urlscan.io logo urlscan.io
SecurityTrails logo

kc79.vip Open in urlscan Pro
198.252.107.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://kc79.vip/
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 198.252.107.131, located in Hong Kong and belongs to LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK. The main domain is kc79.vip.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.
This is the only time kc79.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 198.252.107.131 133752 (LEASEWEB-...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
27 4
Apex Domain
Subdomains		 Transfer
18 kc79.vip
kc79.vip
2 MB
5 choiiwin79.vip
dk.choiiwin79.vip
237 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
17 KB
0 adsmanager.click Failed
test.adsmanager.click Failed
27 4
Domain Requested by
18 kc79.vip kc79.vip
5 dk.choiiwin79.vip kc79.vip
2 use.fontawesome.com kc79.vip
0 test.adsmanager.click Failed kc79.vip
27 4

This site contains links to these domains. Also see Links.

Domain
bj93.com
bj88vnd.com
gacpc.vip
youtube.com
Subject Issuer Validity Valid
kc79.vip
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
choiiwin79.vip
GTS CA 1P5		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kc79.vip/
Frame ID: 9DDA0CAC64A91D93082FB81C3EBD5CD1
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

KC79 - Game bài đổi thưởng vượt thời đại và đẳng cấp

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

27
Requests

93 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2488 kB
Transfer

3031 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kc79.vip/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
fb32c4c8cd5b394f01bc542bbfaf3c7481f9fb23207b994caa6b4759a13401f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 00:12:16 GMT
link
<https://kc79.vip/wp-json/>; rel="https://api.w.org/" <https://kc79.vip/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://kc79.vip/>; rel=shortlink
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WPTangTocOLS
x-xss-protection
1;mode=block
c38f39a8-ddce-4068-a89a-13ad30ed5268
https://kc79.vip/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://kc79.vip/c38f39a8-ddce-4068-a89a-13ad30ed5268
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
style.css
kc79.vip/wp-content/themes/wordpress/ 		819 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/style.css?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
7bbc9f0637a829285f57821325b1999f5c090c09c49aab2e06b1f9da267bb168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
419
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"333-6640e1ac-2c4db86;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:16 GMT
bootstrap.min.css
kc79.vip/wp-content/themes/wordpress/css/ 		150 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
20135
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"2565e-6640e1ac-385e261;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:16 GMT
style.min.css
kc79.vip/wp-content/themes/wordpress/css/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
3d3c247acf048ff4b439e046e0b26746f640e9930056d4ac93a132137db2ce48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
12096
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"10f32-6640e1ac-385e262;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:16 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Origin
https://kc79.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4AweJ7UbWFx1S95c%2FyiOWpzYckifVimJn%2Fa5lT9od2w65oy0g%2BzhlewuV%2Bxb%2F2ko7v3RjvHBEZInreYpluX%2BmVIIG%2F0%2F6LGDWTFvuxMZt8m91DPCYRS1Q5sZ3MQgmPL08pWKCYSD5eHF9D3Dog1bTRh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8836b0d7caec8ec7-FRA
alt-svc
h3=":443"; ma=86400
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Origin
https://kc79.vip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiIcjZtX%2BeHWH35r7429yOSdxoBC0pueaiiuqYLlR5wx3b6RU6I1liAXNP%2FF6qoN%2BqsR45N8iyhtIxGoZQYd6cvXtZnPrecVVtCfC%2F1rh7tweBE%2B6r2yhJghY1lJifnqpbVXx8HdBdB9BQ3dqTgKk%2FnX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8836b0d7caea8ec7-FRA
alt-svc
h3=":443"; ma=86400
LOGO-PNG.png
kc79.vip/wp-content/uploads/2024/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/LOGO-PNG.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
a47995713b72c9cd30e1cb70992901e9b9fee5b420911bd7375714ca689d3f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:16 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1108144
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"10e8b0-6640e1ae-255ce5e;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:16 GMT
Asset-1.png
kc79.vip/wp-content/uploads/2024/05/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/Asset-1.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
c2fbb9b08d696245bba645b4c367827fbe4f23ddea5af22f0e2aa0887280d4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:16 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
81660
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:11 GMT
server
LiteSpeed
etag
"13efc-6640e1af-2566537;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:16 GMT
zalo1.png
kc79.vip/wp-content/uploads/2024/05/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/zalo1.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
e0162cdfdb5d01f836faebe376b5e15713f293336df17ba99f1540ba125da8b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
71737
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 13 May 2024 01:05:12 GMT
server
LiteSpeed
etag
"11839-66416748-49e135;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:17 GMT
btn-dl.png
kc79.vip/wp-content/uploads/2024/05/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/btn-dl.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
d1282d8d8ca67c9fc31e13a52211789e36f43d4d4e01459b1e4c3524767737c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
20868
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"5184-6640e1ae-255ce3b;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:17 GMT
12312312.png
kc79.vip/wp-content/uploads/2024/05/ 		700 KB
701 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/12312312.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
2dea0a4caa84e3f62619c8dc6e57854c4c554a36021ef6fc2c5ba327cd496958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
717069
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"af10d-6640e1ae-255ce42;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:17 GMT
adv2.png
dk.choiiwin79.vip/images/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.choiiwin79.vip/images/adv2.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:db8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4046c585721dc187818d830f5cee04ca4115f65540bccb8ad43092f8ebf9c32
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
101672
last-modified
Fri, 26 Apr 2024 04:41:12 GMT
server
cloudflare
etag
"662b3068-18d28"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKgKmYreW%2FT0YZM63sDkbFhv0XA4ISoaoKDDHk%2BmILGQmp476rnjQE6BMgHzkX9u8M%2FlFzDEfrCY%2Fcv3qf7ZTuG3U%2B8o49%2F2SUcG9dB7Z%2BVphUDPqAzwefoS1I4YmBt6H52cKt3%2FgEOfMVWrqe%2F%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8836b0d7c917bbcb-FRA
adv3.png
dk.choiiwin79.vip/images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.choiiwin79.vip/images/adv3.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:db8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0fb9fc4fa6b3c780e7d2003be06b28ea55547c2b618acadc576d022ff1104c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
88075
last-modified
Fri, 26 Apr 2024 04:41:12 GMT
server
cloudflare
etag
"662b3068-1580b"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSlsfmoZ%2Foq5X8y0xNQN37HQKxp2r%2Fc8xthsmvZ1ZYxvw4qAs8UzX2lgqu56bpcT68ddgqJu7TxmDTWKNVchpvZzDaJgWVlA%2BaRVvLtnyMLJ8%2FwaapMmMWZblPhDbxSXRfByTLs3FtXFVEY4pC%2BL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8836b0d7c918bbcb-FRA
nap-rut.png
kc79.vip/wp-content/uploads/2024/05/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/nap-rut.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
4e4cf9394c8374f5043bcc4aa0e442986bea65da023023b0ae9089eebed7dc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:21 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
54184
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"d3a8-6640e1ae-255ce4e;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:21 GMT
bg-right3.png
dk.choiiwin79.vip/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.choiiwin79.vip/images/bg-right3.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:db8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7716ff9bdcdcdb74ff14ab83bcc108a570b1edc4627dfda3fe3032a26aa43515
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
44415
last-modified
Fri, 26 Apr 2024 04:41:12 GMT
server
cloudflare
etag
"662b3068-ad7f"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhNCjNMY7aTpZMcqLaEQOL1zpELaM3aoiRs1VqEzUvA4ZFNPQzfGr9MswKIm%2BH1otyqEqiMmS1kOdZ7DZwIYi6X5LfdTE7V236jLS5waoq%2BavKIBT27OgDbh%2FFCRGAyapYvx65jC3X6%2FjEwyzs2ceA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8836b0d7c919bbcb-FRA
banner.png
test.adsmanager.click/wp-content/uploads/2024/05/ 		0
0
text-video.png
dk.choiiwin79.vip/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.choiiwin79.vip/images/text-video.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:db8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9911842f38f37e1c1879c35d6cccc7ffa6b1de797a706eecc3c7941f27d40875
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4480
last-modified
Fri, 26 Apr 2024 04:41:12 GMT
server
cloudflare
etag
"662b3068-1180"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZNiw%2FoZEujGCMihIfa9vmaYoVkkjYh6JmvmJ%2FQTxx85J1WtaOo6gpoEbI9Ba9oZMJjjSNqZRLkgRyVuon5hYgcpgcP7d39mAKpFM8aHdaTeL28k0IJEdBLdfuJGm5n%2BmTaPYRafsmLO%2B719BOzHKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8836b0d7c91bbbcb-FRA
loading.gif
dk.choiiwin79.vip/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.choiiwin79.vip/images/loading.gif
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:db8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:14:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1635
last-modified
Fri, 26 Apr 2024 04:41:12 GMT
server
cloudflare
etag
"662b3068-663"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZutfDU7ABbjbsbYIjBhd31GXUGRQfj%2Bq5aPILHTiFKTn7x86P7GnE5swZ7roYtmc6j2iO%2F8onUIMTlYzKvPn5vQJ3tNtD0ptC0Ldmazu3fw97j3%2B%2FcQGd%2BUVVk8TyJQPhnEQ9GdqSGd1Mpbay6537g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8836b0d7c91abbcb-FRA
navigation.js
kc79.vip/wp-content/themes/wordpress/js/ 		3 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/js/navigation.js?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
928
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"ba4-6640e1ac-275bc6;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:17 GMT
apphd.min.js
kc79.vip/wp-content/themes/wordpress/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/js/apphd.min.js?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
c34b55cf2da67a1b940191ee2f5bf5540ac4c2098770189f62dd7a4b585f1cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:19 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
29683
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"15544-6640e1ac-275bc9;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:19 GMT
app.min.js
kc79.vip/wp-content/themes/wordpress/js/ 		300 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/themes/wordpress/js/app.min.js?ver=1.0.0
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
583cca97594b8096457e690269e0eaf17754a1f60e20b2f720cbd4f8f2b0078d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:19 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
89512
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:08 GMT
server
LiteSpeed
etag
"4b1ec-6640e1ac-275bc7;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:19 GMT
bg.jpeg
kc79.vip/wp-content/uploads/2024/05/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/bg.jpeg?v=6.18.2
Requested by
Host: kc79.vip
URL: https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
cbe3573378df18d60280afeac13bac2b5da123adcbdca2cc0183423465a270df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
36737
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:11 GMT
server
LiteSpeed
etag
"8f81-6640e1af-256653d;;;"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:18 GMT
bg-form.png
kc79.vip/wp-content/uploads/2024/05/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/bg-form.png?v=6.18.2
Requested by
Host: kc79.vip
URL: https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
5930871c0971db72cd7a194284fee9f42e2b1546c9dd32499e053cee4bba25d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
15593
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"3ce9-6640e1ae-255ce41;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:18 GMT
de-video.png
kc79.vip/wp-content/uploads/2024/05/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kc79.vip/wp-content/uploads/2024/05/de-video.png
Requested by
Host: kc79.vip
URL: https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
3163bea4717d1af07f6f9f8baa8b3b77101e0ff5576131f3ba86efc3ade3c426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/wp-content/themes/wordpress/css/style.min.css?ver=1.0.0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:17 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
12706
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:10 GMT
server
LiteSpeed
etag
"31a2-6640e1ae-255ce35;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:18 GMT
wp-emoji-release.min.js
kc79.vip/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: kc79.vip
URL: https://kc79.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4630
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:35:12 GMT
server
LiteSpeed
etag
"4926-6640e1b0-30ea088;br"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:21 GMT
cropped-Thiet-ke-chua-co-ten-32x32.png
kc79.vip/wp-content/uploads/2024/05/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kc79.vip/wp-content/uploads/2024/05/cropped-Thiet-ke-chua-co-ten-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.107.131 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
198.252.107.131-static.reverse.arandomserver.com
Software
LiteSpeed / WPTangTocOLS
Resource Hash
3c26de24ae51cd7c308e3ed8dafead8e7520db9dacc52301952a422ff37b94f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://kc79.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:12:23 GMT
x-content-type-options
nosniff
x-powered-by
WPTangTocOLS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2414
x-xss-protection
1;mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 15:55:00 GMT
server
LiteSpeed
etag
"96e-6640e654-252f0c3;;;"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Wed, 14 May 2025 00:12:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
test.adsmanager.click
URL
https://test.adsmanager.click/wp-content/uploads/2024/05/banner.png

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa boolean| isUdid number| isAction boolean| nonDownload string| v undefined| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| iv object| key undefined| conf undefined| onRegFrmSubmit undefined| onLoginFrmSubmit undefined| onRegFrmSubmitMain undefined| onLoginFrmSubmitMain undefined| app_id undefined| userAgent undefined| sessionId undefined| isMobile undefined| notifications undefined| isIPadPro undefined| autofill undefined| showModalForm function| receiveMessage function| detectOS function| replaceAfterThirdChar undefined| updateActions undefined| clearBGAutoFill undefined| lazyLoading undefined| clickPlayWeb undefined| onPlayWeb undefined| onLoginFB undefined| onLoginFbSucceed undefined| onRegister undefined| onRegisterMain undefined| onDownloadAndroid undefined| onDownloadIos undefined| showInfo undefined| setCookiesTracking undefined| onBtn1111DownloadAndroid undefined| onBtn1111DownloadIos object| bootstrap function| Fingerprint2 object| CryptoJS object| twemoji object| wp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dk.choiiwin79.vip
kc79.vip
test.adsmanager.click
use.fontawesome.com
test.adsmanager.click
198.252.107.131
2606:4700:3035::ac43:db8b
2606:4700:3036::6815:1b98
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
2dea0a4caa84e3f62619c8dc6e57854c4c554a36021ef6fc2c5ba327cd496958
3163bea4717d1af07f6f9f8baa8b3b77101e0ff5576131f3ba86efc3ade3c426
3c26de24ae51cd7c308e3ed8dafead8e7520db9dacc52301952a422ff37b94f2
3d3c247acf048ff4b439e046e0b26746f640e9930056d4ac93a132137db2ce48
4e4cf9394c8374f5043bcc4aa0e442986bea65da023023b0ae9089eebed7dc95
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
583cca97594b8096457e690269e0eaf17754a1f60e20b2f720cbd4f8f2b0078d
5930871c0971db72cd7a194284fee9f42e2b1546c9dd32499e053cee4bba25d6
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
7716ff9bdcdcdb74ff14ab83bcc108a570b1edc4627dfda3fe3032a26aa43515
7bbc9f0637a829285f57821325b1999f5c090c09c49aab2e06b1f9da267bb168
7e0fb9fc4fa6b3c780e7d2003be06b28ea55547c2b618acadc576d022ff1104c
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
9911842f38f37e1c1879c35d6cccc7ffa6b1de797a706eecc3c7941f27d40875
a47995713b72c9cd30e1cb70992901e9b9fee5b420911bd7375714ca689d3f1d
c2fbb9b08d696245bba645b4c367827fbe4f23ddea5af22f0e2aa0887280d4d4
c34b55cf2da67a1b940191ee2f5bf5540ac4c2098770189f62dd7a4b585f1cb9
cbe3573378df18d60280afeac13bac2b5da123adcbdca2cc0183423465a270df
d1282d8d8ca67c9fc31e13a52211789e36f43d4d4e01459b1e4c3524767737c9
d4046c585721dc187818d830f5cee04ca4115f65540bccb8ad43092f8ebf9c32
e0162cdfdb5d01f836faebe376b5e15713f293336df17ba99f1540ba125da8b1
fb32c4c8cd5b394f01bc542bbfaf3c7481f9fb23207b994caa6b4759a13401f0