www.tgirl.nl Open in urlscan Pro
104.27.203.89 Public Scan

URL:
http://www.tgirl.nl/
Submission: On May 17 via api (May 17th 2021, 11:33:59 am UTC) from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 104.27.203.89, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tgirl.nl.

This is the only time www.tgirl.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.27.203.89 104.27.203.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
9	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
1	93.93.51.225 93.93.51.225	34655 (DOCLER-AS) (DOCLER-AS)
18	7

1 104.27.203.89 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tgirl.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pto.awecr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.potwm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static4.ptwmstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static1.ptwmstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn0.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn3.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn1.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.93.51.225 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

api-protected.protoawegw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	awemdia.com galleryn0.awemdia.com galleryn3.awemdia.com galleryn1.awemdia.com	227 KB
4	ptwmstc.com pt-static4.ptwmstc.com pt-static1.ptwmstc.com	138 KB
1	protoawegw.com api-protected.protoawegw.com	610 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	potwm.com pt.potwm.com	309 B
1	awecr.com pto.awecr.com	5 KB
1	tgirl.nl www.tgirl.nl	2 KB
18	7

	Domain	Requested by
6	galleryn0.awemdia.com	pto.awecr.com
2	galleryn3.awemdia.com	pto.awecr.com
2	pt-static1.ptwmstc.com	pto.awecr.com
2	pt-static4.ptwmstc.com	pto.awecr.com
1	api-protected.protoawegw.com	pt-static1.ptwmstc.com
1	galleryn1.awemdia.com	pto.awecr.com
1	www.googletagmanager.com	pto.awecr.com
1	pt.potwm.com	pto.awecr.com
1	pto.awecr.com	www.tgirl.nl
1	www.tgirl.nl
18	10

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.tgirl.nl/
Frame ID: 4B7AC1F9A8DA069ECD41B5E97D1D51F4
Requests: 1 HTTP requests in this frame

Frame: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Frame ID: 5882F7872A3BCCBB86384D6DB21A8378
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

18
Requests

6 %
HTTPS

17 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

410 kB
Transfer

2613 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
www.tgirl.nl/ 2 KB
2 KB 79ms
52ms Document
text/html 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.tgirl.nl/

Protocol

HTTP/1.1

Server

104.27.203.89 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0999d5a9cca4694d31d693f44480aef433854b8e5d287e6ddc1e23e5f2ffaf2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.tgirl.nl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a1bb383f40000410e42880000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PJ6GjO%2BZNetLt5WVUY04Eq5EIM%2FUhtqtz3dNsAgqD8hbL082ZRrKNW7WCUd3Z4PEL9psO4SUURvBBlJG1gWo9qVWebw%2FKk04M6nJlF0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 650c884cbe94410e-PRG
Content-Encoding: gzip

GET
H/1.1 200
OK index.php Show response
pto.awecr.com/custom_iframe/ Frame 5882 19 KB
5 KB 157ms
140ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Requested by: Host: www.tgirl.nl
URL: http://www.tgirl.nl/
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 6229930fcc894e81706d8fa28c3d2b1c05e10e2a1303f4bf82252d9d4461d008

Request headers

Host: pto.awecr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.tgirl.nl/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.tgirl.nl/

Response headers

Server: unknown
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Cache-Control: no-cache
Date: Mon, 17 May 2021 11:33:42 GMT
X-Real-Source: -
Content-Encoding: gzip

GET
H/1.1 200
OK advertisement-v754389.js Show response
pt-static4.ptwmstc.com/_common/script/adblock/ Frame 5882 21 B
315 B 73ms
56ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static4.ptwmstc.com/_common/script/adblock/advertisement-v754389.js
Requested by: Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Last-Modified: Mon, 17 May 2021 08:05:05 GMT
Server: unknown
ETag: "60a223b1-15"
X-Cache-Status: R-HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 21

GET
H/1.1 200
OK cifra-v754389.css
pt-static4.ptwmstc.com/cifra/styles/ Frame 5882 13 KB
3 KB 73ms
56ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static4.ptwmstc.com/cifra/styles/cifra-v754389.css
Requested by: Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e798709b64fe4a4cfe1087cffe2655b192d8d48b61fd8a8c0ab0b6534a43a394

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 08:05:06 GMT
Server: unknown
ETag: W/"60a223b2-332f"
X-Cache-Status: R-HIT
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK cifrafk-v754389.js Show response
pt-static1.ptwmstc.com/cifra/script/ Frame 5882 352 KB
126 KB 74ms
57ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static1.ptwmstc.com/cifra/script/cifrafk-v754389.js
Requested by: Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2b6773c1a824be4748844e7a261124d0977f3c5e3fdbbbbcdc0b6a2684918b2d

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 08:05:06 GMT
Server: unknown
ETag: W/"60a223b2-57f8f"
X-Cache-Status: R-HIT
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK pHx.gif
pt.potwm.com/FSqTy/ Frame 5882 43 B
309 B 76ms
59ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt.potwm.com/FSqTy/pHx.gif?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&categoryName=transgender&cobrandId=214610&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0
Requested by: Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: unknown
Content-Type: image/gif
Cache-Control: no-cache
X-Real-Source: -
Connection: close
Content-Length: 43
Expires: Mon, 17 May 2021 11:33:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5882 103 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc63b4d55996f3732ecaa9d00299575fa5b892ff9668317446a5049370967491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 11:33:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35923
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 11:33:42 GMT

GET
H/1.1 200
OK be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 5882 30 KB
30 KB 76ms
56ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/be98b9b18993272a0d0ce0405cd4a8bc_glamour_460x345.jpg?cno=210520

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Apr 2021 11:05:17 GMT
Server: unknown
ETag: "707270fdce2d8ab07c390371b94bfd8c"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 30655
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
H/1.1 200
OK e135bda0e2c35dd743e36fcf17232481_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1e/ Frame 5882 24 KB
25 KB 76ms
55ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1e/e135bda0e2c35dd743e36fcf17232481_glamour_460x345.jpg?cno=210520

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

360e46cbb924d59dfb9dfbe31e7e41b0984bf3d48f87b8b14b87fe0d249a7163

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 29 Apr 2021 17:21:48 GMT
Server: unknown
ETag: "57f00727615017399cb32489b3494501"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 24838
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
H/1.1 200
OK b0d6af6c76da781d8979b4f644295fce_glamour_460x345.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 5882 31 KB
32 KB 76ms
56ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/b0d6af6c76da781d8979b4f644295fce_glamour_460x345.jpg?cno=210520

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

14c23396c7fbba7c4ec0746c8d9b16f160f40a86efa8ec48e3a6f6fe6977ef57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 31 Dec 2020 07:20:25 GMT
Server: unknown
ETag: "3da0f335679d71713ad5c455921870af"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 32147
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
H/1.1 200
OK 8c438aafa5b8758943ab2824e5922148_glamour_460x345.jpg
galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 5882 35 KB
36 KB 72ms
56ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f18/8c438aafa5b8758943ab2824e5922148_glamour_460x345.jpg?cno=210520

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

8a57a931af1172434734b89b5248c4b75ffb45b191bc35a48c4d4fce8a383a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 25 Oct 2020 18:23:42 GMT
Server: unknown
ETag: "2c292c1da4907535c960894b0999ead9"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 36249
Expires: Mon, 31 May 2021 11:40:30 GMT

GET
H/1.1 200
OK 14d3057cae1114e3c86fe51384b1e3cd_glamour_460x345.jpg
galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 5882 16 KB
17 KB 72ms
56ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/14d3057cae1114e3c86fe51384b1e3cd_glamour_460x345.jpg?cno=210520

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

57191425cd440e20a0686c8bb0431fd2a8f49166d702c23d3ca138fb9cbe2b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 07 Mar 2021 12:33:58 GMT
Server: unknown
ETag: "80c8f8a711996265ef4ebcc56c742c8f"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 16638
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
H/1.1 200
OK smilies_ex.png
pt-static1.ptwmstc.com/image/ Frame 5882 8 KB
9 KB 71ms
56ms Image
image/png 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt-static1.ptwmstc.com/image/smilies_ex.png
Requested by: Host: pto.awecr.com
URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:42 GMT
Last-Modified: Tue, 20 Apr 2021 07:52:16 GMT
Server: unknown
ETag: "607e8830-2155"
X-Cache-Status: R-HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 8533

GET
H/1.1 200
OK 44aec94d4cb9647bc0822f4532946ff7_glamour_896x504.jpg
galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/ Frame 5882 44 KB
44 KB 72ms
56ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/44aec94d4cb9647bc0822f4532946ff7_glamour_896x504.jpg

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

bbc088a3c54bcb65b935089b0dc9a7ff7c0827e8fd5ef89889f70f9247301aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Aug 2020 06:34:22 GMT
Server: unknown
ETag: "c2a860692514695ce40b5595c2e6551c"
X-Cache-Status: R-HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Accept-Ranges: bytes
Content-Length: 44873
Expires: Mon, 31 May 2021 11:40:30 GMT

GET
H/1.1 206
Partial Content e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882 32 KB
0 72ms
56ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Aug 2018 15:53:56 GMT
Server: unknown
Access-Control-Allow-Origin: *
ETag: "31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status: R-HIT
Content-Type: video/mp4
Content-Range: bytes 0-1976794/1976795
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Content-Length: 1976795
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
DATA 200
OK truncated
/ Frame 5882 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882 42 KB
43 KB 72ms
56ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

ebc81badad4b1218d2f9152d9494943200fdf084069af2c186d9a4904e1a2d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1933312-

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Aug 2018 15:53:56 GMT
Server: unknown
Access-Control-Allow-Origin: *
ETag: "31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status: R-HIT
Content-Type: video/mp4
Content-Range: bytes 1933312-1976794/1976795
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Content-Length: 43483
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
H/1.1 200
OK get Show response
api-protected.protoawegw.com/v2/player/performer/ Frame 5882 208 B
610 B 95ms
78ms Fetch
application/json 93.93.51.225
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&streamType=rtmp&category=transgender&performerIds[]=GODDESsSHEMALeXX
Requested by: Host: pt-static1.ptwmstc.com
URL: http://pt-static1.ptwmstc.com/cifra/script/cifrafk-v754389.js
Protocol: HTTP/1.1
Server: 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: d34c5ae84fb8a5d58b308abeb6649d31edb6844bcb23e4f73df860447b9633d0

Request headers

Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 11:33:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: unknown
Transfer-Encoding: chunked
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Real-Source: -
Connection: close
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 206
Partial Content e2af61be32a8fda01f8d180b4527daed.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/ Frame 5882 2 MB
0 72ms
53ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a12/e2af61be32a8fda01f8d180b4527daed.mp4?pstool=212_1&psid=kaboom

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pto.awecr.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

X-Cdn-Node: defra
Date: Mon, 17 May 2021 11:40:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Aug 2018 15:53:56 GMT
Server: unknown
Access-Control-Allow-Origin: *
ETag: "31408f3b1d0fc74b8726189d294678d0"
X-Cache-Status: R-HIT
Content-Type: video/mp4
Content-Range: bytes 32768-1976794/1976795
Cache-Control: max-age=1209600
X-Real-Source: -
Connection: close
Content-Length: 1944027
Expires: Mon, 31 May 2021 11:40:41 GMT

GET
DATA 200
OK truncated
/ Frame 5882 1 KB
1 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128

Request headers

Origin: http://pto.awecr.com
Referer: http://pto.awecr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
galleryn0.awemdia.com
galleryn1.awemdia.com
galleryn3.awemdia.com
pt-static1.ptwmstc.com
pt-static4.ptwmstc.com
pt.potwm.com
pto.awecr.com
www.googletagmanager.com
www.tgirl.nl
104.27.203.89
2a00:1450:4001:811::2008
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
0999d5a9cca4694d31d693f44480aef433854b8e5d287e6ddc1e23e5f2ffaf2c
14c23396c7fbba7c4ec0746c8d9b16f160f40a86efa8ec48e3a6f6fe6977ef57
2b6773c1a824be4748844e7a261124d0977f3c5e3fdbbbbcdc0b6a2684918b2d
360e46cbb924d59dfb9dfbe31e7e41b0984bf3d48f87b8b14b87fe0d249a7163
57191425cd440e20a0686c8bb0431fd2a8f49166d702c23d3ca138fb9cbe2b74
6229930fcc894e81706d8fa28c3d2b1c05e10e2a1303f4bf82252d9d4461d008
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
8a57a931af1172434734b89b5248c4b75ffb45b191bc35a48c4d4fce8a383a0c
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128
bbc088a3c54bcb65b935089b0dc9a7ff7c0827e8fd5ef89889f70f9247301aac
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d34c5ae84fb8a5d58b308abeb6649d31edb6844bcb23e4f73df860447b9633d0
dc63b4d55996f3732ecaa9d00299575fa5b892ff9668317446a5049370967491
e798709b64fe4a4cfe1087cffe2655b192d8d48b61fd8a8c0ab0b6534a43a394
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ebc81badad4b1218d2f9152d9494943200fdf084069af2c186d9a4904e1a2d0c
ee0ad53cf3bc95b421a74fc25538bf5bf4741c48a274772abd2666e47f36dad1

www.tgirl.nl Open in urlscan Pro 104.27.203.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

6 %HTTPS

17 %IPv6

7 Domains

10 Subdomains

7 IPs

3 Countries

410 kBTransfer

2613 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.tgirl.nl Open in urlscan Pro
104.27.203.89 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

6 %
HTTPS

17 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

410 kB
Transfer

2613 kB
Size

0
Cookies

18 HTTP transactions
2 data transactions