.tgirl.nl
18 10

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.tgirl.nl/
Frame ID: 4B7AC1F9A8DA069ECD41B5E97D1D51F4
Requests: 1 HTTP requests in this frame

Frame: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Frame ID: 5882F7872A3BCCBB86384D6DB21A8378
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

6 %
HTTPS

17 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

410 kB
Transfer

2613 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tgirl.nl/
2 KB
2 KB
Document
General
Full URL
http://www.tgirl.nl/
Protocol
HTTP/1.1
Server
104.27.203.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0999d5a9cca4694d31d693f44480aef433854b8e5d287e6ddc1e23e5f2ffaf2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.tgirl.nl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id
0a1bb383f40000410e42880000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PJ6GjO%2BZNetLt5WVUY04Eq5EIM%2FUhtqtz3dNsAgqD8hbL082ZRrKNW7WCUd3Z4PEL9psO4SUURvBBlJG1gWo9qVWebw%2FKk04M6nJlF0%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
650c884cbe94410e-PRG
Content-Encoding
gzip
index.php
pto.awecr.com/custom_iframe/ Frame 5882
19 KB
5 KB
Document
General
Full URL
http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Requested by
Host: www.tgirl.nl
URL: http://www.tgirl.nl/
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
6229930fcc894e81706d8fa28c3d2b1c05e10e2a1303f4bf82252d9d4461d008

Request headers

Host
pto.awecr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.tgirl.nl/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tgirl.nl/

Response headers

Server
unknown
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
Cache-Control
no-cache
Date
Mon, 17 May 2021 11:33:42 GMT
X-Real-Source
-
Content-Encoding
gzip
advertisement-v754389.js
pt-static4.ptwmstc.com/_common/script/adblock/ Frame 5882
21 B
315 B
Script
General
Full URL
http://pt-static4.ptwmstc.com/_common/script/adblock/advertisement-v754389.js
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Last-Modified
Mon, 17 May 2021 08:05:05 GMT
Server
unknown
ETag
"60a223b1-15"
X-Cache-Status
R-HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
21
cifra-v754389.css
pt-static4.ptwmstc.com/cifra/styles/ Frame 5882
13 KB
3 KB
Stylesheet
General
Full URL
http://pt-static4.ptwmstc.com/cifra/styles/cifra-v754389.css
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e798709b64fe4a4cfe1087cffe2655b192d8d48b61fd8a8c0ab0b6534a43a394

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 May 2021 08:05:06 GMT
Server
unknown
ETag
W/"60a223b2-332f"
X-Cache-Status
R-HIT
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
close
cifrafk-v754389.js
pt-static1.ptwmstc.com/cifra/script/ Frame 5882
352 KB
126 KB
Script
General
Full URL
http://pt-static1.ptwmstc.com/cifra/script/cifrafk-v754389.js
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
2b6773c1a824be4748844e7a261124d0977f3c5e3fdbbbbcdc0b6a2684918b2d

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 May 2021 08:05:06 GMT
Server
unknown
ETag
W/"60a223b2-57f8f"
X-Cache-Status
R-HIT
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
close
pHx.gif
pt.potwm.com/FSqTy/ Frame 5882
43 B
309 B
Image
General
Full URL
http://pt.potwm.com/FSqTy/pHx.gif?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&categoryName=transgender&cobrandId=214610&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
unknown
Content-Type
image/gif
Cache-Control
no-cache
X-Real-Source
-
Connection
close
Content-Length
43
Expires
Mon, 17 May 2021 11:33:41 GMT
gtm.js
www.googletagmanager.com/ Frame 5882
103 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc63b4d55996f3732ecaa9d00299575fa5b892ff9668317446a5049370967491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 11:33:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35923
x-xss-protection
0
last-modified
Mon, 17 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 May 2021 11:33:42 GMT
be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 5882
30 KB
30 KB
Image
General
Full URL
http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg?cno=210520
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Apr 2021 11:05:17 GMT
Server
unknown
ETag
"707270fdce2d8ab07c390371b94bfd8c"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
30655
Expires
Mon, 31 May 2021 11:40:41 GMT
e135bda0e2c35dd743e36fcf17232481_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1e/ Frame 5882
24 KB
25 KB
Image
General
Full URL
http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1e/e135bda0e2c35dd743e36fcf17232481_glamour_460x345.jpg?cno=210520
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
360e46cbb924d59dfb9dfbe31e7e41b0984bf3d48f87b8b14b87fe0d249a7163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Apr 2021 17:21:48 GMT
Server
unknown
ETag
"57f00727615017399cb32489b3494501"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
24838
Expires
Mon, 31 May 2021 11:40:41 GMT
b0d6af6c76da781d8979b4f644295fce_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 5882
31 KB
32 KB
Image
General
Full URL
http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/b0d6af6c76da781d8979b4f644295fce_glamour_460x345.jpg?cno=210520
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
14c23396c7fbba7c4ec0746c8d9b16f160f40a86efa8ec48e3a6f6fe6977ef57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 31 Dec 2020 07:20:25 GMT
Server
unknown
ETag
"3da0f335679d71713ad5c455921870af"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
32147
Expires
Mon, 31 May 2021 11:40:41 GMT
8c438aafa5b8758943ab2824e5922148_glamour_460x345.jpg
galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 5882
35 KB
36 KB
Image
General
Full URL
http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/8c438aafa5b8758943ab2824e5922148_glamour_460x345.jpg?cno=210520
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
8a57a931af1172434734b89b5248c4b75ffb45b191bc35a48c4d4fce8a383a0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 25 Oct 2020 18:23:42 GMT
Server
unknown
ETag
"2c292c1da4907535c960894b0999ead9"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
36249
Expires
Mon, 31 May 2021 11:40:30 GMT
14d3057cae1114e3c86fe51384b1e3cd_glamour_460x345.jpg
galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 5882
16 KB
17 KB
Image
General
Full URL
http://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/14d3057cae1114e3c86fe51384b1e3cd_glamour_460x345.jpg?cno=210520
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
57191425cd440e20a0686c8bb0431fd2a8f49166d702c23d3ca138fb9cbe2b74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Mar 2021 12:33:58 GMT
Server
unknown
ETag
"80c8f8a711996265ef4ebcc56c742c8f"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
16638
Expires
Mon, 31 May 2021 11:40:41 GMT
smilies_ex.png
pt-static1.ptwmstc.com/image/ Frame 5882
8 KB
9 KB
Image
General
Full URL
http://pt-static1.ptwmstc.com/image/smilies_ex.png
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:42 GMT
Last-Modified
Tue, 20 Apr 2021 07:52:16 GMT
Server
unknown
ETag
"607e8830-2155"
X-Cache-Status
R-HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
8533
44aec94d4cb9647bc0822f4532946ff7_glamour_896x504.jpg
galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/ Frame 5882
44 KB
44 KB
Image
General
Full URL
http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/44aec94d4cb9647bc0822f4532946ff7_glamour_896x504.jpg
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
bbc088a3c54bcb65b935089b0dc9a7ff7c0827e8fd5ef89889f70f9247301aac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Aug 2020 06:34:22 GMT
Server
unknown
ETag
"c2a860692514695ce40b5595c2e6551c"
X-Cache-Status
R-HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Accept-Ranges
bytes
Content-Length
44873
Expires
Mon, 31 May 2021 11:40:30 GMT
e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882
32 KB
0
Media
General
Full URL
http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Aug 2018 15:53:56 GMT
Server
unknown
Access-Control-Allow-Origin
*
ETag
"31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status
R-HIT
Content-Type
video/mp4
Content-Range
bytes 0-1976794/1976795
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Content-Length
1976795
Expires
Mon, 31 May 2021 11:40:41 GMT
truncated
/ Frame 5882
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882
42 KB
43 KB
Media
General
Full URL
http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom
Requested by
Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
ebc81badad4b1218d2f9152d9494943200fdf084069af2c186d9a4904e1a2d0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1933312-

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Aug 2018 15:53:56 GMT
Server
unknown
Access-Control-Allow-Origin
*
ETag
"31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status
R-HIT
Content-Type
video/mp4
Content-Range
bytes 1933312-1976794/1976795
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Content-Length
43483
Expires
Mon, 31 May 2021 11:40:41 GMT
get
api-protected.protoawegw.com/v2/player/performer/ Frame 5882
208 B
610 B
Fetch
General
Full URL
http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&streamType=rtmp&category=transgender&performerIds[]=GODDESsSHEMALeXX
Requested by
Host: pt-static1.ptwmstc.com
URL: http://pt-static1.ptwmstc.com/cifra/script/cifrafk-v754389.js
Protocol
HTTP/1.1
Server
93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
d34c5ae84fb8a5d58b308abeb6649d31edb6844bcb23e4f73df860447b9633d0

Request headers

Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 17 May 2021 11:33:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
unknown
Transfer-Encoding
chunked
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE, PATCH
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Real-Source
-
Connection
close
Access-Control-Allow-Headers
X-Requested-With, Content-Type
e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882
2 MB
0
Media
General
Full URL
http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pto.awecr.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

X-Cdn-Node
defra
Date
Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Aug 2018 15:53:56 GMT
Server
unknown
Access-Control-Allow-Origin
*
ETag
"31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status
R-HIT
Content-Type
video/mp4
Content-Range
bytes 32768-1976794/1976795
Cache-Control
max-age=1209600
X-Real-Source
-
Connection
close
Content-Length
1944027
Expires
Mon, 31 May 2021 11:40:41 GMT
truncated
/ Frame 5882
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128

Request headers

Origin
http://pto.awecr.com
Referer
http://pto.awecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
galleryn0.awemdia.com
galleryn1.awemdia.com
galleryn3.awemdia.com
pt-static1.ptwmstc.com
pt-static4.ptwmstc.com
pt.potwm.com
pto.awecr.com
www.googletagmanager.com
www.tgirl.nl
104.27.203.89
2a00:1450:4001:811::2008
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
0999d5a9cca4694d31d693f44480aef433854b8e5d287e6ddc1e23e5f2ffaf2c
14c23396c7fbba7c4ec0746c8d9b16f160f40a86efa8ec48e3a6f6fe6977ef57
2b6773c1a824be4748844e7a261124d0977f3c5e3fdbbbbcdc0b6a2684918b2d
360e46cbb924d59dfb9dfbe31e7e41b0984bf3d48f87b8b14b87fe0d249a7163
57191425cd440e20a0686c8bb0431fd2a8f49166d702c23d3ca138fb9cbe2b74
6229930fcc894e81706d8fa28c3d2b1c05e10e2a1303f4bf82252d9d4461d008
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
8a57a931af1172434734b89b5248c4b75ffb45b191bc35a48c4d4fce8a383a0c
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128
bbc088a3c54bcb65b935089b0dc9a7ff7c0827e8fd5ef89889f70f9247301aac
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d34c5ae84fb8a5d58b308abeb6649d31edb6844bcb23e4f73df860447b9633d0
dc63b4d55996f3732ecaa9d00299575fa5b892ff9668317446a5049370967491
e798709b64fe4a4cfe1087cffe2655b192d8d48b61fd8a8c0ab0b6534a43a394
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ebc81badad4b1218d2f9152d9494943200fdf084069af2c186d9a4904e1a2d0c
ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1