Submitted URL: https://mentek.atsumu.site/
Effective URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Submission: On August 15 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 13.32.121.113, located in United States and belongs to AMAZON-02, US. The main domain is wwc.prestigeflirt.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 29th 2024. Valid for: a year.
This is the only time wwc.prestigeflirt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.137.100 13335 (CLOUDFLAR...)
1 1 2001:df0:27b:... 58487 (CRI-AS-AP...)
1 1 52.19.138.177 16509 (AMAZON-02)
2 2 34.253.12.163 16509 (AMAZON-02)
1 1 34.248.15.65 16509 (AMAZON-02)
13 13.32.121.113 16509 (AMAZON-02)
2 52.50.160.13 16509 (AMAZON-02)
5 104.16.160.145 13335 (CLOUDFLAR...)
20 4
Apex Domain
Subdomains
Transfer
16 prestigeflirt.com
wwv.prestigeflirt.com
wwc.prestigeflirt.com
prestigeflirt.com
593 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
84 KB
2 www3secure.com
www3secure.com
1 KB
1 marrvelousgirl.net
kvjko.marrvelousgirl.net
759 B
1 ngelitboss.com
ngelitboss.com
766 B
1 atsumu.site
mentek.atsumu.site
577 B
20 6
Domain Requested by
13 wwc.prestigeflirt.com wwc.prestigeflirt.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com wwc.prestigeflirt.com
cdn.onesignal.com
2 prestigeflirt.com wwc.prestigeflirt.com
2 www3secure.com 2 redirects
1 wwv.prestigeflirt.com 1 redirects
1 kvjko.marrvelousgirl.net 1 redirects
1 ngelitboss.com 1 redirects
1 mentek.atsumu.site 1 redirects
20 9

This site contains links to these domains. Also see Links.

Domain
prestigeflirt.com
Subject Issuer Validity Valid
prestigeflirt.com
Amazon RSA 2048 M02
2024-07-29 -
2025-08-28
a year crt.sh
onesignal.com
WE1
2024-07-29 -
2024-10-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Frame ID: 1CDBD5613C8A6C15FCE17374C9334BD1
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

prestigeflirt – Jetzt sofort daten

Page URL History Show full URLs

  1. https://mentek.atsumu.site/ HTTP 301
    https://ngelitboss.com/tracking202/redirect/rtr.php?t202id=31039&c1=DEN_RYUKIE&t202kw=DEN_RYUKIE HTTP 302
    https://kvjko.marrvelousgirl.net/?utm_source=da57dc555e50572d&s1=18151&s2=2023677&s3=DEN_RYUKIE&s5=DEN_RYUKIE... HTTP 302
    https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a HTTP 302
    https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a&ckm-x=cqup8lrn0oc... HTTP 302
    https://wwv.prestigeflirt.com/lps/?lppnr=501&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=39050140400... HTTP 302
    https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

20
Requests

100 %
HTTPS

13 %
IPv6

6
Domains

9
Subdomains

4
IPs

4
Countries

676 kB
Transfer

1194 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mentek.atsumu.site/ HTTP 301
    https://ngelitboss.com/tracking202/redirect/rtr.php?t202id=31039&c1=DEN_RYUKIE&t202kw=DEN_RYUKIE HTTP 302
    https://kvjko.marrvelousgirl.net/?utm_source=da57dc555e50572d&s1=18151&s2=2023677&s3=DEN_RYUKIE&s5=DEN_RYUKIE&click_id=1648753&ban=tg&j1=1&j2=1&j5=1&j6=1 HTTP 302
    https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a HTTP 302
    https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a&ckm-x=cqup8lrn0ocsefnt8fqg HTTP 302
    https://wwv.prestigeflirt.com/lps/?lppnr=501&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1 HTTP 302
    https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.htm
wwc.prestigeflirt.com/v39001/
Redirect Chain
  • https://mentek.atsumu.site/
  • https://ngelitboss.com/tracking202/redirect/rtr.php?t202id=31039&c1=DEN_RYUKIE&t202kw=DEN_RYUKIE
  • https://kvjko.marrvelousgirl.net/?utm_source=da57dc555e50572d&s1=18151&s2=2023677&s3=DEN_RYUKIE&s5=DEN_RYUKIE&click_id=1648753&ban=tg&j1=1&j2=1&j5=1&j6=1
  • https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a
  • https://www3secure.com/?a=404&c=4436&s1=18151&s3=2023677&s4=uavdu66bd9456000a817a&ckm-x=cqup8lrn0ocsefnt8fqg
  • https://wwv.prestigeflirt.com/lps/?lppnr=501&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
  • https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
4 KB
2 KB
Document
General
Full URL
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3e4688b4b4bd6bbff37e074cba787f4947fd2a110357e969cabb0d2485b729c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
6483
content-encoding
gzip
content-type
text/html
date
Thu, 15 Aug 2024 03:50:47 GMT
etag
W/"a957ebbd97e4bbde613e0c497adcd203"
last-modified
Thu, 20 Jun 2024 07:11:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
x-amz-cf-id
9JnX7ErDsI73Z6C0e8dSwqV6ZolizZ_O7EG4J1XPcZysk1GZc3lltg==
x-amz-cf-pop
FRA60-P1
x-amz-meta-s3b-last-modified
20220202T110832Z
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

cache-control
private
content-length
262
content-type
text/html; charset=utf-8
date
Thu, 15 Aug 2024 05:38:31 GMT
location
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
x-frame-options
SAMEORIGIN
bootstrap_4.0.min.css
wwc.prestigeflirt.com/css/
141 KB
20 KB
Stylesheet
General
Full URL
https://wwc.prestigeflirt.com/css/bootstrap_4.0.min.css
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 05:39:33 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:07:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
86349
x-amz-server-side-encryption
AES256
etag
W/"5db9bf474749433451939873c137c467"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
q-Y_QvDW2va1moriE20bI07w1bt2feh8kcw5KAHkjyVqZu2MLKTpDQ==
x-amz-meta-s3b-last-modified
20180814T070342Z
layout000.css
wwc.prestigeflirt.com/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://wwc.prestigeflirt.com/css/layout000.css
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc5d4411fef1c369715bc71bd3885a68b3ea2424b343346ee6b677da9e00a449

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 00:47:08 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:09:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
17486
etag
W/"4d70bee60a7aedff72ff283d278465dc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
DIL82jb1VUuzhMHCE75epIuNi4TYoM33fMxFHQkSjYIL4tD9dFzQOQ==
x-amz-meta-s3b-last-modified
20240513T103024Z
layout000.css
wwc.prestigeflirt.com/css/s01_p39/
3 KB
1 KB
Stylesheet
General
Full URL
https://wwc.prestigeflirt.com/css/s01_p39/layout000.css
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf6d173ee58ab0e634811b969ca3b85b5c50ec507bfe31d970eda3e76ce33623

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 03:12:37 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jun 2024 10:11:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
8757
x-amz-server-side-encryption
AES256
etag
W/"d1ada475b34637c5bc8d7397d6e97d15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
LIDDaHZJtU_e8QBYqYhF6WVeSCX2DmacQ55SYmdIbHtFcWkmbsJfqw==
x-amz-meta-s3b-last-modified
20240625T105256Z
1-Step_v01.css
wwc.prestigeflirt.com/css/s01_p39/
1 KB
1 KB
Stylesheet
General
Full URL
https://wwc.prestigeflirt.com/css/s01_p39/1-Step_v01.css
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31e2aacc40ab6b804bf399a241f401e651916975d64bf6b7f7275d937d5f7d6e

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 01:33:37 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:09:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
14724
x-amz-server-side-encryption
AES256
etag
W/"6bce8829327adf0220cd98e8699e8fa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
GqIo28G8Uw-ZiyYwEC04AUVy9G448uiOsTbJUlhc32LLiYsyeHDCRg==
x-amz-meta-s3b-last-modified
20220202T110825Z
lib_v01.js
wwc.prestigeflirt.com/
126 KB
40 KB
Script
General
Full URL
https://wwc.prestigeflirt.com/lib_v01.js
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69a020a341069798b881cb32492682197e30b9b9f63f3ecf5e2d6ffacc5b678d

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 00:11:12 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19642
x-amz-server-side-encryption
AES256
etag
W/"02fd9bf25563d8fbf653b6015cd4248b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YGV-94TThccAtshfkXHCvGba8FeaBWNfmTUnC4QNKEEd0dw6Je3-pA==
x-amz-meta-s3b-last-modified
20220421T111324Z
layout_v01.js
wwc.prestigeflirt.com/
5 KB
2 KB
Script
General
Full URL
https://wwc.prestigeflirt.com/layout_v01.js
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d065192361ae3798b806825a15238b9acb92e92bcad102ad933f22e42633987e

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 03:08:08 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
9026
etag
W/"53d6c73c8c88adc3a32327d951c70991"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m0F8AVOkJg2YehXodmvHSBehe2d22RtIVuZmiaNS_NVK76AG6qpIow==
x-amz-meta-s3b-last-modified
20210226T104723Z
script_v01.js
wwc.prestigeflirt.com/
6 KB
2 KB
Script
General
Full URL
https://wwc.prestigeflirt.com/script_v01.js
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cd55eed41e7fa36600cfae59bd6b32fc47c74fdd3eba29846f9ddb9efd16153

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 03:03:30 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
9352
x-amz-server-side-encryption
AES256
etag
W/"aead8f9a8872bbcbf8bc04f2c369443c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
nAd4XXIbk0y9Tc77kdSQqAeDfitgkYMdBVW28GRSjyA8M4HM5zauSQ==
x-amz-meta-s3b-last-modified
20200110T123341Z
escape_stop_v01.js
wwc.prestigeflirt.com/js/escape_stop/
4 KB
2 KB
Script
General
Full URL
https://wwc.prestigeflirt.com/js/escape_stop/escape_stop_v01.js?escapeeffect=1
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab54937d864c602eee97d7bc06dc4d91f642bf17421bf95ee1e80c4b16b407c7

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 02:21:18 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:06:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
11836
x-amz-server-side-encryption
AES256
etag
W/"f5cc17383d5f91273e38248ca2823c62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
MiptIS7ZJXlYN6bqyUv_yhBzKqRJARBxYxvFAaD_K8C4P1cApymy6w==
x-amz-meta-s3b-last-modified
20181129T123929Z
bg.jpg
wwc.prestigeflirt.com/v39001/img/
514 KB
515 KB
Image
General
Full URL
https://wwc.prestigeflirt.com/v39001/img/bg.jpg
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b521d8bbb27f435558e7a91a7e673c5b0cba1a910a1b6d58c2724c29ea3c2de

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 08:51:26 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:11:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
74828
etag
"6a7f97a3a1c6769e88979cd44729a14a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
526645
x-amz-cf-id
Jsaik_ZC3viwwrM1NeL5lUd1YTY88FeLqmnUr-hLfyLoMK92eH-dlg==
x-amz-meta-s3b-last-modified
20240611T115128Z
S3PortalSettings.js
wwc.prestigeflirt.com/
243 B
483 B
XHR
General
Full URL
https://wwc.prestigeflirt.com/S3PortalSettings.js?_=1723700313159
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/lib_v01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea1fd0f4feef3da6f7fc1f9c676cb8d1169b2a74a736701490df56a95309bec7

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:32 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
oBuQdF-8f42dyQcGqMYBrwfeT3yD8KbLLA3ZvqTwP2iPbkg3-fPCuA==
x-cache
Error from cloudfront
content-type
application/xml
S3LandingPages_v01.js
wwc.prestigeflirt.com/
3 KB
1 KB
XHR
General
Full URL
https://wwc.prestigeflirt.com/S3LandingPages_v01.js?_=1723700313295
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/lib_v01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
602a3c1aed763b185e0446ccff6a32c8d464e5a6b2e7854376c7be3171218ad6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 03:45:57 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:05:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
6760
x-amz-server-side-encryption
AES256
etag
W/"7598dada14041048fb1d05325875be00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uaeAjvi6NVIR5_tVnyNke2SdxZvDCIQ4nrtq5X2sllT4pXOCZStjww==
x-amz-meta-s3b-last-modified
20190516T090438Z
favicon.ico
wwc.prestigeflirt.com/img/s01_p39/
1 KB
2 KB
Other
General
Full URL
https://wwc.prestigeflirt.com/img/s01_p39/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-113.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0c1d226ae3294ff526936c694e53459563077abeccf07307b2a5e84daa5e9c

Request headers

Referer
https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 03:39:14 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:09:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
7160
x-amz-server-side-encryption
AES256
etag
"75e72793bb850e6951a59a96118c9238"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
1150
x-amz-cf-id
RvxlXkDwNlZ0lhUaSioDyKzRF2nNenYmU9dEvhmFshmB-y47ghmkgA==
x-amz-meta-s3b-last-modified
20240611T101639Z
S3LandingPages.ashx
prestigeflirt.com/
525 B
1 KB
XHR
General
Full URL
https://prestigeflirt.com/S3LandingPages.ashx?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1&pageNumber=39001&inServer=false&urlReferrer=&url=https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.160.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-160-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4cc5857439500cbc699de817375fca6ab02e63965fa3a8f190b81e57dfb50fc8

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:38:33 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
525
expires
-1
S3LandingPages.ashx
prestigeflirt.com/
0
0
Preflight
General
Full URL
https://prestigeflirt.com/S3LandingPages.ashx?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1&pageNumber=39001&inServer=false&urlReferrer=&url=https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.160.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-160-13.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://wwc.prestigeflirt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
OPTIONS, TRACE, GET, HEAD, POST
content-length
0
date
Thu, 15 Aug 2024 05:38:33 GMT
public
OPTIONS, TRACE, GET, HEAD, POST
server
Microsoft-IIS/10.0
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: wwc.prestigeflirt.com
URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1527
etag
W/"09282956186c8515ef0d208902803581"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b36d6d01e393609-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 18 Aug 2024 05:38:33 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
150
etag
W/"7e91359b46e1da637080a03b759164fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b36d6d06e703609-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 18 Aug 2024 05:38:33 GMT
web
onesignal.com/api/v1/sync/caf117ed-1c8c-4be6-bfea-01dad702a583/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/caf117ed-1c8c-4be6-bfea-01dad702a583/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4e4ddade762b067a4633eb26df00f90cc2202bebe1e78575871eed439c4715
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1829
cf-polished
origSize=5010
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
25b5de08-6a44-420a-a9fb-a6eb5db3d4c6
x-runtime
0.042163
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"2e530d894b684bb1c844a1bf79f737d1"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8b36d6d16f2b3609-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 15 Aug 2024 06:38:33 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3251
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8b36d6d1efa33609-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 14 Sep 2024 05:38:33 GMT
icon
onesignal.com/api/v1/apps/caf117ed-1c8c-4be6-bfea-01dad702a583/
44 B
709 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/caf117ed-1c8c-4be6-bfea-01dad702a583/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wwc.prestigeflirt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:38:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
x-request-id
3d643c6e-0cf0-4858-a14c-8a3b5db0d336
x-runtime
0.175062
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e51140cdcd044ad76335646936ec5319"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
cf-ray
8b36d6d27edb1e5b-FRA
access-control-allow-headers
SDK-Version
truncated
/
582 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| cookieEnabled string| cookieValidationErrorText string| maxmind_geo_url string| PortalUrl string| PortalDomain number| PageNumber string| registFormId string| registButtonSelector object| ControlsArray object| ErrorsArray object| validationresult function| validateform function| callbackFunction function| getResultErrorForIndex function| getResultErrorForCtrl function| ctrlIsValide function| isVarDefined function| isFuncDefined function| showFormResult function| updateControlError function| setLPInfo function| checkIsIPV4 function| OnDocumentReady function| SetGenderValue function| SetSearchGenderValue function| SetSelectedGender function| setCityInPage function| ValidateDOB function| GetValideDate function| MinAgeIsValide function| FillYearSelect function| SetDateInPage function| ReplaceImagesInPage string| strSliderHtml string| strTimerFormat string| strPersonenFormat string| strRegistrierungenFormat function| rand function| addLeading0 function| getOpposite function| startsWith function| endsWith function| getQuerystring function| getQuerystringParam function| jsonp function| $ function| jQuery number| StepsCount boolean| changeStepClass string| submitButtonSelector string| errorMessageContainerSelector string| stepsSelector string| progressStepsSelector string| stepEmotionImage string| attributValidationCtrlID function| GetStepContainer function| GetProgressItem function| SetStepEmotionImage function| ValidateStep function| DisableSubmitOnLastStep function| CallValidateForm function| ShowStepResult function| ShowError function| HideError function| ValidateDOBStep function| IsLastStep function| ShowNextStep function| InitAdditionalStepElements function| SetBg function| GetStepClassName function| SetBodyClassName number| maxTime function| ToggleClass function| SetTimer function| SetTimer_OneStep function| SetTimer_BackIconBox function| ChangeBodyClass function| imgchanger function| changeImages function| changeBack function| replaceImage function| UnbindBeforeUnloadWnd object| scripts object| myScript string| queryString object| params function| parseQuery function| getScriptParam function| getUrlVars object| alert_strings string| escape_message object| jQuery181030705154711798266 function| S3LandingPages function| ChangeHrefs function| CallLandingHandler function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

18 Cookies

Domain/Path Name / Value
.ngelitboss.com/ Name: tracking202subid-legacy
Value: 1648753
.ngelitboss.com/ Name: tracking202subid_a_3-legacy
Value: 1648753
.ngelitboss.com/ Name: tracking202subid
Value: 1648753
.ngelitboss.com/ Name: tracking202subid_a_3
Value: 1648753
kvjko.marrvelousgirl.net/ Name: unique_id
Value: 66bcc51e00076c88
kvjko.marrvelousgirl.net/ Name: unique_id2
Value: 66bd76cb0008bfe3
kvjko.marrvelousgirl.net/ Name: 66bd76cb0008bfe3_c
Value: 1
kvjko.marrvelousgirl.net/ Name: ref_token
Value: 173742_36967_14288_215584_157291_205178_59569_18151
kvjko.marrvelousgirl.net/ Name: tid
Value: uavdu66bd9456000a817a
.www3secure.com/ Name: trk
Value: nUhW7J4BZOJwJhyEFi+RKIPpt5SX0jrLTjqhcvigldVJzJ+fKHeWKJcfrNepYokygsCfjixP8lk=
.www3secure.com/ Name: sid
Value: nUhW7J4BZOJwJhyEFi+RKGe6/A9jdXLKTjqhcvigldV1os7gx2V4OZcfrNepYokyFyJObbNJ9rg=
.www3secure.com/ Name: c209
Value: nUhW7J4BZOJwJhyEFi+RKFkKFFhH+6oVZX6bBFx6aDrXDA9D5ehrHdY/NO7rcAyrOhY2VLMElFUR9D4BUoq8tOjGjTtYZacs
wwv.prestigeflirt.com/ Name: AWSALBTG
Value: JwQSRfOuIXeY8csis5rGrIBA91HhpYxuIEHbkkX3+jfX+OMjWJnO24W9v63By7ek8Q35RYJPA022QiCFVWvH4mnE/qZBhHn6Du5FlzWXg34/im2RY4GmOAQTAWDWcv66+w4TDAmUZMrxakrkSVcfzS2N7eYhVYZpATcNS6rWPEgbKgqV2v4=
wwv.prestigeflirt.com/ Name: AWSALBTGCORS
Value: JwQSRfOuIXeY8csis5rGrIBA91HhpYxuIEHbkkX3+jfX+OMjWJnO24W9v63By7ek8Q35RYJPA022QiCFVWvH4mnE/qZBhHn6Du5FlzWXg34/im2RY4GmOAQTAWDWcv66+w4TDAmUZMrxakrkSVcfzS2N7eYhVYZpATcNS6rWPEgbKgqV2v4=
wwv.prestigeflirt.com/ Name: AWSALB
Value: uiAsDYU8gC2hG9pOVvv05UGsHTl1DKLDgtpvB0K1p/OBe0RC/P6jC9Y6Hu1dMu27umNUVYvJZCerW/DPZN2HQpVI8rcN9d5ZhkhhQ7zk1kXQhnu/gDVhgIFrBD9+
wwv.prestigeflirt.com/ Name: AWSALBCORS
Value: uiAsDYU8gC2hG9pOVvv05UGsHTl1DKLDgtpvB0K1p/OBe0RC/P6jC9Y6Hu1dMu27umNUVYvJZCerW/DPZN2HQpVI8rcN9d5ZhkhhQ7zk1kXQhnu/gDVhgIFrBD9+
.prestigeflirt.com/ Name: LPCallUrl
Value: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
.onesignal.com/ Name: __cf_bm
Value: 0Xh6n.3jCY8pG1s_ebnSxVDBbwn4DW18M1MQTixcZiQ-1723700313-1.0.1.1-ODMPYhv4mBZNhqkRzsPJyPV8j5ojtWH6l4emD.Sc6epSDsFBseQ8WcRAAzTWwWRsG.5H.gYwwKjYvJFGaRS6zw

2 Console Messages

Source Level URL
Text
network error URL: https://wwc.prestigeflirt.com/lib_v01.js(Line 381)
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://wwc.prestigeflirt.com/v39001/index.htm?lpdev=0&cidnr=ck211206v01x&r=3-cqup8lqna3ose9gt56rg&pctnr=390501404000118151&sid=1
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
kvjko.marrvelousgirl.net
mentek.atsumu.site
ngelitboss.com
onesignal.com
prestigeflirt.com
wwc.prestigeflirt.com
wwv.prestigeflirt.com
www3secure.com
104.16.160.145
13.32.121.113
172.67.137.100
2001:df0:27b:2::4:4116
34.248.15.65
34.253.12.163
52.19.138.177
52.50.160.13
2d0c1d226ae3294ff526936c694e53459563077abeccf07307b2a5e84daa5e9c
31e2aacc40ab6b804bf399a241f401e651916975d64bf6b7f7275d937d5f7d6e
4cc5857439500cbc699de817375fca6ab02e63965fa3a8f190b81e57dfb50fc8
602a3c1aed763b185e0446ccff6a32c8d464e5a6b2e7854376c7be3171218ad6
69a020a341069798b881cb32492682197e30b9b9f63f3ecf5e2d6ffacc5b678d
6cd55eed41e7fa36600cfae59bd6b32fc47c74fdd3eba29846f9ddb9efd16153
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
9b521d8bbb27f435558e7a91a7e673c5b0cba1a910a1b6d58c2724c29ea3c2de
ab54937d864c602eee97d7bc06dc4d91f642bf17421bf95ee1e80c4b16b407c7
af4e4ddade762b067a4633eb26df00f90cc2202bebe1e78575871eed439c4715
bf6d173ee58ab0e634811b969ca3b85b5c50ec507bfe31d970eda3e76ce33623
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
d065192361ae3798b806825a15238b9acb92e92bcad102ad933f22e42633987e
d3e4688b4b4bd6bbff37e074cba787f4947fd2a110357e969cabb0d2485b729c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
ea1fd0f4feef3da6f7fc1f9c676cb8d1169b2a74a736701490df56a95309bec7
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5
fc5d4411fef1c369715bc71bd3885a68b3ea2424b343346ee6b677da9e00a449