urlscan.io logo urlscan.io
SecurityTrails logo

kknews.cc Open in urlscan Pro
104.20.201.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kknews.cc/zh-tw/entertainment/qq3yvxr.html
Effective URL: https://kknews.cc/challenge.html
Submission: On February 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 104.20.201.9, located in United States and belongs to CLOUDFLARENET, US. The main domain is kknews.cc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 31st 2020. Valid for: 6 months.
This is the only time kknews.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.20.201.9 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 3
Apex Domain
Subdomains		 Transfer
3 kknews.cc
kknews.cc
3 KB
2 google.com
www.google.com
838 B
1 gstatic.com
www.gstatic.com
94 KB
5 3
Domain Requested by
3 kknews.cc 1 redirects kknews.cc
2 www.google.com kknews.cc
www.gstatic.com
1 www.gstatic.com www.google.com
5 3

This site contains no links.

Subject Issuer Validity Valid
ssl511185.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-31 -
2020-08-08		 6 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://kknews.cc/challenge.html
Frame ID: E805052543E9D1341E922B5689218189
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRG68UAAAAAMToh2v5n7aqfEyrhVD584F8JL20&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=invisible&cb=gqde0ym2onzz
Frame ID: 7CB3F7450B6C0306157A5706A0EFD7A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://kknews.cc/zh-tw/entertainment/qq3yvxr.html HTTP 302
    https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxN... Page URL
  2. https://kknews.cc/challenge.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

97 kB
Transfer

273 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kknews.cc/zh-tw/entertainment/qq3yvxr.html HTTP 302
    https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ-- Page URL
  2. https://kknews.cc/challenge.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://kknews.cc/zh-tw/entertainment/qq3yvxr.html HTTP 302
  • https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
challenge.html
kknews.cc/
Redirect Chain
  • https://kknews.cc/zh-tw/entertainment/qq3yvxr.html
  • https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.201.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a686fb8585de1e1b97a7b01056b345efb1fe53c7adf00837ab3dcc50b24689b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
kknews.cc
:scheme
https
:path
/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d1bb661ce79f197580d29e5cb933d61dc1582155310; B=0d5d5ac3-b135-407f-bba3-f4a78565b60f; language=zh-tw; app_session=iiudpojqmdt2232a1u2j2pe0r4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 19 Feb 2020 23:35:11 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
567c0e466e80d92d-AMS
content-encoding
br

Redirect headers

status
302
date
Wed, 19 Feb 2020 23:35:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1bb661ce79f197580d29e5cb933d61dc1582155310; expires=Fri, 20-Mar-20 23:35:10 GMT; path=/; domain=.kknews.cc; HttpOnly; SameSite=Lax B=0d5d5ac3-b135-407f-bba3-f4a78565b60f; Path=/; Expires=Tue, 19-Jan-2038 03:13:51 GMT language=zh-tw; path=/ app_session=iiudpojqmdt2232a1u2j2pe0r4; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
567c0e441990d92d-AMS
api.js
www.google.com/recaptcha/ 		766 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfRG68UAAAAAMToh2v5n7aqfEyrhVD584F8JL20&onload=captchaReady&hl=zh-tw
Requested by
Host: kknews.cc
URL: https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42a99701e8905db807d295351a9eceb4cf1b77ece2773898372e637ff26e758d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 19 Feb 2020 23:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
499
x-xss-protection
1; mode=block
expires
Wed, 19 Feb 2020 23:35:11 GMT
recaptcha__zh_tw.js
www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__zh_tw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfRG68UAAAAAMToh2v5n7aqfEyrhVD584F8JL20&onload=captchaReady&hl=zh-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c701a666c1892a6b3c89e615e0ff4af55a93eca4237c5217b4a571500d4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 18:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Feb 2020 05:05:57 GMT
server
sffe
age
104699
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
96578
x-xss-protection
0
expires
Wed, 17 Feb 2021 18:30:12 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7CB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRG68UAAAAAMToh2v5n7aqfEyrhVD584F8JL20&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=invisible&cb=gqde0ym2onzz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/recaptcha__zh_tw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hYb8BclSln4GYypxlnm8Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfRG68UAAAAAMToh2v5n7aqfEyrhVD584F8JL20&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=invisible&cb=gqde0ym2onzz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 19 Feb 2020 23:35:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-hYb8BclSln4GYypxlnm8Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9262
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Primary Request challenge.html
kknews.cc/ 		2 KB
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kknews.cc/challenge.html
Requested by
Host: kknews.cc
URL: https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.201.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694f2fe164c7f2902a481f043201d30bd00ceb67415653c02d224bbe4f60a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
POST
:authority
kknews.cc
:scheme
https
:path
/challenge.html
content-length
577
pragma
no-cache
cache-control
no-cache
origin
https://kknews.cc
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d1bb661ce79f197580d29e5cb933d61dc1582155310; B=0d5d5ac3-b135-407f-bba3-f4a78565b60f; language=zh-tw; app_session=iiudpojqmdt2232a1u2j2pe0r4
Origin
https://kknews.cc
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://kknews.cc/challenge.html?ctx=NzE1YjUwOTFiNzVkZTRhZjk0MGVmZDExODAzZDUxMzIyZGQ5ZGU1OFsxNTgyMTU1MzE1LjU0MTUzNiwiMTg1LjIxMC4yMTcuMTE2IiwiXC9lbnRlcnRhaW5tZW50XC9xcTN5dnhyLmh0bWwiXQ--

Response headers

status
200
date
Wed, 19 Feb 2020 23:35:12 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
567c0e4a9eb0d92d-AMS
content-encoding
br

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

4 Cookies

Domain/Path Name / Value
kknews.cc/ Name: app_session
Value: iiudpojqmdt2232a1u2j2pe0r4
kknews.cc/ Name: B
Value: 0d5d5ac3-b135-407f-bba3-f4a78565b60f
kknews.cc/ Name: language
Value: zh-tw
.kknews.cc/ Name: __cfduid
Value: d1bb661ce79f197580d29e5cb933d61dc1582155310

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN