www.ko.tc Open in urlscan Pro
2606:4700:3037::6815:55c3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ko.tc/
Effective URL:
https://www.ko.tc/
Submission: On May 19 via manual (May 19th 2021, 4:01:04 am UTC) from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::6815:55c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ko.tc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time www.ko.tc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 19	2606:4700:303... 2606:4700:3037::6815:55c3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2

19 2606:4700:3037::6815:55c3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ko.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ko.tc 1 redirects www.ko.tc	162 KB
18	1

	Domain	Requested by
19	www.ko.tc	1 redirects www.ko.tc
18	1

This site contains links to these domains. Also see Links.

Domain
tempestsw.com
www.cloudflare.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ko.tc/
Frame ID: 3A71E8E6C71E26684E8C80CF10EAC345
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ko.tc/ HTTP 301
https://www.ko.tc/ Page URL
https://www.ko.tc/ Page URL
https://www.ko.tc/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

161 kB
Transfer

285 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tempestsw.com/nightingalesguilt.php?c=0
Title: table

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ko.tc/ HTTP 301
https://www.ko.tc/ Page URL
https://www.ko.tc/ Page URL
https://www.ko.tc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.ko.tc/ HTTP 301
https://www.ko.tc/

18 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

/ Show response
www.ko.tc/
Redirect Chain

http://www.ko.tc/
https://www.ko.tc/

10 KB
10 KB

42ms
13ms

Document
text/html

2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ko.tc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a0f9b26fbebc7b06168c1b0c393367145822e290850dcfe10dee43c5daca6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.ko.tc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:47 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a246193370000d6b1c2932000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D2N%2BWVn6FVjzU8kUo6JDeMXO64QOv%2BicOUj77vFpynDuMRFkYUFD7tH59c%2FAYOtYvegVApUGKdMwN6n8c8iFRIjzWCPNEC7IZPwSHEV6L9aGxue86%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 651a6b9858e1d6b1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Wed, 19 May 2021 04:00:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 19 May 2021 05:00:47 GMT
Location: https://www.ko.tc/
cf-request-id: 0a2461930900002bf6a0918000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bBkBdCS8XvkCqiXk9K9ewD0q6UCs84ilkKZV9ji5Ah3OpEYI9Th5gvpQJ8sMwxtCaV%2Fn%2FO9WO0svW4CDbtHnkZsyqHN%2F%2B6RO8VZIM2ZUcPcgwulkLMc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 651a6b980cbd2bf6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 v1 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
13 KB 67ms
51ms Script
text/javascript 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6b9858e1d6b1
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9826d77d21c7e44364ea923b32883057a508b6ee7eac2e66d1866ae3dad9326

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6b9858e1d6b1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:47 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hNniqepERRlcN6aZuAXdVgka5rUX7I%2BKsacMd85aFpniHSpB8BPVp%2FF0JJNv42HPUxkrTgcZrqPKo3wRNty5PoXrnj6drtGW96rtZFIND7e2LLy4%2Fiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 651a6b989c385369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461936100005369be8d3000000001

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 36ms
21ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6b9858e1d6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6b9858e1d6b1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6b989c325369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:47 GMT

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/nojs/ 42 B
258 B 32ms
21ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6b9858e1d6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6b9858e1d6b1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6b989c395369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:47 GMT

POST
H3-29 200 06f605a4db30315 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/ 42 KB
25 KB 62ms
61ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/06f605a4db30315
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6b9858e1d6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55bfde343d0eb727945678e4dd775ae94c1056318d83c4862db437433c4bf857

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 2202
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/06f605a4db30315
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 06f605a4db30315
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 06f605a4db30315
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:48 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pfxA4svC4WZncoci3tzvL6RUGXMv19BVJUyQBA4fkC3iqQwK7YJ8Z%2FO2TITWq2%2FPqZ0RpSM1mmv%2FilsVN6c91LR54BXL3EbN%2F2dGmEYim3P7aZ9vh3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_06f605a4db30315=cb1c74c9dd49499;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6b9ccb0b5369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461960100005369711c1000000001

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b5aca55b28929133eebc18ff6cb96228ff9682fa777b04b512733e68034a63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 06f605a4db30315 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/ 2 KB
2 KB 118ms
117ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/06f605a4db30315
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6b9858e1d6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd5e73fa0da3006481083314b11cc9e0960890e36f959d27e95df843dc9a00b3

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_06f605a4db30315=cb1c74c9dd49499; cf_chl_prog=a6
content-length: 17195
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.39399772243978765:1621395781:69dc26360d802c745d727517f32f3f711ea48d1ead5800e22bf70b5810dc13fe/651a6b9858e1d6b1/06f605a4db30315
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 06f605a4db30315
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 06f605a4db30315
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:48 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf_chl_out: D7kaNUobEr5k61W2HvWEDDQMRTTQbxZIAc8TGThmi0uy6jTLL+o+Pr2AvhnuW59myOLbK/MgoEqwNGIxVyeMECN+kB9elB5q5PfEg9Dt1kkm3Id0Je22cFmsTUE5He6yty8rTNNtYRcmqvhnM6d+QSfCraohoyozpzhpOyIvL/IeoxGOQKV/fDD0IzRjEU39xjCXyqPDrRevXI834SEUP3TkZEVh0pzkc+4pnER/UIjU8crVr7GrdkMwwF5SynVt$HASQhhJRqtPvLWUKDqBSng==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cpbEPNkAfNM4LJ5dEaDLyddhAEgdvky3lKwCC0e45xUa6uwnreSqCpNr%2FPcdINhT2b%2Bjt5AIvST6aROQ%2FZIvvBnbeFdymSfyIPHxhGTesrBmWitqtq0%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_chl_seq_06f605a4db30315=;Expires=Tue, 18 May 2021 04:00:48 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6ba0fa295369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a246198a000005369c5b3f000000001

GET
H2 503 / Show response
www.ko.tc/ 9 KB
10 KB 13ms
12ms Document
text/html 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ko.tc/

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72af83611b6f9b80ff853bcac54556bbc2037d42e9df541de155bef580327ef9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.ko.tc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.ko.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ko.tc/

Response headers

date: Wed, 19 May 2021 04:00:52 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a2461a57e0000d6b1b1aaa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YIDhJSY%2F8J1qskc1KPEh57dp77ln7gsLuAcQwSRSY1WAjGVbMB9KWM0ECIKSUSh9qsgGFIeM3uaH66rOC6VnY%2FYQbgS5Mmpt10cDdrCx%2FcsbPUFlGC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 651a6bb59c0fd6b1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 v1 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 37 KB
13 KB 20ms
19ms Script
text/javascript 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bb59c0fd6b1
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd0e39f95c0afb91cc89b4bed610ad8cca2a6029bd3c57aa73fa9da3b99ce84

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bb59c0fd6b1
pragma: no-cache
cookie: cf_chl_prog=F9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:52 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CC%2FMu6IT4VNgpvrAeCwZ6j2mQuSGqQ4bqsxuSS2Uk6%2FeItGhH96dnzyA8iIhC78Tg6WyE%2FzPLi0UCsvS3vPN8z1DknEH6gjVqGDWLMvg1cofbJ%2FVz0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 651a6bb5cc035369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461a59d00005369ad9a7000000001

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 8ms
8ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6bb59c0fd6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6bb59c0fd6b1
pragma: no-cache
cookie: cf_chl_prog=F9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6bb5cc075369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:52 GMT

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/nojs/ 42 B
222 B 10ms
10ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6bb59c0fd6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6bb59c0fd6b1
pragma: no-cache
cookie: cf_chl_prog=F9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6bb5cc0f5369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:52 GMT

POST
H3-29 200 4994a4259461c62 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/ 50 KB
31 KB 119ms
119ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/4994a4259461c62
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bb59c0fd6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7096d188f6fa530de2176b0b3b8f0e869cc01b97700b7af8130ba7324897fc2

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 2187
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/4994a4259461c62
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 4994a4259461c62
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 4994a4259461c62
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:52 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QY6wVqUVj1Yq2ZLmX6BrVyrKwzRZkRJ849bm3Y4QDLF9njTEPVk9O5Bdq8gidfCNTFCqN4DO4HCc22see2IkrGIorlb8OCcdZ1PW5WctwTqn%2BwTtj1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_4994a4259461c62=7797602a4600c7b;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6bb66d335369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461a60600005369a1081000000001

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b6eeedaf5585bc00c75821bcac578840d4f46be2c26ff053ff96b0a0deb30f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 4994a4259461c62 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/ 1 KB
2 KB 106ms
106ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/4994a4259461c62
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bb59c0fd6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e7faf79f3d7b4a1bf7f05e945ac2c6234e7e83761985600c4bf60b9be7eb37

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_4994a4259461c62=7797602a4600c7b; cf_chl_prog=a6
content-length: 18278
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.1513441038987764:1621395794:e935edde284c3c376337d3a07785e25a4d19f3e195e75334293d9d0404ce0f34/651a6bb59c0fd6b1/4994a4259461c62
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 4994a4259461c62
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 4994a4259461c62
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:53 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf_chl_out: WZfiv8gLe8jOq0+xbgmxX/W3h7HxpDLxT8B344ZpG/fEewRIhSK3jS9iIwSF6OMi6A5YKVqMOApRcS98u/UKlwk0oyVPgfDvS80ZlAfescWIz3eopf0FppHQBcS7dh6daHNNueo5OgiJpmwcEjwhshsWDdE58SfmMxL4Rgvwq48=$7Y1rqBrv+VeyoOVzRXKnew==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=99ZwsA5rj9g8o7gEvw55pqIPbMcO0GiI2qdmCAEoyiHxTHfOGmYUVw08xH%2FjZPbha9DeHB5ayFuCpR1KN6b5QWgNelwvCuP3YUt3SQVQ9NGBOG4ZgcI%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_chl_seq_4994a4259461c62=;Expires=Tue, 18 May 2021 04:00:53 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6bbbcee65369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461a95c000053699d0a9000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 Primary Request / Show response
www.ko.tc/ 9 KB
10 KB 21ms
20ms Document
text/html 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ko.tc/

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ac4a01071ac54cd9c21b253ffde8ae48102e6bcf50146c0e8794cd3d134381

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.ko.tc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.ko.tc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ko.tc/

Response headers

date: Wed, 19 May 2021 04:00:56 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a2461b5760000d6b1a7310000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVs6Led9tjdfW0JIox8VCIFfnjw3PDh7tABK49VbcJak3QSThx%2FWMvRg4dK5SrFL%2FDnC5lQj98whUyMpRLVIdN7y1C7oxkOn62kqdfIXvxRNEW79hKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 651a6bcf284ad6b1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 v1 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 39 KB
14 KB 24ms
23ms Script
text/javascript 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bcf284ad6b1
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a9937079bb228b193ff2120e64d7b5ee3ed82495a4375b7f6980070f9e276e

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bcf284ad6b1
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:56 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2aa%2BX0%2B%2FIuVMbVeMSuxLrp%2FOnHoA0jTVdeOYr5QJOE9As%2FMRru3rXTOYks6bP4QyiN1VUv1R6F%2F9lgMD1CowEXZME0hN8DC3C0ykbqYcjm%2BQTlafxcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 651a6bcf686b5369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461b5a000005369b7b28000000001

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 8ms
8ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6bcf284ad6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=651a6bcf284ad6b1
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6bcf686c5369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:56 GMT

GET
H3-29 200 transparent.gif
www.ko.tc/cdn-cgi/images/trace/jschal/nojs/ 42 B
222 B 8ms
8ms Image
image/gif 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ko.tc/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6bcf284ad6b1

Requested by

Host: www.ko.tc
URL: https://www.ko.tc/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=651a6bcf284ad6b1
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 04:00:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 15:38:00 GMT
server: cloudflare
etag: "609aa4d8-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 651a6bcf686d5369-FRA
vary: Accept-Encoding
content-length: 42
expires: Wed, 19 May 2021 06:00:56 GMT

POST
H3-29 200 f4e6f83eebe09c4 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/ 45 KB
27 KB 59ms
58ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/f4e6f83eebe09c4
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bcf284ad6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ae78914ea8423b9270742e2b7945ba04d99404e4d3e7e3186aac0ab3313df9

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 2186
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/f4e6f83eebe09c4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: f4e6f83eebe09c4
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: f4e6f83eebe09c4
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:56 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RKNMFrlf8i2IUmkHEqaDwpyt6ocCw%2Fox2BXorkK4lVcww%2BSHoC3FcjPzhgw9HaR%2FiTSSXQPmr6KAoFtjW7hmayVLF%2FDdLuaakEQDadRdZhQD79wRsy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_f4e6f83eebe09c4=6d35571ce2aa943;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6bcfe9445369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461b5f50000536979a7a000000001

POST
H3-29 200 f4e6f83eebe09c4 Show response
www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/ 2 KB
2 KB 95ms
94ms XHR
text/plain 2606:4700:3037::6815:55c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/f4e6f83eebe09c4
Requested by: Host: www.ko.tc
URL: https://www.ko.tc/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=651a6bcf284ad6b1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:55c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63314ce21233fdf03b619e73b7734c8291f1a915f3b8a06cb0553059634bcd05

Request headers

sec-fetch-mode: cors
origin: https://www.ko.tc
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_f4e6f83eebe09c4=6d35571ce2aa943; cf_chl_prog=a1
content-length: 17987
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.6618445361649151:1621395790:4853c3e32cb142fb00f216969f494b096befc113088ad19e96500c04b9fd6d66/651a6bcf284ad6b1/f4e6f83eebe09c4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.ko.tc
referer: https://www.ko.tc/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: f4e6f83eebe09c4
:method: POST
Referer: https://www.ko.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: f4e6f83eebe09c4
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 May 2021 04:00:57 GMT
content-encoding: br
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf_chl_out: TSEc6dYdk/bBHVE8bgHPWagidwIMdTf/3FQhw5K/RenP0H0mT8NbUTKIfR3Nu06W8zXgkdxnNpftpy49gjIPoS5AVMVFH5NKJYruI9Q29ptSpNChzyxSJLCQuxbFixHK/iIbrO1TkhE6CVfqI4r9dhQXQubKyjcE9WqguCMw3vuO4ILszW9Uronmnfgpe+YAuh9Ag7Sc5VUb5B0SS+eV16MqsM59mrw1qARBHjp/d+M8cA7duq3ng4QhijRCI3TL$t25LubWcPLhd9PqRuxgOfQ==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kkqaxa%2BjzXxrFH1iZRxviLZF3vDVEheXdcOYjlhBDUuBj2Po5vZieXYNtKlp7RL71mWei%2FWkZEAn4o3E97NOOhJ0o6xH4Tjz3jhm%2BT8i8Xrjt42fl9w%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_chl_seq_f4e6f83eebe09c4=;Expires=Tue, 18 May 2021 04:00:57 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 651a6bd61af15369-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2461b9d300005369beb52000000001

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ko.tc/	1970-01-19 18:23:20	Name: cf_chl_prog Value: F10

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.ko.tc
2606:4700:3037::6815:55c3
55b5aca55b28929133eebc18ff6cb96228ff9682fa777b04b512733e68034a63
55b6eeedaf5585bc00c75821bcac578840d4f46be2c26ff053ff96b0a0deb30f
55bfde343d0eb727945678e4dd775ae94c1056318d83c4862db437433c4bf857
5bd0e39f95c0afb91cc89b4bed610ad8cca2a6029bd3c57aa73fa9da3b99ce84
63314ce21233fdf03b619e73b7734c8291f1a915f3b8a06cb0553059634bcd05
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69ac4a01071ac54cd9c21b253ffde8ae48102e6bcf50146c0e8794cd3d134381
72af83611b6f9b80ff853bcac54556bbc2037d42e9df541de155bef580327ef9
87e7faf79f3d7b4a1bf7f05e945ac2c6234e7e83761985600c4bf60b9be7eb37
a7096d188f6fa530de2176b0b3b8f0e869cc01b97700b7af8130ba7324897fc2
b1a0f9b26fbebc7b06168c1b0c393367145822e290850dcfe10dee43c5daca6b
b8ae78914ea8423b9270742e2b7945ba04d99404e4d3e7e3186aac0ab3313df9
b9826d77d21c7e44364ea923b32883057a508b6ee7eac2e66d1866ae3dad9326
bd5e73fa0da3006481083314b11cc9e0960890e36f959d27e95df843dc9a00b3
c9a9937079bb228b193ff2120e64d7b5ee3ed82495a4375b7f6980070f9e276e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.ko.tc Open in urlscan Pro 2606:4700:3037::6815:55c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

161 kBTransfer

285 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.ko.tc Open in urlscan Pro
2606:4700:3037::6815:55c3 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

161 kB
Transfer

285 kB
Size

1
Cookies

18 HTTP transactions
3 data transactions