Report - 918kiss.pro/

Report Overview

Visited public
2023-12-04 22:20:28
Tags
URL
918kiss.pro/
Finishing URL
918kiss.pro/
IP / ASN
104.26.5.110
#13335 CLOUDFLARENET
Title
ดาวน์โหลด 918kiss APK 2023 ⚡ สัมผัสเกมคาสิโนออนไลน์ที่ดีที่สุด

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eechicha.com	unknown	2022-04-19	2022-04-19 12:44:47	2023-11-30 15:36:16	1.4 kB	103 kB	139.45.197.250
potsaglu.net	unknown	2023-01-20	2023-01-20 10:47:03	2023-12-03 12:26:03	406 B	73 kB	139.45.197.245
dibsemey.com	146908	2021-04-03	2021-04-07 12:17:31	2023-12-04 01:31:04	3.9 kB	98 kB	139.45.197.250
ajax.cloudflare.com	4873	2009-02-17	2012-05-23 14:49:48	2023-12-04 07:45:53	465 B	5.2 kB	104.17.72.14
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-04 07:58:24	889 B	167 kB	142.250.74.168
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-04 08:46:32	900 B	62 kB	151.101.130.137
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-04 05:04:00	467 B	740 B	139.45.195.8
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-03 13:54:41	2.0 kB	1.9 kB	139.45.197.250
918kiss.pro	unknown	2023-01-19	2018-08-24 04:01:25	2023-10-15 21:37:26	9.8 kB	530 kB	104.26.5.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	amunfezanttor.com	Sinkholed
2023-12-04	medium	amunfezanttor.com	Sinkholed
2023-12-04	medium	amunfezanttor.com	Sinkholed
2023-12-04	medium	amunfezanttor.com	Sinkholed
2023-12-04	medium	potsaglu.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-11
Pretty URL ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.17.72.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 06:56 Times Seen31294 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	EventHandler	60 B	2023-04-17	2024-08-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 10:47 Last Seen2024-08-29 17:45 Times Seen11 Hash 43f3030ccf9e203837af3ec07bd65374 bdc1cd6cff20ffeffa5a3d85bfc59936c8f4048a 9215c56941aed774fc78ad631d414be9b5a8ef3ea001732ea166d98d9987e6f6 Loading...

	unknown	EventHandler	10 B	2023-04-17	2024-08-21
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 10:47 Last Seen2024-08-21 04:32 Times Seen9 Hash db31199d71b4b764a10d03a46933572c f2e3e9dd5395ebcd3cc2aae091e3e2feab66548b 09ab058ca8b56427b276714834b6e6ad4172a7c3284cd5b417803ee337a885a4 Loading...

	unknown	ScriptElement	686 B	2023-04-17	2024-08-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 10:47 Last Seen2024-08-29 17:45 Times Seen10 Hash 2cdda21fef8f349474c15012b1196de3 6a6ce871add5d074bfcf59e818426ce94f7c11bc a479df3894ac40a52fb8b32aeba1238bb29edcf17f43dcfb33e94c9b29641218 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 07:25 Times Seen341047 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	918kiss.pro/	ScriptElement	341 B	2023-04-17	2024-08-29
Pretty URL 918kiss.pro/ IP 104.26.5.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-17 10:47 Last Seen2024-08-29 17:45 Times Seen9 Hash c42ea25d84ed08e5518b7119867d32ef 4732457f7fb072c92e8856357fa3e4a42547777c b0d8c9eed260a6f9e50ba3064528249ce3e0fb0a91a5c8a2fbb6d662447d29e5 Loading...

	918kiss.pro/	ScriptElement	60 kB	2023-04-17	2024-08-21
Pretty URL 918kiss.pro/ IP 104.26.5.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-17 10:47 Last Seen2024-08-21 04:32 Times Seen9 Hash e7a3dba66e0c9765b1ace64045682920 632ca86520bfa31fa248b24276c474dfc86236b9 6bb70a04d1f7daac1eaa63a82f4d513dc596657f78b02f127d4caf7d01da72e2 Loading...

	eechicha.com/ntfc.php?p=4356595	ScriptElement	13 kB	2023-11-02	2024-08-20
Pretty URL eechicha.com/ntfc.php?p=4356595 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 14:19 Last Seen2024-08-20 21:22 Times Seen285 Hash c89bdeac9fc7159eeab98d113c78dbc3 b905be32d5611608db4dec46b433a83eccd58d49 43620d4167eed0aae2c452914018932e583aef5579f88ce738766f5cbfd5cb7f Loading...

	918kiss.pro/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL 918kiss.pro/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 07:25 Times Seen341849 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	918kiss.pro/	ScriptElement	63 kB	2023-04-17	2024-08-21
Pretty URL 918kiss.pro/ IP 104.26.5.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-17 10:47 Last Seen2024-08-21 04:32 Times Seen9 Hash caa98464e467323c360246735c14cac8 932ccef17aed272014bfc3816f500ae864dd201c 3e5c0230e2632fabf028b37317e4aac522adeb669625fb829adc04b8bca6db1a Loading...

	unknown	ScriptElement	88 kB	2023-11-02	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2914 Hash d46d2997ab218d1dba1ab614422ed53f 3f1f6b9847c8ad209835db366c62fcb209b83a67 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Loading...

	www.googletagmanager.com/gtag/js?id=G-PSNNNBEVZ7&l=dataLayer&cx=c	ScriptElement	274 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-PSNNNBEVZ7&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 23:20 Last Seen2023-12-04 23:20 Times Seen1 Hash a4da7ae50dbedbe6667228f58d3ff404 27a94e137fb1ffabb6ebc757ba0056b30154aae1 10a7cf8e174e1f83ef4f805eb6b7bcf6477a0ce1da6fdb26b77e4fc71497bbb5 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TVSW69N	ScriptElement	211 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TVSW69N IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 23:20 Last Seen2023-12-04 23:20 Times Seen1 Hash 18ce09af7d377507c9c1a3d14b28b411 79633c6df09f1f56e810924f6fb430e3650f8f3d 81b7b6579965dc8d43f3b0c20e9e794703b502e4bd561dffcac361e93b36932c Loading...

	code.jquery.com/jquery-3.4.1.min.js	ScriptElement	88 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 06:17 Times Seen68220 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	potsaglu.net/5/5730098	ScriptElement	72 kB	2023-12-04	2023-12-04
Pretty URL potsaglu.net/5/5730098 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 23:20 Last Seen2023-12-04 23:20 Times Seen1 Hash b99716799165ab7bb50c6b883743f1f4 cb7a5e033d7aff9c52707570136fcccebd830e1b 4994ed8b3f86daa30a88c14aaa71247b2bfc3607b5b97b3c5700651055170968 Loading...

	unknown	EventHandler	11 B	2023-04-17	2024-08-21
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 10:47 Last Seen2024-08-21 04:32 Times Seen9 Hash 47f69431b3528fd732648cf93c1930fe dd5d30a22a42be1f98a8f5fa6aa5d2c22ce62a96 5a361680f75f8331afc772fe5995fa7b5632a034edd4bd964f14bad2f7d76c96 Loading...

HTTP Transactions (43)

URL IP Response Size

918kiss.pro/res/img/918kiss/918kiss.png

104.26.5.110

200 OK

35 kB

URL GET HTTP/2
918kiss.pro/res/img/918kiss/918kiss.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 500 x 300, 8-bit colormap, non-interlaced\012- data
Size
35 kB (34622 bytes)
Hash
df56a5bb193a62d2e479ba730b84de4a
def47105194722b2c16c88d85fae3622ca7ce520
5876b16eb6351c45fcb0159c1eee66e0702dc4690c5380528b8ba5ca7374c9e1

HTTP Headers

GET /res/img/918kiss/918kiss.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/png
content-length: 34622
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs9cwKGTZrvxwdXRvdqI2vuNHFdMRurNIglIIlHdQQvZggVh5hAG4GfCwgYffSllsmzmVSc8ISPffKHH696XnxNTQfLpF7VLpToa04eVXQCZNBzsZdOGpp4LWJJ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63bd7d56ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/res/img/android.png

104.26.5.110

200 OK

2.2 kB

URL GET HTTP/2
918kiss.pro/res/img/android.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 480 x 480, 4-bit colormap, non-interlaced\012- data
Size
2.2 kB (2158 bytes)
Hash
16f3fe99c4d8e955e4590301cd67b21f
a6fabcdc1c4520bece45c027a169580863115916
8aaf285c88f0c6db840836825002b2950f56a0e0cf07dc1dd5a809b7bec3924c

HTTP Headers

GET /res/img/android.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/png
content-length: 2158
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:19 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17vNwHlsudhDBjOi1Yjszx%2BNOMHu4y3hjOmWfI%2BtOwl66hIelniNBmHh2w8ygRYLNxm5iSSHOZqaPEbJznMlAbcKdSmQ%2Fg8ue7Wi1EOYBZZDePQ8cs4Py%2Bl7B81I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63bd7f56ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/res/img/youtube.png

104.26.5.110

200 OK

4.9 kB

URL GET HTTP/2
918kiss.pro/res/img/youtube.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Size
4.9 kB (4902 bytes)
Hash
ef0528f6c4b96b45e73e912069ea1c04
f28c2a8abe477c8a549ca927e5117a07b33cc1c7
fefec5588d85915dc63c434134d20ca689b8c6c672557c68ebcc53db8e2587a6

HTTP Headers

GET /res/img/youtube.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/png
content-length: 4902
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlTO4avc5kJVpZomQuNpxSeFrdWyT6lZ247H2769cSd8byoS9NGBsNQMAG8p5XytC%2BrAHW9xhWRW6YPSbY1q5xUyXsN78sqy7SOlQamhdR2Kg06JEx362PuH9hxH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63bd7956ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/res/img/apple.png

104.26.5.110

200 OK

3.4 kB

URL GET HTTP/2
918kiss.pro/res/img/apple.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3377 bytes)
Hash
1790c5c347eed65c569d9489b894f004
66866cf6cab52977b8d16ec80e14b96174cdbab7
a6a539aefe2f9964cfadc6e3e2cf192703d3a033e78c4a39be79f95c6d57ad43

HTTP Headers

GET /res/img/apple.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/png
content-length: 3377
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:20 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGlH0jy2JumiYMBgAvKdrY9mFMf3xF2hH8ELNCdZSAsk05mJRKLZ8wmm0aeqKEAxWro8oaM%2B4X9p0MbJspeiM4QL4BRdSlJoB1S%2BaQQcRORImpoPqZ6hpyEONYxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8056ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/bk8.webp

104.26.5.110

200 OK

5.8 kB

URL GET HTTP/2
918kiss.pro/images/advs/bk8.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.8 kB (5814 bytes)
Hash
9418c3d631e136d0512e076467487d11
cc2e7bcc5e27cd9ae229d3de219c0b87bd2d75c7
f36514f7afe0600203983c938f2b34a7797a617d6a6ec2c1877406d2b405fd7e

HTTP Headers

GET /images/advs/bk8.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 5814
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NUiY906WISvDDutX7JnhHJ5kmbWbntvv06X4KcozbFGVjXPBr5tpSSsBJdg7GP8ghEx2zgg%2Bo9GB6%2BxvnAaMYjPpys65I7WlNITpdZEByjKDDBqZoD9mrahwrwH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8656ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/th/%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%A3%E0%B8%B5.jpeg

104.26.5.110

200 OK

175 kB

URL GET HTTP/2
918kiss.pro/images/advs/th/%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%A3%E0%B8%B5.jpeg
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1040x1040, components 3\012- data
Size
175 kB (174596 bytes)
Hash
7051371f9ba2097bf8edcb1294922de1
9d7b412cb477f7d85d0787cf9333f065ec4e1d52
42cd076f966a58afb42a8550d35abff10f4848a32f832261cf797e38f9c50308

HTTP Headers

GET /images/advs/th/%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%A3%E0%B8%B5.jpeg HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/jpeg
content-length: 174596
cf-bgj: h2pri
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:55:29 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sGPOhOE317N6wx%2FI9p51EPq3WGNI7%2F144PUzGlayPLtquD3e5jcQsIokOvn%2F5E2RCNyeeOUo2Nbdh6LXAOS%2F0tYvkq1XuoPS4wO60Go6vK9AuArD4ntQaqPQj08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8156ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/bk8-%E0%B8%9E%E0%B8%B1%E0%B8%99%E0%B8%98%E0%B8%A1%E0%B8%B4%E0%B8%95%E0%B8%A3.jpg

104.26.5.110

200 OK

27 kB

URL GET HTTP/2
918kiss.pro/images/advs/bk8-%E0%B8%9E%E0%B8%B1%E0%B8%99%E0%B8%98%E0%B8%A1%E0%B8%B4%E0%B8%95%E0%B8%A3.jpg
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Size
27 kB (26606 bytes)
Hash
8d5e822dc32bdaacbf7c346242c412c9
657362c972728957907ec5c1799462f670908240
9a901c4856ea2682aa6b1002ba7de4732e3f1ada7c443a55beca7ba44fe80284

HTTP Headers

GET /images/advs/bk8-%E0%B8%9E%E0%B8%B1%E0%B8%99%E0%B8%98%E0%B8%A1%E0%B8%B4%E0%B8%95%E0%B8%A3.jpg HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/jpeg
content-length: 26606
cf-bgj: h2pri
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BFABspkhLCD911ZqmL3KMSykTF90rLLUOoCQvC4ul2XFRh5JBU0nUyhPxGzt4ZcJW6ULTlBadPgoL7tD8%2FzSZ2XzcMuiD5%2B6akNx8wSuh74yeR3n8P5t7JuUCX%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8256ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/th/918kiss20190702070037.jpg

104.26.5.110

200 OK

150 kB

URL GET HTTP/2
918kiss.pro/images/advs/th/918kiss20190702070037.jpg
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1040x1040, components 3\012- data
Size
150 kB (150154 bytes)
Hash
bc584ce15ab2f5f33253cb6d6ea4f0ea
60913a087bd275e52b2143873abb311ee45fa9e9
fc148c0462aab53c263cec548a47497bc6a0f3b54e1e2080e40ec250367e3ab6

HTTP Headers

GET /images/advs/th/918kiss20190702070037.jpg HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/jpeg
content-length: 150154
cf-bgj: h2pri
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:55:22 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37Oy6ymcmi7h1hktPZ0MnkSQEs4a5sOmvbevMbnjSzOO48OHegysR5OY69VI%2FssFTvlLHtDp0KTn%2FxStVFQ5hGTT2lCUsebwDaZA4LZ53s9KI1PddXY3krgDpntW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8356ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/icon_star_40.webp

104.26.5.110

200 OK

454 B

URL GET HTTP/2
918kiss.pro/images/advs/icon_star_40.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
454 B (454 bytes)
Hash
01d7f1ca34881d325e61d8708a864401
83bb6297a6966c370d4a6ff9c95c9fff64f49532
2f518f8a61b0c0d87d17c4816db2a0ce4ea399068fb0ecfebb22de367b1ddba7

HTTP Headers

GET /images/advs/icon_star_40.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 454
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTBYrqJFAFx0oPVeyUyTZjRjV0Rc8W9De3ZN1OiUJImVjY8f857Hcx5zCPrm45tMLxaSwdeT6w5NPJu%2BPo0YqpF4SSqBQnKrBGdoTZi59nYzjlBm1YCveEPBE03y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8756ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/thailand.webp

104.26.5.110

200 OK

206 B

URL GET HTTP/2
918kiss.pro/images/advs/thailand.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 68x45, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
206 B (206 bytes)
Hash
4012ebe6943a37d298b12323cb178b86
f5da56c98a619fa8cc4ba8e3367ed9fb55d3505c
6a21331c0da617bea18d78bc88729f30c30b1bb25a7393455d21737b5a3fdca8

HTTP Headers

GET /images/advs/thailand.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 206
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ytx8QUzzPjOy0DGabyvf7QhDewdJsqK8TmoRvwwRFDc%2FFCr5yNJarJfXQHSry9%2BCrQ%2F8k1d9%2FhOTZa2ZH2of9PzbK%2BiVQQjOykCMRWQ%2BN90xmKnkWHqtjC%2BJ5QUu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8956ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/icon_checked_52.webp

104.26.5.110

200 OK

964 B

URL GET HTTP/2
918kiss.pro/images/advs/icon_checked_52.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
964 B (964 bytes)
Hash
332b8018fbb7308f565809df5de429cc
f560b2ef7c7ff97f53eacec59449bb67ab166e4c
fb8fe8077b280f4c237fe53f112af0f07a6715bcc4f5db29704621998edcdb78

HTTP Headers

GET /images/advs/icon_checked_52.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 964
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EsmuuRLXvdGR112uAlRdE9Dzj3rXR9BSFvCpmVLjMLxJJdBsq2DEIdc2MV45uKlAlzW65ypEVKnaNRNEQnfRydHt%2F1z3pFbFoxmo73aJM39RjSEKYjXZBGNEQXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8a56ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/uea8.webp

104.26.5.110

200 OK

2.6 kB

URL GET HTTP/2
918kiss.pro/images/advs/uea8.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 280x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.6 kB (2560 bytes)
Hash
20fe53da8047060fd214c6f71c346f62
ea03c46417039ff349083c1fedc0f89754180646
69a0883fee592a5b967a214b907ef971089212d95b1397ef8c94d0ac107a491e

HTTP Headers

GET /images/advs/uea8.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 2560
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJMRMSHSh1CvDGL7gxdUBIGEga9RHOu3gQm0%2BjHCeY5SM92BfXaB09xoVPmn2BC7jp0vh1bU9V9MLI8HGOzm4LaUDLW2jOHUeaTdWMN38FJoAqsD66pFd%2FJLFcqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63cd8c56ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/nova88.webp

104.26.5.110

200 OK

11 kB

URL GET HTTP/2
918kiss.pro/images/advs/nova88.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (11176 bytes)
Hash
16068233f85a6dd080e09e8b98ba553b
e85853300558e23e2e1ee60e61b5c5daffb2665c
ef40507ba963d213f551a4eef3538d48f517f969d2e54c11470c05c7b5265ced

HTTP Headers

GET /images/advs/nova88.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 11176
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8MSlThuC7U2y1q4D80ooH%2FFOyu7%2BgAW1%2FOUX5TiF0WNpkAdiMsnSXF4mBPVniS762Oc5fOLkUOjXq1%2FOW0eBVnZegdlqF%2B0%2Bt9xtS6qGTCxiWJ%2FtfgK1v4155Xa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63dd8e56ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/images/advs/advertise-on-us-th.webp

104.26.5.110

200 OK

662 B

URL GET HTTP/2
918kiss.pro/images/advs/advertise-on-us-th.webp
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
662 B (662 bytes)
Hash
837682587eb3e5ee14260f1aca6d0e2e
2bb0ef014a4346101ff7cfe82e17830b06f7383a
a4623e27063f0a2d2ea9b41093239a1fbaf2c42df74a206b4717f0f57d5fb626

HTTP Headers

GET /images/advs/advertise-on-us-th.webp HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/webp
content-length: 662
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:53:07 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOOxj592RUdCKcvHLPHSLHT79xEWtb6HTU1NkRMRdQfgXaoK10bKuQZIIrIyx6U0FqN9owTbKdPE%2FJ2GnlgAQ0NS95%2BSG6KoKjlrJdSuKEjtoRIDAKjfEeokibrH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f63dd9156ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/

104.26.5.110

200 OK

0 B

URL HEAD HTTP/2
918kiss.pro/
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.25
cache-control: public, max-age=2592000
expires: Wed, 03 Jan 2024 22:20:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrwOTgQhfep79UNakN5h4Slayde8xlHi%2BGBNUeFR0amsi5hhXvOMSm4LWSm2y%2FIhIb9EhnHgRKruqTyOAqtZcXwym9IR926nvkdDnusCj4IJl3ocN7cdxfBSp4KB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83076f650e8356ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

918kiss.pro/res/img/brand-icon.png

104.26.5.110

200 OK

69 kB

URL GET HTTP/2
918kiss.pro/res/img/brand-icon.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 30 x 1054, 8-bit/color RGBA, non-interlaced\012- data
Size
69 kB (68772 bytes)
Hash
dbe5e4ee530c56e0ee3e29fdbec5dd70
db75dc87e900d988066430a3a087e9bceeb3abd3
127351d50b413e0dfb0dacc23aaba867dce14c040e164e880dbef1e20a7c3604

HTTP Headers

GET /res/img/brand-icon.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/res/dist/css/mainad05.css?ver=1.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: image/png
content-length: 68772
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:37 GMT
last-modified: Thu, 19 Jan 2023 08:59:21 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpzgrbG2WP8KnaU7HtjvszO31d4SPlfAlPxGRbT%2BgWI1frGdkzcugoFM9YtN1i51ublOBZBnTQCu40IXt8ogTNrpPbw6e1u5DG9M%2FGSvxVXhWq3zyvXiWoKozLTi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f657ed656ab-OSL
X-Firefox-Spdy: h2

ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.17.72.14

200 OK

4.4 kB

URL GET HTTP/2
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.17.72.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerDigiCert Inc
Subjectajax.cloudflare.com
Fingerprint56:3D:49:44:C4:94:88:C4:E5:4D:63:DC:18:BB:83:46:C6:D9:D8:04
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 15 Aug 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
4.4 kB (4389 bytes)
Hash
fbdb9a3499193711bde93199d6b501bf
2175ba78697d385e4430a33119b0971b49a47c18
a0864fc811415ca19d7088a5815f7a1a6f1ac508e9d339a8967d1067c93f5e0e

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: ajax.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KgNRVN9Cw72b8mv1c1C6N7h9%2B6JJ%2BgHPHQxn6tGeR%2BsxXrMq1ecdK6BdE1EO%2F6O9WrQSjMvx2ZX3W7S6jCHk9i2dcNRZcDWDFWOBi5nJs4bhZbSu8oo%2FRXB1qdbk1imjj%2FbCqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15780000; includeSubDomains
server: cloudflare
cf-ray: 83076f64280556ca-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 06 Dec 2023 22:20:10 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TVSW69N

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TVSW69N
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4827)
Size
74 kB (74338 bytes)
Hash
18ce09af7d377507c9c1a3d14b28b411
79633c6df09f1f56e810924f6fb430e3650f8f3d
81b7b6579965dc8d43f3b0c20e9e794703b502e4bd561dffcac361e93b36932c

HTTP Headers

GET /gtm.js?id=GTM-TVSW69N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 22:20:10 GMT
expires: Mon, 04 Dec 2023 22:20:10 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 21:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.4.1.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://918kiss.pro/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15851"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:20:10 GMT
age: 6926211
x-served-by: cache-lga21965-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 682690
x-timer: S1701728411.716221,VS0,VE0
vary: Accept-Encoding
content-length: 30638
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.4.1.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://918kiss.pro/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15851"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:20:10 GMT
age: 6926211
x-served-by: cache-lga21965-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 682691
x-timer: S1701728411.845451,VS0,VE0
vary: Accept-Encoding
content-length: 30638
X-Firefox-Spdy: h2

dibsemey.com/zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

880 B

URL GET HTTP/2
dibsemey.com/zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
JSON data\012- , ASCII text, with very long lines (879)
Size
880 B (880 bytes)
Hash
bfe1e11645b68a85cfd5c39cd8ea5a6b
697bd536393bbda76fe50ec98ef00beed996be39
e15a28c60654ce7553483c493ab10a8d9f3c2d0ed78e2252a966af6a6bd3dc1b

HTTP Headers

GET /zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: baadd5669b317ce179b92e898d4d0b6e
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

918kiss.pro/res/dist/css/mainad05.css?ver=1.4

104.26.5.110

200 OK

3.2 kB

URL GET HTTP/2
918kiss.pro/res/dist/css/mainad05.css?ver=1.4
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
ASCII text, with very long lines (8957), with no line terminators
Size
3.2 kB (3243 bytes)
Hash
131bffdb74640c468d37cd01fbdbe114
9e7ffa34a4ead9edc3c919c477854082b4906bd4
f6e75bcc0b42c2c3f7dd60159cf82ef39f85f5588500185ab9f5028bbf463bd7

HTTP Headers

GET /res/dist/css/mainad05.css?ver=1.4 HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: text/css
cache-control: public, max-age=2592000
expires: Tue, 02 Jan 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIUpgmKKRL3MdLR0UyW8YoZcWlMyNnCxoDmqlSrcMyz1EHtg%2BHsElC8zJ2kwvCIYDuzGt7oYgjxobkOMYg2IoEKzPrRpVUGBUEI%2FvbigLGvz6QK28B3Io4XqwgwG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83076f63bd7356ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-PSNNNBEVZ7&l=dataLayer&cx=c

142.250.74.168

200 OK

92 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-PSNNNBEVZ7&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
92 kB (91600 bytes)
Hash
a4da7ae50dbedbe6667228f58d3ff404
27a94e137fb1ffabb6ebc757ba0056b30154aae1
10a7cf8e174e1f83ef4f805eb6b7bcf6477a0ce1da6fdb26b77e4fc71497bbb5

HTTP Headers

GET /gtag/js?id=G-PSNNNBEVZ7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 22:20:10 GMT
expires: Mon, 04 Dec 2023 22:20:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=de451cc286eb4699b7eec2ad6cc13a87

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=de451cc286eb4699b7eec2ad6cc13a87
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
0b4e9d15b188034bee099f42ffe740dd
47026ce1bdbe70a10784d52fb104360e2affd9f9
f45c4ae089805b1c68205807ce31296a19381f53db94b5728fd38a36c6800afb

HTTP Headers

GET /gid.js?userId=de451cc286eb4699b7eec2ad6cc13a87 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://918kiss.pro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=de451cc286eb4699b7eec2ad6cc13a87; expires=Tue, 03 Dec 2024 22:20:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

dibsemey.com/ntfc.php?p=4356595

139.45.197.250

200 OK

6.1 kB

URL GET HTTP/2
dibsemey.com/ntfc.php?p=4356595
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
6.1 kB (6146 bytes)
Hash
04b709d7dcec50f9c3186180667330de
d62cd2117f2f2814faa583450d515bcce06364f6
f7d20624d06a1c9f1d681bcbe58b07670d643a18909089c46166e392bd1df44f

HTTP Headers

GET /ntfc.php?p=4356595 HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-32de"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

918kiss.pro/res/img/918kiss/icon/Icon-128.png

104.26.5.110

200 OK

9.8 kB

URL GET HTTP/2
918kiss.pro/res/img/918kiss/icon/Icon-128.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Size
9.8 kB (9841 bytes)
Hash
2740b4d25c9d624e3502a72c79f417c1
e0355aa43ce6f26e240ded52025732676ff5fa7e
14d353731cdf6bff0f38e88a4a0aec8926a692e4aa1a163dbc994468fa0974bc

HTTP Headers

GET /res/img/918kiss/icon/Icon-128.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: image/png
content-length: 9841
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:37 GMT
last-modified: Thu, 19 Jan 2023 08:59:39 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgDKJYrAoxBwc50q16t6JF%2FG9bRcLD9gYs0hdg8nMmhTd2m0y9ij0Mwk%2BmHlQmHwE6DieGlMrIpLtKYIKzZa7GXeQMxmRualxfrqjhmALU8kXj4eUXeWQxMTiBin"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f69caa156ab-OSL
X-Firefox-Spdy: h2

918kiss.pro/res/img/918kiss/icon/Icon-16.png

104.26.5.110

200 OK

1.1 kB

URL GET HTTP/2
918kiss.pro/res/img/918kiss/icon/Icon-16.png
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1080 bytes)
Hash
93579374a05874489b4c0d4a71ffc33e
2ff461e16068edb6eb656c3a936fd243dc46737b
3d85b6fdacc014dc74da046b6621f0c4a61ef33650194a62719b374040eb4910

HTTP Headers

GET /res/img/918kiss/icon/Icon-16.png HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: image/png
content-length: 1080
cache-control: public, max-age=31536000
expires: Mon, 02 Dec 2024 22:10:37 GMT
last-modified: Thu, 19 Jan 2023 08:59:40 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6QF8CYxZ60R53axpRxQKrPRydC7UrGp%2F2H90XMEazm6biiLwW9fZJ4puyoEygBMJWGttbKdwvYZYIfWt3po2TX7E%2BqDNZ1oDGumPLo0QVRKqEBfIQ10%2BATeIg1I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83076f69daa356ab-OSL
X-Firefox-Spdy: h2

dibsemey.com/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
dibsemey.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

dibsemey.com/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
dibsemey.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

918kiss.pro/sw.js

104.26.5.110

200 OK

2.5 kB

URL GET HTTP/2
918kiss.pro/sw.js
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
ASCII text, with very long lines (5235)
Size
2.5 kB (2503 bytes)
Hash
0ded7ea506762bc62bd906f6f3f7d336
69952ba4a698d2209e7d4cd0ea0ad75a70c31dec
0a020abd99c8e422148cec727362c73fcdb894498202e14af6e904b214b863ef

HTTP Headers

GET /sw.js HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
DNT: 1
Connection: keep-alive
Cookie: _ga_PSNNNBEVZ7=GS1.1.1701728416.1.0.1701728416.0.0.0; _ga=GA1.1.1066168905.1701728417
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 22:10:37 GMT
last-modified: Fri, 20 Jan 2023 08:25:19 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYiJxSXVn8FyboKxHMi9UIsUNf5huw%2F2gdK2TgyQ4wTzmq6GD8Hb36Lua3qkbXWStIpg50NSvEjIUOEx2PQNsqL4x%2FPJYYpuq%2BQZbTttByaAoDg%2BJZStIy5eWAVK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83076f6a7b1d56ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

dibsemey.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
dibsemey.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Content-Type: application/json
Content-Length: 715
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1b9033f72d5e47299424ad46a56b7a27
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

dibsemey.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
dibsemey.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Content-Type: application/json
Content-Length: 359
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cdbc84528df78de0343779f657540e9d
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

dibsemey.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
dibsemey.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Content-Type: application/json
Content-Length: 368
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 62d4195c82cabadd29e970f4d110a4fa
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
4da16836d58041a2c4d94f60b2180d99
942105374d743a4257e313fe4fa6729b78634e15
a49fc473c9b9d839ce8702af69d9089e32d1f7893e875d7d4d02bc63f8254cbd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Content-Type: application/json
Content-Length: 496
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
588e0abf426e6cce4b577fe6b9efdd8d
c7b47a21fcac0841fa3f99a3acc9235238d7893c
89ec2fa7ae22ee3d7b5d978d813a9b6a2743c471aaf251c57964094e28e02c85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Content-Type: application/json
Content-Length: 496
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:11 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

918kiss.pro/res/dist/css/bootstrap.minad05.css?ver=1.4

104.26.5.110

200 OK

11 kB

URL GET HTTP/2
918kiss.pro/res/dist/css/bootstrap.minad05.css?ver=1.4
IP
104.26.5.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://918kiss.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject918kiss.pro
Fingerprint75:08:93:4C:8C:B7:99:EE:19:18:97:B2:9D:B6:DD:36:67:8C:58:E1
ValidityFri, 24 Nov 2023 15:56:27 GMT - Thu, 22 Feb 2024 15:56:26 GMT

File type
ASCII text, with very long lines (10925)
Size
11 kB (11183 bytes)
Hash
adc5481da3a190cc9f442a93284d5de8
e9be25d470da6e0fcd7bbf851952499f9371a6d6
82eef55b52912f4393641621487b032f52b4495d93bb8f2f17b30222785f00b2

HTTP Headers

GET /res/dist/css/bootstrap.minad05.css?ver=1.4 HTTP/1.1
Host: 918kiss.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: text/css
cache-control: public, max-age=2592000
expires: Tue, 02 Jan 2024 22:10:36 GMT
last-modified: Thu, 19 Jan 2023 08:59:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 86974
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdEIjp5IaWMAtu4K%2F8vQTYnUlGmZBRMCq4nLhOfD9kjMWtNzkRFhDwdgrBLfHFG8gXi7B0TSzex43BpqlnLDOfF9SVEez5rUy8ImxWqcAWYwyRIBZqG9P4mUKIHk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83076f63bd7656ab-OSL
content-encoding: br
X-Firefox-Spdy: h2

eechicha.com/ntfc.php?p=4356595

139.45.197.250

200 OK

13 kB

URL GET HTTP/2
eechicha.com/ntfc.php?p=4356595
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjecteechicha.com
FingerprintA7:F9:5F:87:8A:D5:59:6F:C6:F4:84:8E:C8:B1:C8:FE:DF:C8:27:B4
ValiditySun, 12 Nov 2023 05:14:19 GMT - Sat, 10 Feb 2024 05:14:18 GMT

File type
C source, ASCII text, with very long lines (13022), with no line terminators
Size
13 kB (13022 bytes)
Hash
c89bdeac9fc7159eeab98d113c78dbc3
b905be32d5611608db4dec46b433a83eccd58d49
43620d4167eed0aae2c452914018932e583aef5579f88ce738766f5cbfd5cb7f

HTTP Headers

GET /ntfc.php?p=4356595 HTTP/1.1
Host: eechicha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 13:38:02 GMT
etag: W/"65649bba-32de"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

potsaglu.net/5/5730098

139.45.197.245

200 OK

72 kB

URL GET HTTP/2
potsaglu.net/5/5730098
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectpotsaglu.net
Fingerprint64:E0:E9:95:2E:5C:F0:F7:B1:DD:A5:43:13:1C:1F:52:A3:0D:D1:56
ValiditySun, 17 Sep 2023 05:54:34 GMT - Sat, 16 Dec 2023 05:54:33 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71516 bytes)
Hash
b99716799165ab7bb50c6b883743f1f4
cb7a5e033d7aff9c52707570136fcccebd830e1b
4994ed8b3f86daa30a88c14aaa71247b2bfc3607b5b97b3c5700651055170968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5730098 HTTP/1.1
Host: potsaglu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://918kiss.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
x-trace-id: 8a64d673fb1d94ff5158266bbd885416
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=de451cc286eb4699b7eec2ad6cc13a87; expires=Tue, 03 Dec 2024 22:20:10 GMT; path=/; secure; SameSite=None
oaidts=1701728410; expires=Tue, 03 Dec 2024 22:20:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

dibsemey.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

88 kB

URL GET HTTP/2
dibsemey.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjectdibsemey.com
Fingerprint0A:49:CF:E0:C6:CF:27:FD:2D:F7:8E:EA:04:B0:3E:7F:21:E1:E8:9F
ValidityTue, 21 Nov 2023 05:23:32 GMT - Mon, 19 Feb 2024 05:23:31 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87852 bytes)
Hash
d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: dibsemey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-1572c"
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

eechicha.com/zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

880 B

URL GET HTTP/2
eechicha.com/zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjecteechicha.com
FingerprintA7:F9:5F:87:8A:D5:59:6F:C6:F4:84:8E:C8:B1:C8:FE:DF:C8:27:B4
ValiditySun, 12 Nov 2023 05:14:19 GMT - Sat, 10 Feb 2024 05:14:18 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (977), with no line terminators
Size
880 B (880 bytes)
Hash
4fb94d60c1844ff6a6a8736ebb23827d
a6390f4604ab618378948e548944c58029c60947
13e9aa8c22f07d405810e5bc86c706cabd74c092d880fa7f5ce53de459885385

HTTP Headers

GET /zone?pub=0&zone_id=4356595&is_mobile=false&domain=918kiss.pro&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: eechicha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: b0c51aa721f4d2b54cf886e9e8ddc9c6
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

eechicha.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

88 kB

URL GET HTTP/2
eechicha.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://918kiss.pro/
Certificate
IssuerLet's Encrypt
Subjecteechicha.com
FingerprintA7:F9:5F:87:8A:D5:59:6F:C6:F4:84:8E:C8:B1:C8:FE:DF:C8:27:B4
ValiditySun, 12 Nov 2023 05:14:19 GMT - Sat, 10 Feb 2024 05:14:18 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87852 bytes)
Hash
d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: eechicha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://918kiss.pro/
Origin: https://918kiss.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 22:20:10 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 13:38:02 GMT
etag: W/"65649bba-1572c"
access-control-allow-origin: https://918kiss.pro
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP