www.tgirl.nl Open in urlscan Pro
104.27.203.89  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request Cookie set / Show response www.tgirl.nl/	2 KB 2 KB	121ms 78ms	Document text/html	104.27.203.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.tgirl.nl/ Protocol HTTP/1.1 Server 104.27.203.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 139fa17b2800b0e030d9511c8231bb5c6ccbbcd83d91b1fc07c746c657ce332f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host www.tgirl.nl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Frame-Options SAMEORIGIN Cache-Control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires Thu, 01 Jan 1970 00:00:01 GMT Set-Cookie __cfduid=d49a0e057ed831ec8c0fdd96b51d5ba6a1618833505; expires=Wed, 19-May-21 11:58:25 GMT; path=/; domain=.tgirl.nl; HttpOnly; SameSite=Lax cf-request-id 098b9812ec00004ebc1da27000000001 Report-To {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5PugZy5otahcbsB%2FbxMGk30UZ2dpq5A7g8KSc07IkciDqMfbDGFv0y6Hfug87qJm93pM48%2FHVb6p%2BGmKo%2F%2BJS3ZqdCAaLcv9FdQhLmo%3D"}],"group":"cf-nel"} NEL {"max_age":604800,"report_to":"cf-nel"} Vary Accept-Encoding Server cloudflare CF-RAY 6425f5fe4c924ebc-FRA Content-Encoding gzip
GET H/1.1	200 OK	index.php Show response pto.awecr.com/custom_iframe/ Frame 74DA	13 KB 4 KB	148ms 107ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Requested by Host: www.tgirl.nl URL: http://www.tgirl.nl/ Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 510d9c26eb9be1601193624306246f189cb00e6837a37089796c05da21dd4831 Request headers Host pto.awecr.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.tgirl.nl/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.tgirl.nl/ Response headers Server unknown Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Vary Accept-Encoding Cache-Control no-cache Date Mon, 19 Apr 2021 11:58:25 GMT X-Real-Source - Content-Encoding gzip
GET H/1.1	200 OK	advertisement-v964543.js Show response pt-static4.ptwmstc.com/_common/script/adblock/ Frame 74DA	21 B 315 B	100ms 67ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static4.ptwmstc.com/_common/script/adblock/advertisement-v964543.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Last-Modified Fri, 09 Apr 2021 10:11:28 GMT Server unknown ETag "60702850-15" X-Cache-Status R-HIT Content-Type application/javascript Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 21
GET H/1.1	200 OK	cifra-v964543.css pt-static4.ptwmstc.com/cifra/styles/ Frame 74DA	13 KB 3 KB	100ms 68ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static4.ptwmstc.com/cifra/styles/cifra-v964543.css Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3f4e09eb13d6ca0379203bf05cd5278719b96b8c72129361570eaa836cad6305 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Content-Encoding gzip Last-Modified Fri, 09 Apr 2021 10:11:28 GMT Server unknown ETag W/"60702850-332f" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	cifra-v964543.js Show response pt-static3.ptwmstc.com/cifra/script/ Frame 74DA	528 KB 183 KB	101ms 69ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://pt-static3.ptwmstc.com/cifra/script/cifra-v964543.js Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 25fade31a67e78a8c55ca9a3de75bf86407ef1e43c107bff0acaf4ca2399c3e5 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Content-Encoding gzip Last-Modified Fri, 09 Apr 2021 10:11:28 GMT Server unknown ETag W/"60702850-83e17" X-Cache-Status R-HIT Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	68n.gif pt.potwm.com/ftHly/ Frame 74DA	43 B 309 B	108ms 75ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt.potwm.com/ftHly/68n.gif?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&categoryName=transgender&cobrandId=214610&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server unknown Content-Type image/gif Cache-Control no-cache X-Real-Source - Connection close Content-Length 43 Expires Mon, 19 Apr 2021 11:58:24 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 74DA	102 KB 35 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3cb5e5b297edc84596793cc0478080bd1b344acdcfd1f2d586d975654021aa91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:58:25 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35553 x-xss-protection 0 last-modified Mon, 19 Apr 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 19 Apr 2021 11:58:25 GMT
GET H/1.1	200 OK	97ba28c3d64c541f5e41aa6e3364ccca_glamour_460x345.jpg galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/ Frame 74DA	21 KB 22 KB	101ms 68ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/97ba28c3d64c541f5e41aa6e3364ccca_glamour_460x345.jpg?cno=210416 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash f1420310c2f1d544b88a37c687958439fe0bd7a38331ac29cb3b32974dc9be9a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:04:56 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Feb 2021 12:38:04 GMT Server unknown ETag "f5e541bc477a7d0c0c7ef93510e11105" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 21823 Expires Mon, 03 May 2021 12:04:56 GMT
GET H/1.1	200 OK	dbe11123ed6976e9f5ce2705976ccab1_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame 74DA	14 KB 14 KB	101ms 68ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/dbe11123ed6976e9f5ce2705976ccab1_glamour_460x345.jpg?cno=210416 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash bb4fa3831e96ad8fe79b08cfef3ad283fb52e8a2333fc46fc58600bbc45a2249 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:04:56 GMT X-Content-Type-Options nosniff Last-Modified Wed, 14 Apr 2021 18:54:45 GMT Server unknown ETag "993d5788635a171b43dab544f2a97689" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 14040 Expires Mon, 03 May 2021 12:04:56 GMT
GET H/1.1	200 OK	23cc4da097073ac4ec658abfbfd6482d_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/ Frame 74DA	21 KB 21 KB	113ms 80ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/23cc4da097073ac4ec658abfbfd6482d_glamour_460x345.jpg?cno=210416 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7220b55ffad2dd879c768b0ca272666f1b0823841e6646057e52ce8fb7abedd6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:03:56 GMT X-Content-Type-Options nosniff Last-Modified Fri, 29 Jan 2021 17:25:36 GMT Server unknown ETag "95de36b69fe6b5e5bd541ee79c95bf5a" X-Cache-Status R-MISS Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 21176 Expires Mon, 03 May 2021 12:03:56 GMT
GET H/1.1	200 OK	c982fc7d04888e519ccb47b176c99d72_glamour_460x345.jpg galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame 74DA	27 KB 28 KB	108ms 75ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn2.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/c982fc7d04888e519ccb47b176c99d72_glamour_460x345.jpg?cno=210416 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1c84741e8f8a338186c9469b86e4d4b9c1f39ff73082c2b27eba9e87afa8ceb2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:04:56 GMT X-Content-Type-Options nosniff Last-Modified Wed, 17 Feb 2021 18:01:09 GMT Server unknown ETag "85eeca07a8fa612d93f3c2b5d52c8b41" X-Cache-Status R-MISS Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 27971 Expires Mon, 03 May 2021 12:04:56 GMT
GET H/1.1	200 OK	bd52d36229f7988453db67da176700fc_glamour_460x345.jpg galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 74DA	16 KB 16 KB	100ms 68ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/bd52d36229f7988453db67da176700fc_glamour_460x345.jpg?cno=210416 Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash f66f163f7c87ba8c11f97caf138602825ed8adef4eb389dfbdbf9f23dd85eaea Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:03:56 GMT X-Content-Type-Options nosniff Last-Modified Tue, 13 Apr 2021 10:28:04 GMT Server unknown ETag "d5641e92561f62d1b0e502c7c32b5dcb" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 15949 Expires Mon, 03 May 2021 12:03:56 GMT
GET H/1.1	200 OK	get Show response api-protected.protoawegw.com/v2/player/performer/ Frame 74DA	261 B 647 B	141ms 108ms	Fetch application/json	93.93.51.225 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&streamType=rtmp&category=transgender&performerIds[]=StarFuckerTS Requested by Host: pt-static3.ptwmstc.com URL: http://pt-static3.ptwmstc.com/cifra/script/cifra-v964543.js Protocol HTTP/1.1 Server 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 5c9e805bc3ee539bdafa72d3b129bd4e938bc90579b3cb7e63cbf205b669a3cf Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Content-Encoding gzip Vary Accept-Encoding Server unknown Transfer-Encoding chunked Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE, PATCH Content-Type application/json Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Real-Source - Connection close Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	smilies_ex.png pt-static1.ptwmstc.com/image/ Frame 74DA	8 KB 9 KB	100ms 67ms	Image image/png	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://pt-static1.ptwmstc.com/image/smilies_ex.png Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 19 Apr 2021 11:58:25 GMT Last-Modified Tue, 23 Feb 2021 11:08:55 GMT Server unknown ETag "6034e247-2155" X-Cache-Status R-HIT Content-Type image/png Access-Control-Allow-Origin * Connection close Accept-Ranges bytes Content-Length 8533
GET DATA	200 OK	truncated / Frame 74DA	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2 Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	97ba28c3d64c541f5e41aa6e3364ccca_glamour_896x504.jpg galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/ Frame 74DA	55 KB 55 KB	99ms 67ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/97ba28c3d64c541f5e41aa6e3364ccca_glamour_896x504.jpg Requested by Host: pto.awecr.com URL: http://pto.awecr.com/custom_iframe/index.php?psid=kaboom&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=214610&campaign_id=&category=transgender&row=1&column=5&background=577FBD&fill=0&border=0&model=inside&modelColor=0&modelFill=0&wide=0&padding=5px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID} Protocol HTTP/1.1 Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 8f080c26a4367fa9d7231efb6ae976ba35edea5cc7226f10e9dbee12576ed441 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Cdn-Node defra Date Mon, 19 Apr 2021 12:04:57 GMT X-Content-Type-Options nosniff Last-Modified Thu, 18 Feb 2021 12:38:03 GMT Server unknown ETag "7f93eabfd7528c055dcdaa98c0ee9b2c" X-Cache-Status R-HIT Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1209600 X-Real-Source - Connection close Accept-Ranges bytes Content-Length 55929 Expires Mon, 03 May 2021 12:04:57 GMT
GET DATA	200 OK	truncated / Frame 74DA	1 KB 1 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128 Request headers Origin http://pto.awecr.com Referer http://pto.awecr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type font/woff

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tgirl.nl/	1970-01-19 18:23:45	Name: __cfduid Value: d49a0e057ed831ec8c0fdd96b51d5ba6a1618833505

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: http://pt-static3.ptwmstc.com/cifra/script/cifra-v964543.js(Line 21) Message: NanoCore api version: 4.0.6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
galleryn0.awemdia.com
galleryn1.awemdia.com
galleryn2.awemdia.com
pt-static1.ptwmstc.com
pt-static3.ptwmstc.com
pt-static4.ptwmstc.com
pt.potwm.com
pto.awecr.com
www.googletagmanager.com
www.tgirl.nl
104.27.203.89
2a00:1450:4001:801::2008
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
139fa17b2800b0e030d9511c8231bb5c6ccbbcd83d91b1fc07c746c657ce332f
1c84741e8f8a338186c9469b86e4d4b9c1f39ff73082c2b27eba9e87afa8ceb2
25fade31a67e78a8c55ca9a3de75bf86407ef1e43c107bff0acaf4ca2399c3e5
3cb5e5b297edc84596793cc0478080bd1b344acdcfd1f2d586d975654021aa91
3f4e09eb13d6ca0379203bf05cd5278719b96b8c72129361570eaa836cad6305
510d9c26eb9be1601193624306246f189cb00e6837a37089796c05da21dd4831
5c9e805bc3ee539bdafa72d3b129bd4e938bc90579b3cb7e63cbf205b669a3cf
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
7220b55ffad2dd879c768b0ca272666f1b0823841e6646057e52ce8fb7abedd6
8f080c26a4367fa9d7231efb6ae976ba35edea5cc7226f10e9dbee12576ed441
9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128
bb4fa3831e96ad8fe79b08cfef3ad283fb52e8a2333fc46fc58600bbc45a2249
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
f1420310c2f1d544b88a37c687958439fe0bd7a38331ac29cb3b32974dc9be9a
f66f163f7c87ba8c11f97caf138602825ed8adef4eb389dfbdbf9f23dd85eaea